France’s data protection watchdog said Thursday that it had fined Yahoo 10 million euros for not respecting users’ refusals of internet-tracking “cookies” or implying they would lose access to email accounts if they did.
The fine imposed in December, equivalent to $10.9 million, came after the CNIL authority received complaints and carried out investigations in October 2020 and June 2021.
It found that visitors to the main Yahoo.com site who clicked on a button to reject cookies nonetheless ended up with around 20 of the digital trackers deposited for advertising purposes.
In addition, Yahoo Mail users who attempted to withdraw consent for cookies were warned they would no longer have access to messaging or other Yahoo services.
“To determine the amount of the fine, the restricted committee took into account the fact that the company did not respect the choice of Internet users regarding cookies and that it put in place measures to dissuade them from withdrawing their consent to the deposit of cookies,” the CNIL said.
Since the advent of the EU’s general data protection regulation (GDPR) in 2018, internet companies have faced stricter rules on obtaining consent from users on how their personal information is used.
France has rapped companies including Google, Meta, Amazon, Microsoft, Apple and TikTok for breaches, for total fines of nearly 400 million euros.
Related: Medical Company Fined $450,000 by New York AG Over Data Breach
Related: Equifax Fined $13.5 Million Over 2017 Data Breach
Related: TikTok Is Hit With $368 Million Fine Under Europe’s Strict Data Privacy Rules
