On March 17, 2011, CNIL fined Google €100,000 for improperly gathering and storing data for its Street View application. Founded over thirty years ago, CNIL is an independent administrative authority that protects the privacy and personal data of French citizens.
Although this is the largest penalty ever awarded by CNIL, it certainly does not begin to move the needle when it comes to hurting Google’s very deep pockets. This is nothing more than an interesting wrist slap in light of the significant privacy infraction. The vast amount of personal data that was improperly collected by roaming “Google bikes” and “Google cars” – included e-mails and web browsing histories amounted to 600 gigabytes of unencrypted Wi-Fi data.
Even though US regulators have been hitting hard with recent fines of $4.3 million and $1 million, one lingering threat that was always out there on the privacy regulatory front was from an EU privacy agency holding a firm to unexpectedly high standards. After seeing CNIL’s Google fine, that threat may have sputtered away. What US firms need to continue to fear are the many class action suits that quickly sprout up — as they did when Google disclosed this “Wi-Spy” mishap — whenever there is a public disclosure of a privacy breach.