News

The CNIL strikes (relatively) hard

Endowed with new means of sanctions by the GDPR (General Data Protection Regulation), the CNIL (which is the French Data Protection Authority) goes on the offensive, following the steps of other independent Authorities, such as, in the financial sector, the ACPR (Prudential Supervisory Authority).

In a statement published on January 21st, the CNIL announced to have imposed  a fine of 50 million euros for Google, for numerous and durable violations of the regulations on protection of personal data.

An amount that is both exemplary (in the light of past practices), and symbolic (compared to Google’s net profits, not to mention the July 2018 sanction of 4.3 billion euros from the European Commission against the same Google, nor, in order not to geopolitize the debate, the sanctions ordinarily imposed by the American justice under various regulations of national interest).

Google will appeal the fine to the Conseil d’Etat.