The CNIL’s Sanctions Committee issues a 150 000 € monetary penalty to GOOGLE Inc.
The CNIL penalty on Google is a wake-up call.
Thousands of service providers just like you are sitting on the fence and wondering how to comply with European and French privacy regulation as fast and as effective as possible.
Where do you start?
We’re here to help you get going fast with some common Q&A
- Does your site sufficiently inform its users of the conditions in which their personal data are processed?
- Does your site obtain user consent prior to the storage of cookies?
- Does your site define retention periods applicable to the data which it processes?
- Does your site permit itself to combine all the data it collects about its users?
Q. What special systems or security products are required?
A. None. Security defenses are a mistake. See the next question and answer.
Q. How many hours should I budget for Data Protection compliance? How should I protect my data?
A. We have an 8 week plan to take you from zero to full Data Protection compliance – budget 6 hours / week and you will get there. You also need to identify and mitigate vulnerabilities in your Web site – our Practical Threat Analysis process will pinpoint what you need to do from a perspective of policies and procedures, cloud servers and application security.
Q. What do I do when I complete the 8 week plan for Data Protection compliance?
A. Well, you’ll be sitting on a much more robust system of technical, administrative, policy and procedural controls so go out and have some fun – you deserve it!
If you provide digital services in countries like France and the UK who have local database registration requirements – we will help you comply with local CNIL and UK Data Commissioner requirements.
See CNIL Sanctions on Google for the full story.