The Cnil condemns Google to 150,000 euros fine for its privacy policy

by bold-lichterman

BRIEF – The National Commission for Informatics and Liberties has condemned Google to a fine of 150,000 euros, ie the maximum possible for this administrative authority, for non-compliance with the Data Protection Act. This conviction is accompanied by the obligation to publish a press release on its site, for a period of 48 hours, within eight days at the latest following this decision.

In question ? The merger of the rules of confidentiality between the various services offered by the group (Gmail, YouTube, Google Maps, Google Drive, Google Docs…) which took place two years ago would not respect several points of the famous law. More precisely, “the company does not sufficiently inform its users of the conditions and purposes of processing their personal data. […] Consequently, they are not in a position to exercise their rights, in particular of access, opposition or erasure ”.

The regrouping of the various confidentiality policies also allows the giant of Mountain View to cross-check the private data of the users on each of the services in order to propose more targeted advertisements. Finally, it “authorizes itself, without a legal basis, to combine all the data it collects on users through all of its services” specifies the CNIL.

The G29, the group of European CNILs, had already carried out an investigation and considered that Google’s privacy policy “did not comply with the European legal framework. […] As the company Google Inc. did not respond effectively to these, six European authorities have initiated repressive proceedings against it, each with regard to it ”. To be continued.