Back to GDPR violation

GDPR violation

Google fined €50 million for GDPR violation.

Google is facing the largest GDPR financial penalty yet at a whopping USD 56.9 million for a breach in Europe. On January 21, 2019, France’s National Data Protection Commission (CNIL) issued the fine after it received complaints over Google’s lack of transparency, inadequate information, and lack of valid consent regarding ad personalization. This comes as a huge blow for Google, whose success was built on harvesting the personal data of millions to sell targeted ads.

What exactly is Google guilty of?

The French security watchdog found a privacy breach following its investigations based on complaints from None of Your Business (NOYB) and La Quadrature du Net (LQDN) in 2018. Google violated GDPR provisions by not making its privacy policies easily accessible and neglecting to give users enough control over how their information is used in each of its services. Rather than providing essential information on one page, users have to execute up to five or six actions to view the full extent of the policy guidelines.

In response, a Google spokesperson said “it is studying the decision to determine our next steps.” This isn't the first GDPR fine to be issued, but it’s by far the biggest. Separately, Google has also been accused of GDPR privacy violations by consumer groups across seven European countries over its location-tracking feature.

Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.

Is your organization GDPR compliant?

The GDPR, which went into effect on May 25, 2018, created a set of strict privacy rules concerning data. Tech giants like Google, Facebook, YouTube, Netflix, Apple, and Amazon have all been accused of breaking the regulation. All organizations regardless of size must adhere to these regulations or risk facing costly repercussions.

ManageEngine Log360 is a comprehensive SIEM solution that can help you meet the IT security requirements of the GDPR with its threat intelligence, forensic analysis, incident detection, and management capabilities. Using Log360, you can:

  • Identify critical changes to Active Directory, such as changes to security groups, GPOs, permissions, and more in real time to prevent internal attack attempts. Audit databases and servers to ensure sensitive data is stored confidentially.
  • Monitor the actions of privileged users that have permissions to access and process personal data to ensure that data processing is performed in accordance with the GDPR. Detect and receive alerts for user behavior anomalies in real time to prevent personal data leaks.
  • Monitor logs from network perimeter devices such as firewalls, IDSs, IPSs, and security solutions (including vulnerability scanners), and correlate the data with threat feeds to prevent breach attempts originating from outside the network.
  • Track all access to files, folders, and databases where personal data is stored. Audit the activities and accesses on servers where files, folders, and databases reside. Get real-time alerts on any access or critical change to storage servers or the data itself—including permission changes, privilege escalations, unauthorized accesses, or data deletion and modification— to detect anomalies instantly.
  • Fulfill GDPR requirements by detecting data breaches and generating an incident analysis report that provides information on a breach's impact with the help of the real-time correlation engine.

Explore a free trial version of Log360, and see for yourself how it helps meet GDPR compliance requirements.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

2022 Zoho Corporation Pvt. Ltd. All rights reserved.