Site icon TechNewsBoy.com

France Fines Google, Facebook for Privacy Violations

A French regulator fined

Alphabet Inc.’s

Google $169 million and Meta Platforms Inc.’s

Facebook

$67 million, saying the companies made it too difficult for users to reject cookies, the identifiers used to track their data.

Facebook and Google required several steps to reject cookies used to track their data on YouTube, Facebook and Google, leading users to accept the technology because doing so required just one click, said France’s data-protection regulator, the CNIL. The regulator gave the companies three months to create a solution for rejecting cookies that is as simple as the button to accept them.

The penalties are the latest salvo from European regulators against big tech companies. In September, Ireland’s privacy authority fined Meta’s WhatsApp chat service 225 million euros, equivalent to about $266 million at the time, for failing to inform users about how it handles their data. In 2019, the French regulator fined Google €50 million, or about $57 million at the time, for failing to obtain sufficient consent from individuals for collecting data used to target ads.

Meta is reviewing CNIL’s decision and remains committed to working with regulators, a representative said, adding, “Our cookie consent controls provide people with greater control over their data, including a new settings menu on Facebook and Instagram where people can revisit and manage their decisions at any time, and we continue to develop and improve these controls.”

A representative for Google didn’t immediately respond to a request for comment.

Some of the fines by European regulators, including the penalty against WhatsApp, were issued under the European Union’s 2018 General Data Protection Regulation.

France’s CNIL used the ePrivacy directive to fine Google and Facebook.



Photo:

Berzane Nasser/Zuma Press

But the French watchdog used an older EU law, known as the ePrivacy directive, to fine Google and Facebook, allowing the regulator to avoid negotiating with its counterparts in other countries.

Under the ePrivacy rules, in effect since 2002, a regulator in one of the 27 EU countries can fine any company that does business in its jurisdiction. Under the GDPR, a regulator can fine only companies that have their European headquarters in that country.

If a GDPR case affects people in more than one EU nation, the regulator overseeing it must submit a draft decision to their counterparts in other countries. If other regulators raise objections to the penalty, they can trigger a dispute-resolution process, giving them more time to deliberate.

The Irish data-protection commissioner oversees Alphabet, Meta and other tech giants because those companies’ European headquarters are in Ireland. The Irish watchdog has faced criticism from activists and other European privacy regulators for the length of its investigations.

By choosing to fine Google and Facebook under the ePrivacy law, the French regulator avoided the frustrations of the GDPR’s power-sharing system, said

Rafi Azim-Khan,

partner and head of the data-privacy practice in the London office of law firm Pillsbury Winthrop Shaw Pittman LLP.

More From WSJ Pro Cybersecurity

Tensions among regulators over how to enforce the bloc’s privacy rules have grown in recent months. Some regulators and privacy experts have called for changes to the EU’s regulatory system that would allow national officials to more easily intervene in each others’ investigations. Before the Irish regulator publicly disclosed its fine against WhatsApp in September, the decision was held up for several months while officials from the 27 EU countries resolved a dispute about the violation.

France’s CNIL used the ePrivacy rules in 2020 to fine Google €100 million and

Amazon.com Inc.

€35 million for collecting data from advertising trackers without asking users’ consent and without explaining how website cookies worked.

The most recent fines against Google and Facebook are a wake-up call to businesses that use cookies to track users’ web-browsing activity, Mr. Azim-Khan said. Many companies have used cookies and pop-up banners that don’t appear to comply with regulators’ strict requirements or use unclear language explaining how they collect data, he said. European regulators have warned companies for months that they would enforce rules requiring they obtain consent to use cookies.

Regulators’ intensified focus on how companies collect user information from website traffic could force some businesses to re-evaluate how they use data. “If you’re going into a situation where it’s going to be more difficult to do that, that may have a ripple effect on the business,” he said.

Write to Catherine Stupp at Catherine.Stupp@wsj.com

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version