France’s data protection watchdog, CNIL, has fined Yahoo 10 million euros (approximately $10.9 million) for violating user privacy by not respecting refusals of internet-tracking cookies. The fine, imposed in December, resulted from complaints and investigations conducted by CNIL in October 2020 and June 2021. The authority found that visitors to Yahoo.com who rejected cookies were still subjected to around 20 digital trackers for advertising purposes. Additionally, Yahoo Mail users attempting to withdraw cookie consent were warned of potential loss of access to messaging and other services.
The CNIL committee determined the fine by considering Yahoo’s failure to respect users’ choices regarding cookies and the implementation of measures to discourage them from withdrawing consent. This enforcement reflects the stricter regulations on obtaining user consent introduced by the EU’s General Data Protection Regulation (GDPR) since 2018. Internet companies, including Google, Meta, Amazon, Microsoft, Apple, and TikTok, have faced fines from France for various breaches, totaling nearly 400 million euros.
The violation by Yahoo highlights the ongoing challenges faced by tech companies in adhering to data protection regulations and obtaining clear and informed consent from users. With the GDPR in effect, authorities are actively penalizing companies for privacy infringements, signaling the importance of safeguarding user data and respecting their choices. The CNIL’s fine against Yahoo serves as a reminder to other internet companies to prioritize compliance with data protection laws and respect user privacy preferences, particularly in the context of cookies and tracking practices.
Reference:
