France’s privacy watchdog fines €60 million Microsoft’s Ireland subsidiary for using advertising cookies without the explicit consent of its customers. The practice violated the European data protection law.
The CNIL received a complaint relating to the conditions for the deposit of cookies on “bing.com,” and investigated the issue in September 2020 and May 2021.
Microsoft did not implement for the home page of the Bing search engine a “mechanism to refuse cookies as easily as accepting them.”
“CNIL found that when a user visited this site, cookies were placed on their terminal without their consent, while they were pursuing, in particular, an advertising objective. She also noticed the absence of a button allowing to refuse the deposit of cookies as easily as to accept it.” reads the announcement published by the Commission nationale de l’informatique et des libertés (CNIL). “Consequently, the Restricted Committee, the body of the CNIL responsible for pronouncing the sanctions, sanctioned the company MICROSOFT IRELAND OPERATIONS LIMITED with a fine of 60 million euros , made public.”
The Restricted Committee is also ordering that Microsoft collects on the “bing.com” website, within three months, the consent of persons residing in France before filing on their terminal cookies and trackers for advertising purposes. Otherwise, the company will be sanctioned with a penalty of 60,000 euros per day of delay.
Microsoft told the Wall Street Journal that it has already addressed the issue by implementing an option to reject advertising cookies.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, privacy)
[adrotate banner=”5″]
[adrotate banner=”13″]