The General Data Protection Regulation (GDPR), adopted on April 14, 2016, by the European Union’s institutions, started to apply on May 25, 2018.
The full effect and the reach of GDPR rules has been recently demonstrated in practice, as France imposed a monetary fine in the amount of EUR 50,000,000 on the multinational company Google for GDPR breach.
Such a decision by the French Data Protection Regulatory Authority is provoked by Google’s failure to enable its users an easy insight into the information on data collection for the purpose of ad personalization. Moreover, failing to adequately seek the users’ consent for ad personalization is another reason for penalizing Google.
For the aforementioned breaches, the French regulatory authority levied a monetary administrative fine in accordance with GDPR Article 83. In the event of GDPR breach, Article 83 provides for an administrative fine of up to EUR 20,000,000 or up to 4% of the total worldwide annual turnover of the preceding financial year of the offender, whichever is higher.