Google Fined 50 Million Euros For Breach Of GDPR

 

It looks like there might be a lot of GDPR fines being handed out in the near future as the first major tech company has been penalised for breaching the rules and experts are warning that the case is just the tip of the iceberg.

France’s national data protection regulator (CNIL) has fined Google 50 million euros for breaching the EU’s General Data Protection Regulations rules.

This is the first time one of the tech giants has been fined for breaking these new data regulations that came into force last May.

CNIL found that Google had violated GDPR rules after receiving complaints from two privacy rights groups, ‘None Of Your Business’ (NOYB) and ‘La Quadrature du Net’ (LQDN).

CNIL said that Google had failed to provide enough information to users about its data consent policies and didn’t give them enough control over how their information is used.

Although this is the biggest GDPR fine to date, it isn’t the first, in October 2018 a local business in Austria was fined 4,800 euros for having a security camera that was filming a public place, then in November a German social media and chat service was fine 20,000 euros for storing social media passwords in plain text and last December a Portuguese hospital was fined 400,000 euros after its staff accessed patient records using fake accounts.

And while this is Google’s first GDPR fine, it’s not the first fine they have been issued for privacy violations having received its first back in 2011 for gathering data from private Wi-Fi networks while collecting Google Street View Imagery and again in 2014 for not being transparent enough about a privacy policy change.

Although 50 million euros may seem like a massive fine, in reality it is quite small in comparison to the maximum fine limits allowed by GDPR, which states that a company can be fined a maximum of 20 million euros or four percent of its annual global turnover (whichever is larger) for the more serious offenses. This means for companies like Google that could result in a fine of more than a few billion euros.

Responding to the fine a Google spokesperson said that “People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. We’re studying the decision to determine our next steps”.