Microsoft has been hit with a €60 million fine by the French data protection agency, CNIL, for not offering an opt-out for cookies on its Bing search engine, according to the Wall Street Journal. In addition, CNIL will fine Microsoft €60,000 per day within three months if it doesn’t ask users for consent to use an ad fraud detection cookie.
Bing users will be glad to know that Microsoft now lets you opt out of cookies on Bing if that’s what you want, however, the company is undecided about what to do about the fraud detection cookie. A spokesperson for the company said Microsoft is “concerned with the CNIL’s position on advertising fraud” and that these types of cookies “shouldn’t require consent by those intending to defraud others.”
Microsoft could attempt to appeal the decision about the fraud detection cookies but if it takes no action then it faces a daily fine. If an appeal goes in favour of CNIL, then Microsoft would be forced to ask for consent to employ these cookies too.
Unlike many privacy-related issues that are tackled in the European Union under GDPR rules, this cookie issue was pursued by CNIL under an EU law called the ePrivacy directive. GDPR cases against tech firms usually go through the Irish Data Protection Commission because they’re headquartered in Ireland but the ePrivacy directive doesn’t require investigations to be moved to the country where a company is headquartered, so France could pursue this issue itself.
Source: Wall Street Journal
42 Comments - Add comment