Google v. CNIL

In 2019, the French Data Protection Authority (CNIL) fined Google €50 million for violating GDPR. The ruling, known as Google v. CNIL (2019), proved that GDPR is not simply an abstract text – all companies, including corporations and market monopolists, must obey its provisions.

Decisions of high courts, such as this one, also prove useful in enforcing data privacy. Even if the decisions are made in a particular case between two entities or individuals, these rulings often explain legal provisions and are used as an additional set of legal principles. Historically, court decisions have had more impact in the US, which follows the case law system.

You may also like:
Data privacy laws in the United States and how they affect your business
11 new privacy laws around the world and how they’ll affect your analytics
Facebook Inc. v. Duguid
EU-US data privacy framework