Amazon and Google fined £122m for "insufficient" cookie consent

The CNIL gives both firms three-month ultimatum to make changes or face further daily fines

A hand using the Google search bar on a tablet computer

Tech giants Amazon and Google have both been fined by the French privacy regulator over the way the companies use cookies on their services. 

The Commission nationale de l'informatique et des libertés (CNIL) has imposed two penalties on Google that amount to €100 million (£90m), and one on Amazon for €35 million (£32m). 

Both firms were also given a three-month ultimatum to make changes to the way they notify users about cookies or face additional daily fines of €100,000-plus.

According to CNIL's investigations, Google didn't provide enough information to users in France about why and how cookies are used and Amazon was fined for placing cookies on people's computers without their consent.

"On 16 March 2020, the CNIL conducted an online investigation on the website google.fr and found that when a user visited this website, cookies were automatically placed on his or her computer, without any action required on his or her part," the regulator said. "Several of these cookies were used for advertising purposes."

In a statement, Google said it stood by its record of providing upfront information, clear controls, strong internal data governance, secure infrastructure and helpful products.

"Today's decision under French ePrivacy laws overlooks these efforts and doesn't account for the fact that French rules and regulatory guidance are uncertain and constantly evolving," a Google spokesperson said. "We will continue to engage with the CNIL as we make ongoing improvements to better understand its concerns."

Amazon also disagreed with CNIL's findings, which said that French users who clicked on an adverts risked being exposed to privacy violations because cookies were instantly deployed without any information given. 

"We continuously update our privacy practices to ensure that we meet the evolving needs and expectations of customers and regulators and fully comply with all applicable laws in every country in which we operate," an Amazon spokesperson said in a statement.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Misconfigured Git servers lead to Nissan data leak
hacking

Misconfigured Git servers lead to Nissan data leak

7 Jan 2021
BackupAssist teams with Wasabi to offer cheaper backup for businesses
backup

BackupAssist teams with Wasabi to offer cheaper backup for businesses

6 Jan 2021
Data: A resource much too valuable to leave unprotected
Whitepaper

Data: A resource much too valuable to leave unprotected

2 Dec 2020
Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020

Most Popular

School laptops sent by government arrive loaded with malware
malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021