Google Fined By French Privacy Regulator 55
Posted
by
Unknown Lamer
from the clause-37c-google-owns-your-firstborn dept.
from the clause-37c-google-owns-your-firstborn dept.
First time accepted submitter L-One-L-One writes "Following similar decisions in Spain and the Netherlands, Google was fined 150,000 euros by the French Data Protection authority today for breaching data protection legislation. This sanction follows a long inquiry triggered by Google's decision to change its privacy policy in March 2012. The authority notably considers that the new policy 'does not sufficiently inform its users of the conditions in which their personal data are processed, nor of the purposes of this processing,' and that Google combines 'all the data it collects about its users across all of its services without any legal basis.' While the fine may be barely noticeable for Google, the authority requires the search giant to publish this decision on Google's French homepage, google.fr for 48 hours within the next 8 days."
Re:seems like a weird sanction (Score:5, Informative)
They were ordered in June to comply with the French Data Protection Act within three months. Specifically, to:
* Define specified and explicit purposes to allow users to understand practically the processing of their personal data;
* Inform users by application of the provisions of Article 32 of the French Data Protection Act, in particular with regard to the purposes pursued by the controller of the processing implemented;
* Define retention periods for the personal data processed that do not exceed the period necessary for the purposes for which they are collected;
* Not proceed, without legal basis, with the potentially unlimited combination of users’ data;
* Fairly collect and process passive users’ data, in particular with regard to data collected using the “Doubleclick” and “Analytics” cookies, “+1” buttons or any other Google service available on the visited page;
* Inform users and then obtain their consent in particular before storing cookies in their terminal.
Source [www.cnil.fr]
Re:seems like a weird sanction (Score:4, Informative)
They can also impose up to 300 000 € fines in case of second offenses, so I as I understand it, Google could be fined again if they keep the offending policy. This would require a new deliberation of the CNIL. They just cannot impose a fine per day of non-compliance like a court would.
Re:seems like a weird sanction (Score:2, Informative)
I can name you hundreds of sites. This is a law in the Netherlands also, and every Dutch site asks for your permission. Want to try one: www.volkskrant.nl (a Dutch newepaper). Isn't it great when your government actually cares about your privacy.