France Imposes €325 Million Fine on Google for Breaching Cookie Regulations

The French Data Protection Authority has fined Google €325 million ($378 million) for breaching cookie regulations and displaying advertisements in Gmail users’ emails without their consent. During investigations conducted between 2022 and 2023, the National Commission on Informatics and Liberty (CNIL) discovered that Google’s Gmail service displayed ads in the “Promotions” and “Social” tabs without obtaining user consent, violating Article L. 34-5 of the French Postal and Electronic Communications Code (CPCE). The fine was imposed because Google failed to inform new account users that they needed to allow the placement of cookies for advertising purposes to access its services, breaching the French Data Protection Act (Article 82).

The CNIL noted that the fines considered the significant number of affected users, with over 74 million accounts involved, and 53 million individuals having seen the ads illegally. The CNIL described Google’s actions as “negligent,” especially given that the company had previously faced fines of €100 million in 2020 and €150 million in 2021 for similar cookie-related breaches. In addition, Google had been fined €170 million in January 2022 for complicating the process of declining website tracking cookies. The CNIL remains vigilant regarding non-compliant practices, including the use of “cookie walls,” which require users to accept cookies to access services. On the same day, the CNIL also fined the Irish subsidiary of Chinese e-commerce platform Shein €150 million ($174 million) for failing to obtain user consent for cookies and providing inadequate information on cookie usage. 

Categories: Data Protection Violations, Cookie Regulations, Advertising Consent Issues 

Tags: Google, Fine, Cookies, CNIL, Consent, Gmail, Advertisements, Data Protection, Violations, Regulations