David Woods

+44 (0)1733 887793 dvwoods@greenwoodsgrm.co.uk

View full profile →

GDPR – Fines start to bite

Corporate and Commercial / 23 January 2019

Following a complaint that was made on the date the GDPR came into force, 25 May 2018, Google has been fined £44 million for breaches of the Regulation.

The fines were imposed by the French data regulator – but the outcome is likely to have been the same if the UK regulator, the ICO, had been involved.

The breaches related to Google’s collection of personal data which it used to personalise ads. There are reminders for us all in the reports of the decision of the regulator.

The regulator found that consent had not been properly obtained.  The option to personalise ads was pre-ticked when a user created an account.  The essential information about how the data would be used was spread across several different documents meaning that some five or six actions were needed on the part of the user to access that information.  This lack of transparency meant that users were not sufficiently informed about how Google collected data to personalise advertising.

The GDPR requires consent to be specific – given distinctly and affirmatively for each of the purposes for which the data will be processed.

The level of fine is related to Google’s turnover; but there is no doubt that the regulators are flexing their new powers under the GDPR.

Back to Our Thinking →

Get in touch with us

Interested in finding out more? Use this form to let us know how to contact you and what you’d like to know, and we’ll get back to you.

Alternatively, contact anyone listed on our website direct, they will be happy to hear from you.

  • This field is for validation purposes and should be left unchanged.