Today's cybersecurity headlines are brought to you by ThreatPerspective

Google and Shein Fined for Cookie Consent Violations: A Growing Concern for Data Protection

Google has been fined $379 million by a French regulator for violating cookie rules and failing to secure user consent. The fine follows other recent decisions by regulatory bodies around the world, highlighting the growing importance of data protection and consent in the digital age.

In a recent decision, the French data protection authority has fined Google and Chinese e-commerce giant Shein a total of $379 million for violating cookie rules. This move is part of a growing trend towards stricter regulations on data protection and consent in the digital age.

The National Commission on Informatics and Liberty (CNIL) stated that both companies set advertising cookies on users' browsers without securing their consent, which is a clear violation of the French Data Protection Act (Article 82). This means that the users were not provided with adequate information about the cookies being used for advertising purposes, nor did they have the option to opt out.

Shein has since updated its systems to comply with the regulation, but the company plans to appeal the decision. The French data protection authority is also seeking penalties of €100,000 per day if Google fails to bring its systems into compliance within six months.

This fine is not an isolated incident, as it follows other recent decisions by regulatory bodies in various countries. For instance, a US jury recently found Google to have violated users' privacy by collecting their data even after they opted out of Web & App Activity tracking. The decision resulted in $425 million in compensatory damages for the affected users.

In another related development, the US Federal Trade Commission (FTC) has announced that Disney has agreed to pay $10 million to settle allegations that it collected personal data from children watching YouTube videos without parental notification or consent. The proposed settlement also requires Disney to begin alerting parents before collecting personal data from children under 13 and obtaining their consent in accordance with the US Children's Online Privacy Protection Rule (COPPA).

Furthermore, the FTC is taking action against a China-based robot toy maker, Apitor Technology, over allegedly permitting a third-party called JPush to collect children's geolocation data without their knowledge and parental consent in violation of COPPA. The agency stated that after Android users download the Apitor app, it begins collecting and sharing users' precise location data with JPush's servers, unbeknownst to child users and their parents.

These recent decisions highlight the growing importance of data protection and consent in the digital age. Regulatory bodies around the world are increasingly taking a tough stance on companies that fail to comply with data protection regulations, emphasizing the need for transparency and user consent when it comes to online tracking and data collection.

As consumers become more aware of the risks associated with online tracking and data collection, they are demanding greater transparency and control over their personal data. This shift in consumer behavior is driving companies to revisit their privacy policies and update their systems to comply with evolving regulations.

Google's fine for cookie consent violations is a stark reminder of the consequences of failing to prioritize data protection and user consent. The company's failure to provide adequate information about cookies being used for advertising purposes, as well as its lack of transparency in tracking user activity, have led to significant penalties.

Shein's update to its systems may be seen as a step in the right direction, but it is essential for companies like Google and Shein to prioritize data protection and user consent. The consequences of failing to do so can be severe, including fines, reputational damage, and loss of customer trust.

The recent decisions by regulatory bodies around the world underscore the need for greater transparency and user consent in the digital age. Companies must take a proactive approach to prioritizing data protection and user consent, rather than relying on after-the-fact measures to comply with regulations.

In conclusion, Google's fine for cookie consent violations is a significant development in the growing trend towards stricter regulations on data protection and consent in the digital age. As consumers become more aware of the risks associated with online tracking and data collection, companies must prioritize transparency and user consent to avoid severe penalties and reputational damage.