COOKIES. CONSENT. COMPLIANCE
Schedule a Demo
secure privacy badge logo
Regulations
EUROPE
GDPR (EU) UK DPA (United Kingdom) FADP (Switzerland) NewDPA (Norway)

View All

North America
PIPEDA (Canada) CCPA/CPRA (California) CPA (Colorado) VCDPA (Virginia)

View All

Middle East
PDPL (UAE) DIFC DPA (Dubai) PDPL (Saudi Arabia) KVKK (Turkey)

View All

Asia
PIPA (South Korea) NewPIPL (China) Data Privacy Act 2012 (Philippines) PDPA (Singapore)

View All

Central and South America
LGPD (Brazil) DPL (Colombia) Personal Data Protection Law (Argentina) LSPDP (Panama)

View All

Africa
POPIA (South Africa) Law no.09-08 (Morocco) LPDP (Egypt) DPA (Kenya)
Oceania
APP (Australia) Privacy Act (New Zealand)
Features
Cookie BannersPreference CenterCookie & Website ScannerConsent LoggingData Subject Request FormsCookie PolicyPolicy CenterLegal Templates70+ Language Support
Cookie Banners
Integrations
HubspotWordpressMagentoAdobe Tag ManagerWixShopifyDrupalGoogle Tag ManagerWeeblySquarespaceWebviewSitecoreUmbracoJoomlaBigcommerceGoogle Consent ModeAdobe LaunchTealium IAB TCF v2.2
Hubspot badge
Pricing
Partner
Resources
BlogSupportContact UsDocsRequest DemoTraining & CertificationGDPR Website Scanner
December 10, 2020

Google and Amazon Fined a Total of $162 Million for Cookie Use Violations in France

The French Data Protection Authority, CNIL, fines companies for GDPR cookie consent violations. 

Today, Dec.10, technology giants Google and Amazon got hit with a total fine of $162 million by the French Data Protection Authority, CNIL, for GDPR cookie consent violations

CNIL fined Google a total of $120 million after an investigation carried out on March 16, 2020, revealed that Google.fr’s website placed advertising cookies automatically on users’ computers without obtaining prior consent from them. 

According to the French regulator, Google LLC and Google Ireland were penalized for;

  • Depositing tracking cookies in users’ computers without obtaining prior consent  
  • Providing insufficient information to users about the deployment of non-essential tracking cookies
  • Partial failure of the "opt-out" mechanism for personalization of ads

Google’s fine is the biggest ever imposed in France for this type of breach

In a separate announcement, the French DPA also fined e-commerce giant, Amazon, $42 million after investigations of Amazon.fr’s website between 12 December 2019 and 19 May 2020, revealed that cookies were automatically installed in consumers’ devices without any action required from them. 

Amazon was fined for; 

  • Deploying tracking cookies without seeking consent from users
  • Unclear information about the purposes of all tracking cookies placed in users’ devices

The fines against Google and Amazon were confirmed on CNIL’s website, and they are available in both French and English.

Complying with GDPR Cookie Consent with Secure Privacy

Secure Privacy offers a powerful consent management tool to help you ensure that you obtain prior consent for the use of non-essential cookies on your website. 

It is essential to block non-essential plugins and tracking cookies until you have obtained consent from your users to deploy them on their devices. 

Make your website compliant with these three simple steps

  • Sign up for a free trial of our GDPR compliance solution
  • Install the solution on your website 
  • Obtain GDPR-compliant cookie consent from users with our highly customizable cookie banners 

Our free GDPR e-book provides a simplified step-by-step breakdown of the two laws to help you understand what you need to become compliant with the GDPR.

Schedule a call to learn more

Additional Resources

  •  Learn more about cookie consent compliance in France with our simplified guide of CNIL’s Consent Guidelines.
  • Read our detailed guide on how to comply with GDPR cookie consent requirements on your website
  • Learn more about GDPR by downloading your free e-Book and get it delivered straight into your inbox
  • Germany's 1&1 Telecom Fined $10.6 Million for a GDPR Violation
  • Here are more of the highest GDPR fines enforced by regulators so far.
image

Data Broker Registration Explained (2026): How to Register Under U.S. Privacy Laws

Data brokers occupy a peculiar position in the privacy landscape: they are often the most consequential handlers of personal information that consumers have never heard of. A person may carefully manage what they share with their bank, their employer, and the apps on their phone — and still find their name, home address, income range, health interests, and browsing behavior for sale across hundreds of databases they never interacted with.

  • Legal & News
  • Data Protection
image

EU AI Act Implementation Sprint: A 90-Day Playbook for Enterprise Compliance

The EU AI Act is no longer a regulation on the horizon. Prohibited AI practices have been enforceable since February 2025. General-purpose AI obligations have applied since August 2025. And on 2 August 2026 — five months from now — the full weight of high-risk AI system requirements under Annex III comes into force, bringing with it a penalty structure that exceeds even the GDPR: up to €35 million or 7% of global annual turnover for the most serious violations, and up to €15 million or 3% for non-compliance with high-risk obligations.

  • AI Governance
image

React Native Consent SDK: Implement Mobile Consent Management

Adding a consent banner to a React Native app is straightforward. Implementing consent management that actually controls data collection — where no third-party SDK fires a network request before the user has responded, where consent state persists correctly across sessions, and where every decision is logged for regulatory audit — is a different engineering problem.

  • Mobile Consent