Following a recommendation from a senior official, the CNIL has fined Apple 8 million euros for Privacy breaches on its ATT. This is good news on one level. The fine exceeds the recommendation of 6 million euros and represents a warning shot for a company growing at pace in the ads market. Nonetheless, MOW remains concerned that the size of the fine is not proportionate to the scale of Apple’s breach. See our previous post here which explains Apple’s data handling processes and increasing profits from ads.
The fundamental issue is quite simple. Apple, a company that makes billions of dollars annually from selling its users’ data to advertisers, whilst preventing others from doing the same, has been found to be non-compliant with GDPR.
Given that CNIL fined Google 150 million euros just last year for making cookies more difficult to reject than accept, handing Apple a mere 6 million euro fine seems entirely disproportionate.
Tim Cowen, legal advisor to MOW, commented:
“The problem with a fine that does not strip the wrongdoer of the profits gained from breaking the law, is that it sends a signal that its profitable to continue to break the law. That raises the risk that there is no Rule of Law when companies grow richer from its breach.”