Google falls foul of General Data Protection Regulation

Google has been issued with a hefty fine of £50 million by French regulators for General Data Protection Regulation (GDPR) violations, the highest the GDPR fine to date!

If you are a business that processes a lot of client information, you should have already made contact with your clients to invite them to ‘opt into’ receiving emailed correspondence from you, with the deadline for implementation for the new regulations being May last year. Not only must individuals have the right to access their personal data, as and when requested, you must provide them with the reasons behind why you are processing their data, your retention periods for that personal data and who it will be shared with.

Google were found to be in breach of the regulations, by not “sufficiently informing” their customers about how Google collected and processed their data to personalise advertising. The French regulators, the CNIL, stated that the lack of transparency and valid consent amounted to such a serious breach that justified the fine falling into the higher tier. This case demonstrates that the GDPR should not be taken lightly and also the importance of ensuring that your business has adequate reporting procedures in place.

Not only does the fine against Google highlight the repercussions of failing to adhere to the GDPR, it can be costly for all parties involved and reinforces the continued expectations required under the regulations.

If you require any legal advice on the GDPR and what this means for your business, then please do not hesitate to contact our Commercial Services Department who have a breadth of knowledge and expertise in the area.