CNIL
Latest
Apple fined $8.5 million in France over targeted App Store ads (updated)
Apple is facing a $8.5 million fine in France for allegedly gathering data for targeted App Store ads without permission.
French regulator fines Google and Facebook a combined $238 million over cookies
France's data regulator CNIL has fined Google €150 million ($170 million) and Meta/Facebook €60 million ($68 million) for violating EU privacy rules.
France gives WhatsApp a month to stop sharing data with Facebook
After the EU slapped it with a €110 million fine over unlawful WhatsApp data sharing, you'd think Facebook would be eager to comply with local privacy laws. But France says it has not cooperated with data protection authority CNIL, and could face another sanction if it doesn't get its act together within 30 days. The social network is still transferring Whatsapp data for "business intelligence," it claims, and the only way that users can opt out is by uninstalling the app.
European regulators push Facebook to tighten user privacy rules
Authorities in France and the Netherlands are the latest to speak out against the way Facebook handles the massive amounts of user data it collects. In separate announcements today, privacy watchdog groups in both countries said that Facebook did not give users enough control of their data, and that the company had collected information through third-party websites without users' consent.
France objects to Windows 10 user tracking
France's privacy regulator has stared into Windows 10 and feels that the software's doing a bit too much staring back. CNIL has issued a statement saying that the operating system collects too much data about its users. For instance, it explains that Microsoft tracks usage statistics to identify problems, including apps downloaded and time spent in each one. Which, sounds quite reasonable, since most of our days are spent working inside Chrome, Firefox or Edge. But since this information isn't necessary for the day-to-day operation of Windows 10, it's considered to be an infringement on people's privacy.
France fines Google for breaking 'right to be forgotten' law
Europe's "right to be forgotten" law is a boon to privacy, helping individuals hide embarrassing Facebook posts and other "out-of-date and irrelevant" results from search engines. However, many think it tramples on the public's right to know, as quite a few examples have shown. Everyone agrees that it's hard to enforce, thanks to the border-free nature of the internet. The law is about to get a new test, because France has slapped a €100,000 ($112,000) fine on Google over its refusal to fully remove results on sites outside the nation.
Google rejects France's demand for a global 'right to be forgotten'
When French regulator CNIL told Google it must apply "right to be forgotten" requests globally last month, it gave the company 15 days to comply or face further action. That deadline came and went without a whisper from the search giant, but it's taken another 34 days for it to muster a reply. In a blog post, Peter Fleischer, Global Privacy Counsel at Google, called CNIL's order "disproportionate and unnecessary," arguing that if it had obeyed its demand, France would essentially set the standard for internet regulation.
France tells Google: expand 'right to be forgotten' globally, or else
It's been a tough year for Google, especially after it was told it must delist search results as part of the so-called "right to be forgotten" ruling. In that time, the company has vetted each individual request, throwing more than half of them out, but also getting some of its decisions wrong. CNIL, the French privacy watchdog, also takes exception with Google's judgement, but is more worried that when it does carry out a delisting, links are only removed from Google results in Europe. The regulator today announced it's giving the search giant 15 days to make them apply globally or face sanctions.
France slaps Google with $204,000 fine for violating privacy laws
Google's run in with France's privacy regulator has come to a rather undignified end. After months of deliberation, the National Commission on Computing and Freedom (CNIL) today hit the search giant with a €150,000 ($204,000) fine for breaking the law with its unified privacy policy. According to the watchdog, Google didn't adequately inform users about its data collection processes, nor did it obtain consent or tell users how long cookies would be installed on their machine. It's significantly less than the €300,000 fine CNIL threatened in September, but the regulator will compound Google's misery by requesting it to display a notice on its Google.fr homepage for two days explaining the decision. It's the latest in a long line of privacy-related investigations against Google: six European countries have launched probes into its privacy policies, with Spain fining the company €900,000 ($1.2 million) just last month. Google has maintained its innocence throughout, but with penalties coming in thick and fast, it could be forced to amend its policies once more.
French agency may slap Google with a €300,000 fine for privacy violations
Google has once again found itself in the hot seat over its data practices, and this time, a French agency is sounding the alarm. Earlier today, France's National Commission on Computing and Freedom (CNIL) threatened Google with a €300,000 fine due to the company's lack of compliance with a June decision aimed at protecting users' private data. Previously, Google was given three months to address CNIL's concerns about centralized data collection that lumps together information from Youtube, Gmail and searches and transparency about how such data was put to use. Now, the clock is up, and France isn't fooling around. While formal sanctioning is a lengthy process that won't be resolved for several months, the country's stance is considered aggressive, even if the fine is relatively modest. Google, however, doesn't seem phased. Company spokesperson Al Verney said, "Our privacy policy respects European law and allows us to create simpler, more effective services."
EU regulators unsatisfied with Google's response to privacy policy concerns
European Union regulators weren't exactly content with Google after it rolled up most of its privacy policies into a monolithic document early last year, and it doesn't seem like that's about to change. After giving Page and Co. four months to respond to 12 recommendations regarding its new policy, French regulator CNIL has come to the conclusion that "Google did not provide any precise and effective answers." Though EU officials aren't happy with Mountain View's responses, Google says its policies respect European law and that it replied with steps to address the concerns by the January 8th deadline. Still, data protection regulators are committed to their investigation and are aiming to form a group before the summertime that would respond to the search titan.