Last week, the French data protection regulator (CNIL) said it has fined Google and Meta-owned Facebook platform a combined €210 million for failing to comply with the country’s data protection act – specifically, for not giving users an easy way to reject tracking cookies.
The two fines were not issued under GDPR, but under an older EU e-Privacy directive also known as the “EU cookie law,” in effect for nearly two decades. The data protection regulator said it had received complaints from consumers who couldn’t refuse cookies on websites such as facebook.com, google.fr and youtube.com.
“An online investigation on these websites and found that, while they offer a button allowing immediate acceptance of cookies, the sites do not implement an equivalent solution (button or other) enabling the user to refuse the deposit of cookies equally easily,” the CNIL said.
“Several clicks are required to refuse all cookies, against a single one to accept them.
The restricted committee, the CNIL body in charge of issuing sanctions, judged that making the refusal mechanism more complex actually discourages users from refusing cookies and encourages them to opt for the ease of the “I accept” button.”
The privacy watchdog also ordered the companies to fix the issues within three months, or risk paying a penalty of €100,000 per day of delay.
“In addition to the administrative fine, the restricted committee also issued an injunction with periodic penalty payment requiring that the company provides Internet users located in France, within three months of the notification of the decision, with a means of refusing cookies that is as simple as the existing means of accepting them, in order to guarantee the freedom of their consent,” CNIL added.
Bitdefender VPN brings new privacy-focused features including an ad-blocker and anti-tracker that work on a system-wide basis to block disrupting ads and trackers on your device. The anti-tracking technology found in our updated VPN also brings a whitelist feature that allows you to exclude any trusted websites from the ad blocker and anti-tracker modules.