The internet majors have been fined by the French regulator for not making refusing cookies as easy as to accept them
French data privacy watchdog Commission Nationale de l’Informatique et des Libertés (CNIL) has fined internet majors Google and Facebook a combined amount of €210m for cookie breaches.
Its restricted committee, which is responsible for issuing sanctions, has imposed fines of €90m on Google and €60m on Google Ireland. Facebook Ireland has been issued a fine of €60m by the regulatory body.
According to the restricted committee, Facebook’s website, Google’s French website and Youtube offer a button to allow users to immediately accept cookies. However, no equivalent solution is provided for easily refusing the deposit of the cookies in the systems or devices of users.
Furthermore, a number of clicks are needed to refuse all cookies compared to only a single click to accept them, said CNIL.
The data privacy watchdog stated: “The restricted committee considered that this process affects the freedom of consent: since, on the Internet, the user expects to be able to quickly consult a website, the fact that they cannot refuse the cookies as easily as they can accept them influences their choice in favour of consent.
“This constitutes an infringement of Article 82 of the French Data Protection Act.”
Apart from the fines, the CNIL committee ordered the internet majors to provide users located in France with a solution for refusing cookies as easily as the one available for accepting them. The regulatory body said that this will ensure the freedom of consent of the users, while giving a time of three months to the firms to implement the solution.
In the event of Facebook or Google failing to comply with the order, then they will be penalised €100,000 per day of delay, said CNIL.
Last year, Google was fined €500m by French competition authority Autorité de la concurrence over a news copyright row.