France’s data regulator, CNIL, has fined Google £44 million (50 million euros) for a lack of transparency over collecting data to personalise ads for users. This is a record fine resulting from complaints brought by two privacy rights groups, noyb and La Quadrature du Net. So what else do we know about this Google GDPR fine?
- The official reason given by CNIL for the fine was a “lack of transparency, inadequate information and lack of valid consent regarding ads personalisation”. In short, people were “not sufficiently informed” about how their data was being collected.
- The key thing here is that Google was not obtaining clear consent for the gathering of this data. “The relevant information is accessible after several steps only,” stated CNIL. “Users are not able to fully understand the extent of the processing operations carried out by Google.”
- In addition to this, Google did not have a valid legal basis for gathering this data. In effect, not only was the process by which they were collecting users data insufficiently clear, they were also unjustified in doing so.
- The first complaint was filed as soon as GDPR came into effect on 25 May 2018. Google’s preparations for the new data protection laws were clearly insufficient as they were found to be in breach of them.
- Google is now considering its next steps after the decision from CNIL. However, it’s likely that any actions taken now will be too late – measures should have been taken before GDPR came into effect, not after.
This Google GDPR fine ought to be a big wake-up call to corporations that handle user data. As we’re reported, Facebook has suffered numerous data breaches both before and after GDPR was brought into force; what penalties it might suffer have yet to be seen.
For more information on the Google GDPR fine and its ramifications, see the full story by clicking here.
If you’d like to ensure that your business or organisation is GDPR compliant, contact Activa Consulting today. Our GDPR Gap Analysis will help you to prevent data breaches, and therefore avoid costly fines and penalties.
Is your smartphone listening to your conversations? I’ve had a lot of creepy experiences lately, where a verbal conversation I’ve had with someone is suddenly being reflected in the adverts being served up to me by my Android smartphone. For example, someone asked me about who Help For Heroes were, so I explained it – and then what was the very next advert to show up on my phone, after never being considered or searched for before using that device or any other?
Mental health support for ex-servicemen. Just one of many. So I started digging to find out more about how this is happening – and whether anyone genuinely has the rights to listen in to my conversations.
As it turns out, it’s not a conspiracy theory. It’s been discovered that your smartphone really is listening in and collecting data about you. Hundreds of smartphone apps are using a technology from a company called Alphonso, which accesses a phone’s microphone to collect advertising data.
Alphonso’s software seems to be particularly focused on a user’s TV-watching habits. It listens in on the phone’s local environment, and receives audio samples which it compares to commercial content. If a match is found, it will then attempt to deliver targeted ads for that same content to your phone.
Did these apps genuinely get our specific, informed, granular consent to do this? And is this consent retractable? If not, then it would appear that this kind of data collection doesn’t conform to GDPR.
If you want to prevent your smartphone listening to your conversations, there are several things you can do to safeguard your data. Most crucially, you need to control permissions for your smartphone’s microphone:
- For iOS, go to Settings -> Privacy -> Microphone
- For Android, go to Settings -> Apps -> App Permissions
So I changed the permissions of which apps could use my phone’s microphone. Now the ads I see are stuck in a timewarp – still trying to flog the same things they were a month ago. So, you win some… you lose some!
Want to find out more about GDPR and data protection? Click here for all the information you need…