France’s data protection regulator, CNIL, has issued Google a €50 million fine (around $56.8 million USD) for failing to comply with its GDPR obligations. This is the biggest GDPR fine yet to be issued by a European regulator and the first time one of the tech giants has been found to fall foul of the tough new regulations that came into force in May last year.
CNIL said that the fine was issued because Google failed to provide enough information to users about its data consent policies and didn’t give them enough control over how their information is used. According to the regulator, these violations are yet to have been rectified by the search giant. Under GDPR, companies are required to gain the user’s “genuine consent” before collecting their information, which means making consent an explicitly opt-in process that’s easy for people to withdraw.