Wednesday, December 25, 2024

France Fines Google and Facebook €210m Over Misuse of Data

France’s Data privacy watchdog says websites make it difficult for users to refuse cookies

France’s data privacy watchdog has fined Google and Facebook a combined €210m (£176m) for hampering users’ ability to stop the companies tracking their online activity.

The Commission Nationale de l’Informatique et des Libertés (CNIL) said on Thursday it had fined Google a record €150m for making it difficult for internet users to refuse cookies – small text files that build up a profile of a person’s web activity for commercial purposes. It fined Facebook €60m for the same reason.

Internet users’ prior consent for the use of cookies is a key pillar of the EU’s data privacy regulation, and a top priority for the CNIL.

“When you accept cookies, it’s done in just one click,” said Karin Kiefer, CNIL’s head of data protection and sanctions. “Rejecting cookies should be as easy as accepting them.”

4000
Google Facebook

The watchdog said the facebook.com, google.fr and youtube.com websites did not allow the easy refusal of cookies. Citing the example of Facebook, it said: “Several clicks are required to refuse all cookies, as opposed to a single one to accept them.”

It said the companies had three months to comply with its orders, including making it easier for French users to decline cookies, or face extra penalty payments of €100,000 for every day of delay.

A Google spokesperson said: “People trust us to respect their right to privacy and keep them safe. We understand our responsibility to protect that trust and are committing to further changes and active work with the CNIL in light of this decision.”

A spokesperson for Facebook’s parent company, Meta, said: “​​We are reviewing the authority’s decision and remain committed to working with relevant authorities. Our cookie consent controls provide people with greater control over their data, including a new settings menu on Facebook and Instagram where people can revisit and manage their decisions at any time, and we continue to develop and improve these controls.”

Recommended:  Segway website hacked and infected with payment card skimmer

In 2020, the CNIL strengthened consent rights over ad trackers, saying websites operating in France should keep a register of internet users’ refusal to accept cookies for at least six months.

It also said internet users should be able to easily reconsider any initial agreement concerning cookies via a weblink or an icon that should be visible on all pages of a website.]

source

Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security