Today, the French data protection authority CNIL has fined the French magazine publisher Conde Nast €750.000 for violating the consent requirements on its Vanity Fair website. noyb had originally filed a complaint against Conde Nast in 2019 (!).
Background. In December 2019, noyb had filed complaints against three providers of French websites, because they had implemented cookie banners that turned a clear “NO” into “fake consent”. Even if a user went through the trouble of rejecting countless cookies on the eCommerce page CDiscount, the movie guide Allocine.fr and the fashion magazine Vanity Fair, these websites sent digital signals to tracking companies claiming that users had agreed to being tracked online. CDiscount sent “fake consent” signals to 431 tracking companies per user, Allocine to 565, and Vanity Fair to 375, an analysis of the data flows had shown.
CNIL sanctions Conde Nast. Today, almost six (!) years after these complaints had originally been filed, the French data protection authority CNIL has finally reached a decision in the case against Vanity Fair: Conde Nast, the publisher behind Vanity Fair, has failed to obtain user consent before placing cookies. In addition, the company failed to sufficiently inform its users about the purpose of supposedly “necessary” cookies. Thirdly, the implemented mechanisms for refusing and withdrawing consent was ineffective. Conde Nast must therefore pay a fine of €750.000.
Another noyb related fine. The fine imposed by the French CNIL is yet another one related to noyb litigation. In 2023 the CNIL fined Criteo € 40 Million, while Google was fined € 325 Million earlier this year. Other Data protection authorities across Europe have imposed noyb related fines, too. Recently the Spanish AEPD issued a fine of € 100.000 against Euskaltel.
