Alphabet Inc.’s Google was slapped with a record French fine of 150 million euros ($170 million, R2.7 billion) by the nation’s privacy watchdog, together with a 60 million-euro (R1 billion) fine for Meta Platforms Inc.’s Facebook, over the way the companies manage cookies.
CNIL, France’s data protection authority, on Thursday issued the companies with a three-month ultimatum “to provide internet users located in France with a means of refusing cookies as simple as the existing means of accepting them, in order to guarantee their freedom of consent.”
Failing to do so will come with the risk of an additional daily fine of 100,000 euros (R1.8 million), CNIL said in the statement.
The latest penalties follow probes by the watchdog looking at companies’ compliance with new rules on cookies, which are tracking devices that are placed on people’s computers.
The watchdog in 2020 fined Google 100 million euros and online shopping giant Amazon.com Inc. 35 million euros for placing such cookies on people’s computers without their consent.
EU data protection regulators’ powers have increased significantly since the bloc’s so-called General Data Protection Regulation, or GDPR, took effect in May 2018. The law allows watchdogs for the first time to levy penalties of as much as 4% of a company’s annual global sales.
Google said in a statement that “people trust us to respect their right to privacy and keep them safe” and that the company understands its “responsibility to protect that trust and are committing to further changes and active work with the CNIL in light of this decision under the” European Union’s e-privacy rules.
Facebook said it’s reviewing the authority’s decision.
“Our cookie consent controls provide people with greater control over their data, including a new settings menu on Facebook and Instagram where people can revisit and manage their decisions at any time, and we continue to develop and improve these controls,” the social media company said.