- Thread starter
- Staff
- #1
Dadparvar
Staff member
- Nov 11, 2016
- 10,601
- 0
- 6
A restricted committee of France’s National Commission for Information and Liberty (CNIL) held Google and Facebook Ireland, the headquarters for Facebook’s activities in Europe, liable in separate judgments Thursday for violating the French Data Protection Act (DPA) since the processes by which users can reject cookies on these sites is significantly more complex than that for accepting cookies.
Under Article 82 of the DPA, any action through which an electronic communication service accesses or enters information in a user’s terminal equipment (such as the storage of cookies) requires the user’s consent. The user must be “clearly and fully informed” of both the purpose of any such action and the means to oppose it. Under Article 4 of the European Union’s General Data Protection Regulation (GDPR), consent must be specific and manifested as a positive act. Recital 42 of the GDPR explains that consent is not free if the user is unable to “refuse or withdraw consent without suffering prejudice”.
CNIL noted that while a button to “accept all cookies” was readily provided in a pop-up on visiting Facebook (“facebook.com”), there was no such button to reject cookies. The process for rejecting cookies involved selecting “manage data parameters”, taking the user to a second window where she would have to leave two sliders for personalized advertisements disabled by default and again select “accept all cookies”. Similarly, on Google (“google.fr”) and its subsidiary YouTube (“youtube.com”), the process for rejecting cookies must select “personalize” on the first window instead of “I accept”, which leads to a second window for customization. The complicated and confusing process to reject cookies meant users could not truly exercise “free” choice. CNIL noted research showing 93% of Internet users do not go past the first window on cookie banners. It also referred to its 2020 recommendation to controllers to provide for acceptance and rejection with the “same degree of simplicity”.
Google and Facebook Ireland have been fined €150 million and €60 million respectively, given the millions of users affected and the considerable profits made by these companies by selling data from cookies to advertisers. CNIL also placed an injunctive penalty; the companies must make the means to reject cookies as easy as to accept them within three months or pay €100,000 for each day of delay.
The post France watchdog fines Google, Facebook €210M for cookie usage violating data protection laws appeared first on JURIST - News.
Continue reading...
Note: We don't have any responsibilities about this news. Its been posted here by Feed Reader and we had no controls and checking on it. And because News posted here will be deleted automatically after 21 days, threads are closed so that no one spend time to post and discuss here. You can always check the source and discuss in their site.
Under Article 82 of the DPA, any action through which an electronic communication service accesses or enters information in a user’s terminal equipment (such as the storage of cookies) requires the user’s consent. The user must be “clearly and fully informed” of both the purpose of any such action and the means to oppose it. Under Article 4 of the European Union’s General Data Protection Regulation (GDPR), consent must be specific and manifested as a positive act. Recital 42 of the GDPR explains that consent is not free if the user is unable to “refuse or withdraw consent without suffering prejudice”.
CNIL noted that while a button to “accept all cookies” was readily provided in a pop-up on visiting Facebook (“facebook.com”), there was no such button to reject cookies. The process for rejecting cookies involved selecting “manage data parameters”, taking the user to a second window where she would have to leave two sliders for personalized advertisements disabled by default and again select “accept all cookies”. Similarly, on Google (“google.fr”) and its subsidiary YouTube (“youtube.com”), the process for rejecting cookies must select “personalize” on the first window instead of “I accept”, which leads to a second window for customization. The complicated and confusing process to reject cookies meant users could not truly exercise “free” choice. CNIL noted research showing 93% of Internet users do not go past the first window on cookie banners. It also referred to its 2020 recommendation to controllers to provide for acceptance and rejection with the “same degree of simplicity”.
Google and Facebook Ireland have been fined €150 million and €60 million respectively, given the millions of users affected and the considerable profits made by these companies by selling data from cookies to advertisers. CNIL also placed an injunctive penalty; the companies must make the means to reject cookies as easy as to accept them within three months or pay €100,000 for each day of delay.
The post France watchdog fines Google, Facebook €210M for cookie usage violating data protection laws appeared first on JURIST - News.
Continue reading...
Note: We don't have any responsibilities about this news. Its been posted here by Feed Reader and we had no controls and checking on it. And because News posted here will be deleted automatically after 21 days, threads are closed so that no one spend time to post and discuss here. You can always check the source and discuss in their site.