Monday, January 24

Privacy: heavy fines imposed in France on Google and Facebook for their “cookies”

The CNIL, guardian of the privacy of the French, imposed heavy fines of 150 and 60 million euros respectively on Google and Facebook for their practices in terms of “cookies”, these digital tracers used in particular for targeted advertising.

The amount of the fine imposed on Google is a record in all categories for the sanctions imposed by the Commission Informatique et Libertés (Cnil), in front of a previous fine of 100 million euros to Google in December 2020, already on the subject of cookies.

“The CNIL has found that the, and sites do not allow” to refuse cookies “as simply” as to accept them, she indicated.

The two platforms have three months to comply, failing which “the companies will each have to pay a fine of 100,000 euros per day of delay”, she added.

Cookies are small computer files installed by websites on the terminals of their visitors, for technical or targeted advertising purposes.

In particular, they allow the agencies to track the user’s navigation, in order to be able to send him personalized advertising in connection with his areas of interest. They are regularly denounced for the breaches of privacy that they may cause.

In a reaction sent to AFP, Google announced a change in its practices, following the Cnil’s decision. “While respecting the expectations of Internet users, (…) we are committed to implementing new changes, as well as to working actively with the CNIL in response to its decision, within the framework of the directive (European editor’s note) ePrivacy “, assured the American giant.

Meta, Facebook’s parent company, said for its part that it was “evaluating the decision” of the CNIL, and that it “would continue to work with the regulatory authorities” on these subjects. “We are continuing to develop and improve the tools for controlling cookies” for Internet users, the group continued.

– Consent of Internet users –

Since the entry into force of the European regulation on personal data (RFPD) in 2018, websites are required to comply with stricter rules to obtain the consent of Internet users before placing their cookies.

The Cnil had given until April 2021 to the editors of the sites to adapt to this hardening and warned that it would begin to sanction after this deadline.

In July, Le Figaro was the first to pay the price for this increased rigor, being fined 50,000 euros for cookies placed by partners of the newspaper, “without action” on the part of the Internet user or ” despite his refusal “.

The CNIL recently indicated that it had sent around 90 formal notices to website editors since the end of its tolerance period.

In the case of the sanctions imposed on Google and Facebook, the CNIL calls into question the contrast between the ease with which the Internet user accepts cookies and the difficulty of refusing them.

“The, and websites offer a button to immediately accept cookies,” explained the Cnil. On the other hand, “several clicks are necessary to refuse all cookies”, she denounced. This process “violates the freedom of consent”, she stressed.

To add to the confusion, the button added by Facebook to refuse trackers is even called “Accept cookies”, she noted.

In general, the CNIL recommends that on the consent collection banners, the “Refuse all” button be as easy to access as “Accept all”.

In 2020, the CNIL imposed sanctions of 100 and 35 million euros respectively on Google and Amazon on cookies, based on principles that predate the European regulation on personal data. In particular, it considered that the information given to Internet users by the two platforms on their cookies was not “sufficiently clear”.

Leave a Reply

Your email address will not be published. Required fields are marked *