Facebook Ireland Limited – €60,000,000 Fine (France, 2021)

€60,000,000Commission Nationale de l'Informatique et des Libertés31 December 2021France
final
ePrivacy
Fine

Facebook Ireland Limited was fined EUR 60,000,000 by the French data protection authority for violating ePrivacy rules. The company improperly accessed or stored information on users' devices without consent. This case highlights the importance of respecting user privacy and obtaining proper consent for data processing.

What happened

Facebook Ireland Limited was fined for accessing or storing user information on devices without proper consent.

Who was affected

French users of the facebook.com website whose information was accessed or stored without consent.

What the authority found

The French data protection authority found that Facebook Ireland Limited violated ePrivacy rules by processing user data without consent.

Why this matters

This significant fine emphasizes the need for companies to comply with privacy laws and obtain user consent before processing data. It serves as a warning to other tech companies about the importance of respecting user privacy.

GDPR Articles Cited

AI-verified

Art. 82 Loi Informatique et Libertés GDPR
View original scraped data
Art. 82 Loi Informatique et Libertés

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Article 82 Loi "Informatique et Libertés"
Source verified 4 March 2026
articles corrected
national law identified
verified correct
France enforcementCommission Nationale de l'Informatique et des Libertés actionsAll Facebook Ireland Limited actions
Full Legal Summary
Detailed

The CNIL found that Facebook made it more difficult for users to reject cookies than to accept them, violating consent requirements.

Violations (2)

No Reject Button
critical

Cookie banner does not provide a clear reject/refuse all button at the same level as the accept button.

Art. 7 GDPR

Reject Harder Than Accept
critical

Refusing cookies requires more clicks or steps than accepting them, or the reject option is less visually prominent.

Art. 7 GDPR

Related Enforcement Actions (0)

No other enforcement actions found for Facebook Ireland Limited in FR

This is the only recorded action for this entity in this jurisdiction.

Similar Cases

Enforcement actions with similar violations

IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA UNIPERSONAL

2020 · Agencia Española de Protección de Datos

€30K

Radio Popular S.A.

2021 · Agencia Española de Protección de Datos

€1K

D.A.A.A

2019 · Agencia Española de Protección de Datos

€18K

CNIL

2019 · Court of Justice of the European Union

ANSPDCP

2025 · Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Details

Fine Date

31 December 2021

Authority

Commission Nationale de l'Informatique et des Libertés

Fine Amount

€60,000,000

GDPRhub ID

gdprhub-4505

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified
Cookie relevance: 100%

Cite as: Cookie Fines. Facebook Ireland Limited - France (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: