Microsoft has been fined €60 million by the French data protection agency CNIL for not offering an opt-out for cookies on its Bing search engine. The Wall Street Journal. In addition, the CNIL will fine Microsoft €60,000 per day within three months if it does not ask users for consent to use the ad fraud detection cookie.
Bing users will be happy to know that Microsoft now lets you opt out of cookies on Bing if that’s what you want, however, the company is undecided about what to do about the fraud detection cookie. Is. A company spokesperson said that Microsoft is “concerned with the CNIL’s stance on ad fraud” and that these types of cookies “should not require the consent of those who deceive others.”
Microsoft could try to appeal the fraud-detection cookie decision but would face daily fines if it took no action. If an appeal goes in favor of the CNIL, Microsoft will be forced to seek consent to use these cookies as well.
Unlike many privacy-related issues that are addressed in the EU under GDPR laws, this cookie issue was pursued by the CNIL under an EU law called the ePrivacy directive. GDPR cases against tech firms usually go through the Irish Data Protection Commission because they are headquartered in Ireland, but the ePrivacy Directive does not require investigations to be transferred to the country where the company is headquartered, so France itself may pursue this issue.
Source: The Wall Street Journal