It has been rough weather for Google in France. Three weeks after the French Data Protection Authority imposed a record fine against Google for non-compliance with the GDPR, the Paris District Court (“Tribunal de Grande Instance”) invalidated 38 clauses of Google’s Privacy Policy and Terms of Use for Google+, the Internet-based social media network owned and operated by Google. This decision was rendered on February 12,… More
Tag Archives: Google
GDPR Alert: Google Gets Biggest Fine Ever Issued by a European Data Protection Authority
On 21 January 2019, the French Data Protection Authority (the “French DPA”) fined Google LLC 50 million euros for breach of the GDPR.
As we reported on this blog, just after GDPR became applicable, noyb.eu (None of Your Business), the non-profit privacy organization set up by Max Schrems, the Austrian lawyer who initiated the action against Facebook that led to the invalidation of the Safe Harbor,… More
Is the Right to be Forgotten National, European or Worldwide? The Advocate General Issues an Opinion in the Google Case
On January 10, 2019, Advocate General Szpunar issued his much awaited opinion in the Google case that was referred to the European Court of Justice by the French “Conseil d’Etat”, the highest administrative court of the country. The Conseil d’Etat basically asked the European Court of Justice to follow-up on its Google Spain decision: is the right to be forgotten –… More
Senator Warner’s White Paper Gives Congress Options for Regulating Social Media and Technology Companies
Senator Mark Warner of Virginia has released a white paper outlining policy proposals for regulating social media and technology companies. The paper has gained significance in recent weeks as pressure builds on Congress to pass federal data privacy legislation. In the wake of Europe’s GDPR and California’s Consumer Privacy Act, industry groups, tech companies, and privacy activists alike have urged Congress to act.… More
French Data Protection Authority Takes Stock After 4 Months of GDPR
Four months after the GDPR came into effect, the French Data Protection Authority (“CNIL“) published a first assessment with some impressive figures:
Schrems’ Privacy Organization Files First Complaints Based on GDPR
On Friday, May 25, the day when GDPR became effective, noyb.eu (None of Your Business), the non-profit privacy organization recently set up by Max Schrems, filed the first complaints based on GDPR.
Max Schrems is the Austrian privacy lawyer who had complained about the transfer of his data to the United States by Facebook: he argued that, in light of the Snowden revelations,… More
The Many Faces of Google’s Arts & Culture App (Except in Illinois and Texas)
Those of our readers who frequent social media may have noticed a newly-popular juxtaposition between selfies and art (or perhaps one should say between selfies and other forms of art)—a feature in the Google Arts & Culture app that matches a user’s selfie to a portrait in Google’s database.
But not every aspiring selfie artist can compare their work with that of the great painters of yesteryear. … More
Pokémon Go Catches More Than It Bargained For
The recently-released Pokémon Go has quickly emerged as a cultural phenomenon, with legions of players using their phones to “catch” Pokémon that emerge all around them, visible (thankfully) only to players. While catching Pokémon by phone is far less cumbersome than collecting boxes upon boxes of Pokémon cards, as some of us did in the early aughts, it does come with its own set of pitfalls. Specifically,… More
Cybersecurity News & Notes – July 5, 2016
In Case You Missed It: Ruling in FTC v. Amazon Suggests a Way Forward for Companies Responding to Actions Brought by the FTC after a Data Breach. The FTC’s recent actions in the realm of data security have been predicated on its claim of statutory authority to seek injunctive relief for the failure to maintain reasonable and appropriate data security practices. A U.S. District Court ruling last week casts some doubt on that authority. … More
Google and the Right to be Forgotten: The French Data Protection Authority Takes the Matter Further
On June 12, 2015 the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés – CNIL) issued a notice ordering Google to draw all the consequences of the CJEU May 13, 2014 ruling and to apply delisting not only to the national domain of the individual who requests delisting but on all of the search engine’s domains, including google.com (see our article The Right to be Forgotten: Another Scuffle between Google and The French Data Protection Authority | Security,… More