Google and Amazon Fined a Total of $162 Million for Cookie Use Violations in France
The French Data Protection Authority, CNIL, fines companies for GDPR cookie consent violations.
Today, Dec.10, technology giants Google and Amazon got hit with a total fine of $162 million by the French Data Protection Authority, CNIL, for GDPR cookie consent violations.
CNIL fined Google a total of $120 million after an investigation carried out on March 16, 2020, revealed that Google.fr’s website placed advertising cookies automatically on users’ computers without obtaining prior consent from them.
According to the French regulator, Google LLC and Google Ireland were penalized for;
- Depositing tracking cookies in users’ computers without obtaining prior consent
- Providing insufficient information to users about the deployment of non-essential tracking cookies
- Partial failure of the "opt-out" mechanism for personalization of ads
Google’s fine is the biggest ever imposed in France for this type of breach.
In a separate announcement, the French DPA also fined e-commerce giant, Amazon, $42 million after investigations of Amazon.fr’s website between 12 December 2019 and 19 May 2020, revealed that cookies were automatically installed in consumers’ devices without any action required from them.
Amazon was fined for;
- Deploying tracking cookies without seeking consent from users
- Unclear information about the purposes of all tracking cookies placed in users’ devices
The fines against Google and Amazon were confirmed on CNIL’s website, and they are available in both French and English.
Complying with GDPR Cookie Consent with Secure Privacy
Secure Privacy offers a powerful consent management tool to help you ensure that you obtain prior consent for the use of non-essential cookies on your website.
It is essential to block non-essential plugins and tracking cookies until you have obtained consent from your users to deploy them on their devices.
Make your website compliant with these three simple steps
- Sign up for a free trial of our GDPR compliance solution
- Install the solution on your website
- Obtain GDPR-compliant cookie consent from users with our highly customizable cookie banners
Our free GDPR e-book provides a simplified step-by-step breakdown of the two laws to help you understand what you need to become compliant with the GDPR.
Additional Resources
- Learn more about cookie consent compliance in France with our simplified guide of CNIL’s Consent Guidelines.
- Read our detailed guide on how to comply with GDPR cookie consent requirements on your website
- Learn more about GDPR by downloading your free e-Book and get it delivered straight into your inbox
- Germany's 1&1 Telecom Fined $10.6 Million for a GDPR Violation
- Here are more of the highest GDPR fines enforced by regulators so far.
GDPR Compliance Automation: Complete Guide & Tool Comparison
Your privacy team is drowning in manual GDPR workflows. Data subject access requests pile up for weeks. Data mapping takes months instead of minutes. Your spreadsheet-based consent records can't scale to millions of users. Meanwhile, European regulators issued €1.2 billion in GDPR fines last year alone, and your current compliance approach can't keep pace with enforcement intensity or business growth. GDPR compliance automation transforms this reality by applying intelligent technology to streamline, accelerate, and enhance the accuracy of data protection activities. Organizations implementing comprehensive automation report 85-97% reduction in compliance workloads while improving accuracy and reducing regulatory risk by up to 75%. This guide explains what GDPR compliance can be automated, which processes require human judgment, how to select automation platforms, and what ROI you can expect from intelligent privacy technology investments.

IAB TCF Compliance Tool: Choose and Implement the Right Solution
Your Consent Management Platform just failed its IAB validation check. Three weeks before your planned launch, the CMP Validator flagged seventeen compliance issues across your consent banner implementation. Your legal team is escalating concerns about GDPR violations, your ad ops team worries about revenue impact, and nobody knows exactly what needs fixing or how long remediation will take.
- Legal & News
- Data Protection
- GDPR
- CCPA

What is ad_user_data in Google Consent Mode v2 — and Why It Matters for Your Ads
Your Google Ads conversion tracking just stopped working in Europe. Campaign performance dropped 30% overnight. Google Tag Assistant shows consent signal errors. You're seeing warnings about missing Consent Mode v2 implementation, but you're not sure what ad_user_data means or why Google suddenly requires it.