eDiscovery Daily Blog
We Finally Have Our First Big GDPR Fine: Data Privacy Trends
OK, we’ve been waiting for that first big fine for failing to comply with Europe’s General Data Protection Regulation and now we have one. So, guess who it was? OK, guess again. You can probably guess within three guesses.
As covered in Fortune (France Fines Google $57 Million For GDPR Violations, written by Emily Price), France’s data protection regulator, the Commission nationale de l’informatique et des libertés (CNIL), has issued a €50 million fine (about $56.8 million) fine to Google for failing to comply with GDPR. The fine marks the first time a major tech company has been penalized under the new privacy law.
As part of the regulation, companies are required to get a user’s “genuine consent” before collecting information about them. That consent needs to happen in the form of that user explicitly opting in to share their data. They also need to provide a way for users to delete that data.
Last week, Apple CEO Tim Cook penned an op-ed in Time where he suggested similar privacy laws be instated in the United States.
CNIL issued the fine because Google did not meet the country’s standards for providing information to consumers about how their data is being used, nor did it provide enough information about its data consent policies.
That fine of nearly $57 million is large, but not as large as it could be. With a maximum fine of 4% of a company’s annual global turnover and Google’s market capitalization standing at about $745 billion as of last night, the fine could have been as much as $29.8 billion. That considerably dwarfs the actual fine that Google received.
Thanks to Sharon Nelson and John Simek for the heads up during our podcast interview yesterday (more on that soon!) and to my boss, Brad Jenkins for the link to the Fortune article.
To all of the people who had Facebook in their office pools as the first company to receive a hefty GDPR fine, it’s time to pay up… :o)
So, what do you think? Is this just the beginning? Please share any comments you might have or if you’d like to know more about a particular topic.
Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.
Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.
CloudNine empowers legal, information technology, and business professionals with eDiscovery automation software and professional services that simplify litigation, investigations, and audits for law firms and corporations.