January 22, 2024 at 06:12AM
France’s data protection authority fined Yahoo 10 million euros for disregarding users’ rejection of internet-tracking cookies and implying loss of access to email accounts if they refused. Investigations revealed visitors who rejected cookies still had digital trackers deposited and Yahoo Mail users were warned about losing access to services if they withdrew consent. This is amidst stricter GDPR rules.
From the meeting notes, it is clear that France’s data protection watchdog, CNIL, fined Yahoo 10 million euros for not respecting users’ refusals of internet-tracking cookies and for implying that users would lose access to email accounts if they did so. The fine was imposed in December, equivalent to $10.9 million, after the CNIL authority received complaints and carried out investigations in October 2020 and June 2021. The investigation found that visitors to Yahoo.com who rejected cookies still ended up with around 20 digital trackers deposited for advertising purposes. Additionally, Yahoo Mail users who attempted to withdraw consent for cookies were warned they would no longer have access to messaging or other Yahoo services. The CNIL noted that since the advent of the EU’s GDPR in 2018, internet companies have faced stricter rules on obtaining consent from users on how their personal information is used. Furthermore, France has also fined other companies for data breaches, including Google, Meta, Amazon, Microsoft, Apple, and TikTok, for a total of nearly 400 million euros. Additionally, other notable fines mentioned in the meeting notes include a medical company being fined $450,000 by the New York Attorney General over a data breach and Equifax being fined $13.5 million over a 2017 data breach. Lastly, TikTok was hit with a $368 million fine under Europe’s strict data privacy rules.