Google intends to appeal €50 million European GDPR fine

Google was issued first massive fine imposed by breaking GDPR rules by French authorities.
Written by Charlie Osborne, Contributing Writer

After being awarded the largest European General Data Protection Regulation (GDPR) fine to date, Google took some time to mull over its options.

Now, Google has confirmed that the company will appeal the ruling.

The €50 million fine was imposed by French data protection authority CNIL. The watchdog came to the conclusion that Google was breaking GDPR rules in transparency and lacked a legal basis for processing user data in relation to advertising.

The French authority first examined the case after a number of privacy activists in the country filed a range of complaints against Google after GDPR came into effect on 25 May 2018.

At their core, the complaints revolved around the idea of "forced consent," in which Google implemented practices which allegedly railroad users into accepting data processing without fully understanding the implications.

See also: This is when Google Hangouts will close its doors

The European Union now demands that companies use specific and unambiguous language when informing users on how their information will be used. According to CNIL, however, the tech giant has a fondness for "generic and vague" terminology.

GDPR was developed in order to bring aging data protection laws made before the days of mobile technology, widespread Internet usage, and Big Data, into the modern era. Companies now face fines of €20 million or four percent of annual revenue if they flout the new regulations.

CNET: Google may break ad blockers with upcoming Chrome change

The €50 million could have run up into the billions if the French watchdog wished it, but considering the infringement, €50 million could be seen as a warning shot. However, Google is not willing to meekly accept the fine and move on; instead, the tech giant has decided to appeal the decision.

"We've worked hard to create a GDPR consent process for personalized ads that is as transparent and straightforward as possible, based on regulatory guidance and user experience testing," Google said in a statement. 'We're also concerned about the impact of this ruling on publishers, original content creators and tech companies in Europe and beyond. For all these reasons, we've now decided to appeal."

TechRepublic: How to use Google's Digital Wellbeing

Appeal notwithstanding, the threat of hefty fines for disregarding the EU's new data protection rules might make businesses re-examine their own data storage and usage practices.

According to IBM research, cutting down on data collection, storage, and sharing may help companies manage GDPR requirements and the new rules also have the potential to act as a catalyst for new business models and processes which take security and privacy more seriously. In a world full of cybercrime, this cannot be a bad thing. 

Our top choices for tech gifts

Previous and related coverage

Editorial standards