The GDPR is in full force, and Google has stepped on the wrong side of it. The search-engine giant was slapped with a $56.8 million fine by a French regulator – the largest fine yet for anyone breaking the new European privacy law.
The breech? Apparently the regulator alleged Alphabet Inc.’s Google “didn’t go far enough in getting valid user consent to gather data for targeted advertising,” according to the Wall Street Journal.
Their actions were not “transparent or easily accessible”, according to the regulator. In fact, information on Google’s activities was “disseminated across several documents”, making it difficult for users to review.
In another GDPR no-no, options to personalize ads was “pre-ticked” when creating an account, which did not respect the GDPR rules. Pre-ticking goes against GDPR’s strict double opt-in requirement, which means users need to give active consent – twice – to receive marketing materials.
According to the BBC, the the regulator said it judged that people were “not sufficiently informed” about how Google collected data to personalize advertising.
In regards to the Google GDPR violation, the search-engine giant said it was “studying the decision” to determine its next steps.
While other tech giants such as Amazon, Apple, Netlflix, and Spotify have all been accused of not complying with GPDR, this is the biggest crack-down yet on high profile companies, showing nobody is safe when it comes to the GDPR’s hefty fines.
Not Just Google: How GDPR Could Affects You
Do you offer goods or services to people living in the European Union (EU), or collect any sort of private data on them? Then, just like Google, you need to comply with GDPR.
Whether you’re located in the EU or not, if you do not comply with GDPR, you could be fined up to 4% of your company’s yearly turnover, or up to €20 million, whichever is higher.