• 0115 824 8244
Logo Logo
  • Home
  • About us
  • Services
    • IT Support
    • IT Security
    • Teams Voice
  • Case Studies
  • News
  • Contact us

After Google was hit with €50m GDPR fine, what next ?

  • Home
  • Blog Details
January 25 2019
  • Cloud News
  • Security

When the General Data Protection Regulation (GDPR) was introduced last year, giving regulators the ability to levy big fines of up to four per cent of turnover for non-compliance, it was only going to be a matter of time before a company got caught out.

It is perhaps surprising, however, that one of the first to be fined under the legislation is search giant Google. French regulator CNIL has fined Google €50m (around £44 million) for failing to notify users about how their data is used.

What did Google do wrong?

The fine was levied for a number of different reasons. Firstly, Google has fallen foul of transparency rules because information as to how data is used to personalise adverts is spread across a number of documents and some of it is not ‘clear or comprehensive’ according to the regulator.

Secondly, Google didn’t obtain consent for delivering personalised ads in a valid way. User consent, according to the regulator, was not sufficiently informed because it was difficult to find the appropriate information across multiple documents.

In addition, among the options offered when creating a Google account, the advert personalisation box is pre-checked, something frowned upon under GDPR. The fine relates specifically to creating a Google account on Android.

CNIL says, “The amount decided, and the publicity of the fine are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent.” [1]

Google says it is ‘studying the decision’ before deciding how to respond.

More to come..

While this is the first major GDPR fine, it is unlikely to be the last. Indeed Swedish regulator Datainspektionen has revealed that it is launching an investigation into Google over the collection of location data relating to Android users.

The complaint says that Google uses design that is deceptive, information that is misleading and pushes repeatedly to persuade Android users to allow constant tracking of their movements via their device.

The regulator has sent a letter to Google asking for additional information and the answer to a number of questions by the 2nd of February. [2] Specifically, it wants to find out how many Swedish citizens have had their data captured and how much location data is gathered on each individual throughout the day. It also wants to know the legal basis for processing the data and why it’s being collected.

Streaming services have come under scrutiny too. Technology giant Amazon along with, Apple, Netflix and Spotify, are all facing complaints from privacy group noyb [3] that although they allow customers to download details of the personal information that is held, some of it is in a format that is not easily understood. Some of the streaming companies also failed to supply extra data such as details of other companies with which consumers’ data is shared.

Complaints have been filed by noyb with the Austrian data protection regulator which could result in fines being levied against the streaming services if they are upheld.

What does this mean for the rest of us?

It’s quite simply a brutal wake up call. Whilst it is easy to sit on the sidelines thinking this will never happen to me, it shows that GDPR has to be taken seriously regardless the size of your business.

While the investigations into Google and into the streaming services are focussed on privacy, it is likely that security will increasingly fall under the spotlight of the regulators too, especially the next time we see a major breach occur where personal data is leaked. Businesses must take security of their systems seriously and ensure that they protect their customers’ data.

With the majority of businesses using Microsoft in some shape or form, becoming GDPR compliant is easier than you think. Both Windows and the Office 365 suite of products have a host of features that make it easy to discover, manage, protect and report on data that you hold and process.

Cloudworks are a Microsoft Gold Partner and experts in cloud security and upgrading businesses from legacy systems to the latest Microsoft products. We have supported numerous companies with just 10 users to over 30,000 users on using Microsoft cloud products and security. If you’d like to know more – please call us on 0115 824 8244 or email us at hello@cloudworks.co.uk

[1] https://www.cnil.fr/en/cnils-restricted-committee-imposes-financial-penalty-50-million-euros-against-google-llc

[2] https://www.datainspektionen.se/globalassets/dokument/ovrigt/google—request-for-reply-and-further-clarification—skrivelse-till-tillsynsobjekt.pdf

[3] https://noyb.eu/access_streaming/

Previous Post Next Post

Recent Posts

  • Protecting your central networks and data as everyone goes mobile
  • Mobile devices still crucial to businesses despite the known security risks
  • Millions of LinkedIn accounts leaked
  • Most employees do not consider security issues when WFH
  • Credential theft attacks are soaring

Archives

  • July 2021
  • June 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • November 2017

Categories

  • Cloud News
  • E-Mail Protection
  • IT Support News
  • Security
  • SharePoint Development
Logo

Microsoft Partner Nottingam

Services

  • IT Support
  • Phone Systems
  • IT Security

Contact Info

We're available via email or on the number below.

  • Email: hello@cloudworks.co.uk
  • Contact: 0115 824 8244

© Copyright 2021. Cloudworks

  • Privacy Policy
  • Terms and Conditions
Go to mobile version