The Commission nationale de l’informatique et des libertés (CNIL), France’s data protection watchdog, has slapped Facebook (now Meta Platforms) and Google with fines of €150 million ($170 million) and €60 million ($68 million) for violating E.U. privacy rules by failing to provide users with an easy option to reject cookie tracking technology.
“The websites facebook.com, google.fr and youtube.com offer a button allowing the user to immediately accept cookies,” the authority said. “However, they do not provide an equivalent solution (button or other) enabling the Internet user to easily refuse the deposit of these cookies.”
Facebook told TechCrunch that it was reviewing the ruling, while Google said it’s working to change its practices in response to the CNIL fines.
HTTP cookies are small pieces of data created while a user is browsing a website and placed on the user’s computer or other device by the user’s web browser to track online activity across the web and store information about the browsing sessions, including logins and details entered in form fields such as names and addresses.
Specifically, the CNIL found fault with the manner in which the two platforms require several clicks to reject all cookies, as opposed to having a single override to refuse all of them, effectively making it harder to reject cookies than to accept them.
images from Hacker News