December 10—The Commission nationale de l’informatique et des libertés (CNIL), France’s data regulator, announced it is fining Google and Amazon $163.6 million. The CNIL took action against the American Big Tech giants for violating local laws regarding their lack of browser cookie disclosures.
The organization also pledged to issue additional fines against both companies if they fail to update their consumer notification policies within three months.
Why the French Data Authority Fined Google and Amazon
The CNIL hit Google and Amazon with massive financial penalties because of their advertising methodologies.
The two corporations utilize cookies to track the online activity of people that visit their domains. Both firms have generated billions of dollars in revenue by collecting and collating that user data. Google uses online personal info to sell advertisements while Amazon utilizes its cookies to optimize its sales efforts.
France does not object to the practice, but its Data Protection Act mandates that companies must tell users if their website automatically downloads cookies to their devices. The CNIL determined Google and Amazon violated the law by not making the proper disclosures on their French web portals. The organization issued large monetary sanctions to punish the multinational technology businesses and incentivize them to change their operations.
The CNIL’s $124 Million Google Sanction
The CNIL asserts Google deposited cookies onto the systems of visitors of its French without their consent.
The agency states the corporation placed a banner on its landing page regarding its policies but did not mention that its advertising cookies download automatically. The agency estimates the firm’s lack of adequate disclosures could have affected up to 50 million people, so it slapped the search company with €100 million ($124.2 million) in penalties.
In addition, the CNIL has given Google 90 days to bring its French site into compliance with the region’s data laws. After that, the organization will fine the conglomerate €100,000 each day it violates the republic’s statutes.
In a public statement, Google pushed back against the substance of the CNIL’s findings.
The Alphabet subsidiary argued it has a long history of “providing upfront information” and “strong internal data governance.” It also called France’s data laws ambiguous and rapidly evolving but said it would work with the CNIL to improve its services.
Why the French Data Regulator Fined Amazon $42 Million
The CNIL hit Amazon with a €35 million ($42.2 million) sanction for violating France’s Data Protection Act. The organization asserts the e-commerce giant downloaded browser cookies onto connected devices of millions of French residents without consent. The watchdog is also penalizing the online retailer for withholding important information from Amazon.fr users.
In a press release, the CNIL said Amazon put a banner on its site letting consumers know about its cookies. But the agency alleges the retailer’s disclosure did not spell out the purpose of its advertising tracking software. It holds states the corporation failed to notify users that they could opt-out of having their web browsing monitored.
The e-commerce corporation offered a muted response to the French regulator’s sanctions. The firm issued a public statement stressing that it has always made consumer privacy a “top priority.” It further said it strives to meet the expectations of the customers and authorities in the various regions in which it operates. However, Amazon did not directly rebuke the changes made by the CNIL.