Google LLC – €50,000,000 Fine (France, 2019)
France's data protection authority fined Google €50 million for not being clear about how it collects user consent for cookies. This matters because it shows that companies must be transparent and straightforward when asking for permission to use personal data. Small business owners should ensure their cookie banners are clear and easy to understand.
What happened
Google was fined for unclear cookie information and misleading consent banners.
Who was affected
Users who created Google accounts on Android devices were affected.
What the authority found
The authority found that Google lacked a valid legal basis for processing personal data, violating GDPR's transparency and consent requirements.
Why this matters
This ruling emphasizes that companies must provide clear information and make it easy for users to reject cookies. Website operators should review their consent practices to avoid similar penalties.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
Entities Involved
The fine was imposed on the basis of complaints from the Austrian organisation 'None Of Your Business' and the French NGO 'La Quadrature du Net'. The complaints were filed on 25th and 28th of May 2018 - immediately after the GDPR became applicable. The complaints concerned the creation of a Google account during the configuration of a mobile phone using the Android operating system. The CNIL imposed a fine of 50 million euros for lack of transparency (Art. 5 GDPR), insufficient information (Art. 13 / 14 GDPR) and lack of legal basis (Art. 6 GDPR). The obtained consents had not been given 'specific' and not 'unambigous' (Art. 4 nr. 11 GDPR).
Violations (5)
Cookie banner does not provide a clear reject/refuse all button at the same level as the accept button.
Art. 7 GDPR
Refusing cookies requires more clicks or steps than accepting them, or the reject option is less visually prominent.
Art. 7 GDPR
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
The cookie banner or cookie policy provides vague, incomplete, or unclear information about what cookies are used and why.
Art. 12, 13 GDPR
The cookie banner uses misleading language to trick or pressure users into accepting cookies (dark patterns).
Art. 7 GDPR
Related Enforcement Actions (4)
Other enforcement actions involving Google LLC in FR
Fine
€50.0M
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
21 January 2019
Authority
Commission Nationale de l'Informatique et des Libertés
Fine Amount
€50,000,000
Enforcement Tracker ID
ETid-23
GDPRhub ID
gdprhub-1557About this data
Cite as: Cookie Fines. Google LLC - France (2019). Retrieved from cookiefines.eu
Last updated: