France’s data protection authority, CNIL, has issued record fines to Google and Shein for violating the country’s cookie regulations. Google has been fined a staggering €325 million, while Shein has been fined €150 million. The fines were imposed due to the companies’ failure to obtain users’ free and informed consent before setting advertising cookies on their devices.
Both Google and Shein have tens of millions of users in France, and the CNIL has taken a strong stance on ensuring that these companies respect users’ rights under the General Data Protection Regulation (GDPR). The GDPR requires companies to obtain explicit consent from users before collecting and processing their personal data, including cookies.
The fines are significant, with Shein’s penalty representing a substantial portion of its revenue. In the past 12 months, French consumers have spent approximately €3 billion on Shein’s platform. The company’s business model, which relies heavily on targeted advertising, has come under scrutiny for its handling of user data.
The CNIL’s decision highlights the importance of transparency and user consent in online advertising. Companies must ensure that users are fully informed about how their data is being used and provide clear options for opting out of cookie tracking. The record fines imposed on Google and Shein serve as a warning to other companies that fail to comply with France’s data protection regulations.
