COUNTRY FOCUS: FRANCE
Rules for protecting data stepped up a gear when the EU
implemented the General Data Protection Regulation (GDPR)
last May. It was introduced to improve the way organisations
handled personal data and they were expected to comply
with these new rules or risk facing hefty fines. Here, we look
at how a French regulator is showing its teeth to ensure its
citizens’ privacy and data is protected.
/////////////////
French data protection
regulator issues Google
with €50 million fine
T
he General Data Protection
Regulation (GDPR) was implemented
in May 2018 and, at that time, data
regulation companies offered guidelines on
how to ensure personal data was protected
so that companies would be compliant with
the new rules.
On the day of the implementation, CNIL,
the French data regulator, released an article
offering support to public and private bodies
to help them understand the changes that
50
INTELLIGENTCIO
would take place and how to make the
transition in a methodical way.
Included in the article was a six-step
method which highlighted the necessary
measures organisations would need to
take to ensure GDPR compliance. The CNIL
took an early interest in GDPR and has
remained actively involved in ensuring it is
upheld. And the regulator showed its teeth
to the world when it issued Google with a
€50 million fine, citing the tech giant had
demonstrated a ‘lack of transparency’,
provided ‘unsatisfactory information’ and a
‘lack of valid consent for the personalisation
of advertisements’.
In its decision statement, the CNIL stated
that two associations, None Of Your Business
(NOYB) and La Quadrature du Net (LQDN),
had filed complaints against Google back
in May 2018. The associations criticised
Google for failing to have a valid legal basis
to process the personal data of the users
www.intelligentcio.com