By Agence France-Presse | Updated: 22 December 2022
France’s privacy watchdog said Thursday it has fined US tech giant Microsoft EUR 60 million ($64 million, roughly Rs. 530 crore) for foisting advertising cookies on users.
In the largest fine imposed in 2022, the National Commission for Technology and Freedoms (CNIL) said Microsoft’s search engine Bing had not set up a system allowing users to refuse cookies as simply as accepting them.
The French regulator said that after investigations it found that “when users visited this site, cookies were deposited on their terminal without their consent, while these cookies were used, among others, for advertising purposes.”
France’s privacy watchdog said Thursday it has fined US tech giant Microsoft EUR 60 million ($64 million, roughly Rs. 530 crore) for foisting advertising cookies on users.
In the largest fine imposed in 2022, the National Commission for Technology and Freedoms (CNIL) said Microsoft’s search engine Bing had not set up a system allowing users to refuse cookies as simply as accepting them.
The French regulator said that after investigations it found that “when users visited this site, cookies were deposited on their terminal without their consent, while these cookies were used, among others, for advertising purposes.”
The company has been given three months to rectify the issue, with a potential further penalty of EUR 60,000 (roughly Rs. 52 lakh) per day overdue.
The fine was issued to Microsoft Ireland, where the company has its European base.
In a statement Microsoft said that it had “introduced key changes to our cookie practices even before this investigation started.”
“We continue to respectfully be concerned with the CNIL’s position on advertising fraud,” it said, adding that it believes the French watchdog’s “position will harm French individuals and businesses.”
Cookie control
Cookies are installed on a user’s computer when they visit a website, allowing web browsers to save information about their session.
They are hugely valuable for tech platforms as ways to personalise advertising — the primary source of revenue for the likes of Facebook and Google.
But privacy advocates have long pushed back.
Since the European Union passed a 2018 law on personal data, internet companies have faced stricter rules that oblige them to seek consent from users before installing cookies.
Last year, the CNIL said it would carry out a year of checks against sites not following the rules on using web cookies.
Google and Facebook were sanctioned by the French regulator with fines of EUR 150 million (roughly Rs. 1,300 crore) and EUR 60 million (roughly Rs. 530 crore), respectively, for similar breaches around their use of cookies.
The two firms also face scrutiny over their practice of sending the personal data of EU residents to servers in the United States.
And tech giants continue to face a slew of cases across Europe.
Earlier this month, Europe’s data watchdog imposed binding decisions concerning the treatment of personal data by Meta, the owner of Facebook, Instagram and WhatsApp.
The European Data Protection Supervisor said in a statement that the rulings concerned Meta’s use of data for targeted advertising, but did not give details of its ruling or recommended fines.
The latest case follows complaints by privacy campaigning group Noyb that Meta’s three apps fail to meet Europe’s strict rules on data protection.