CNIL and their fight against big tech
Hello and welcome back to our newsletter. Today we’re going to talk about CNIL and their fight with big tech companies in order to protect user’s privacy.
Who is CNIL?
CNIL, also known as Commission nationale de l’informatique et des libertes, is the French administrative regulatory body whose mission is to ensure that companies apply and adhere to data privacy laws.
What has CNIL done until now?
CNIL is on a mission to protect user’s privacy in France, and in 2021, they have ordered Clearview AI to stop the collection and use of data from people in France due to unlawful processing, and enable the French population to exercise their privacy rights to delete their personal information from Clearview’s database.
Recently, CNIL also fined Facebook and Google a total of 210 million euros for their use of cookie trackers. In CNIL statement, is said that Facebook and Google have failed to allow French users to easily reject cookie trackers on their platforms. The companies will also face a 100.000 euros daily penalty if they do not fix the issues within 3 months.
In December 2020, CNIL also fined Amazon (35 million euros) and Google (100 million euros) for cookie violations under the e-Privacy rules. Google was fined again by the agency another 50 million euros for breaking the GDPR law.
When did CNIL started going after big tech?
CNIL started receiving group complaints in 25th and 28th May 2018, days after the GDPR was implemented, and began looking into these complaints from 1st June 2018.
According to CNIL, they started going after Google in 2018, imposing them a financial penalty of 50 million euros.
What’s next?
CNIL has become a great example to follow by many countries around the world, and due to its investigations, has opened a lot of opportunities for regulators to start pursuing big tech organisations that fail to comply with privacy laws, or that fail to protect their user’s personal information.
What can you do?
As we’ve said many times, we are stronger together. If you have reason to believe that an organisation (of any type) has failed to comply with the privacy laws, or has failed to protect your data, or even processed your information for reasons other than those reasonable expected, you can get in touch with us to start an investigation, and change the way organisations treat our personal information.
It’s in our hands to change the world.