Identity Blog

Why Google Was Fined €50 Million for GDPR Violations

Google has been fined a record €50 million by a French regulator for failing to properly inform users how their data is being collected and used.

This fine is the largest to come from European legislation that went into effect in 2018. The European Union’s new privacy law, called the General Data Protection Regulation (GDPR), gives its citizens more control over their data and how companies use it.

Under the GDPR, all companies, including tech giants like Google, must give their users a full, clear picture of the data they collect. They must also ensure that they provide simple tools so that users can consent to having their personal information used. According to the French regulator, Google failed on both accounts.

The fine came after the regulator determined that Google didn’t present information about data processing purposes and data storage periods in the same place, and sometimes required users to make five or six clicks to obtain this information.

The regulator also found that Google hadn’t presented the information in a clear and comprehensive manner, saying that the company’s descriptions are “too generic and vague.” In addition, Google didn’t obtain valid user consent for personalized ads because of insufficient information, the commission said.

If you’re still behind on your GDPR compliance, make sure you don’t fall foul to crippling fines by following our 12 step guide to getting GDPR compliance. If you’re up-to-date on your compliance, great news! Learn more about how GDPR is an opportunity for companies to provide a better user experience for their customers.

Related Posts