Apple comes under fire by the CNIL for reportedly violating France's data protection laws.
Despite the tech giant Apple being known for its priority on user data protection, the Commission Nationale Informatique & Libertés (CNIL) announced that it had fined the iPhone maker €8 million or $8.5 million for violating local data protection laws, according to the CNIL's official press release.
The penalty was reportedly issued on December 29. The ePrivacy Directive of the European Union, under which the CNIL operates, permits Member State-level data protection authorities to respond to local complaints about breaches without first requiring that they be forwarded to a lead data supervisor in the nation where the offending company has its primary EU establishment.
Why France Fined Apple for Privacy Violations
According to Politico, the CNIL determined that the American tech giant failed to "obtain the consent of French iPhone users (iOS 14.6 version) before depositing and/or writing identifiers used for advertising purposes on their terminals."
The dispute began with a March 2021 complaint made by the startup advocacy group France Digitale, which claimed Apple did not abide by data protection laws. The concerns raised by the CNIL concerning Apple's privacy compliance were first covered by POLITICO last year.
As per the 2019 CNIL guidance on the ePrivacy Directive, consent is required for ad tracking. However, the French commission discovered that iOS version 14.6 automatically read identifiers from the user's iPhone. In the regulator's view, this processing took place without Apple gaining the appropriate consent because the regulator determined that the setting used to collect consent was pre-checked by default.
Read Also: Lack of iPhone Charger Leads To $1000 Apple Fine; Brazilian Judge Explains This is Illegal
Not The First Privacy Concern Over Apple
Apple has already come under fire for its inconsistent approach to privacy. According to Yahoo, the Identifier for Advertisers (IDFA), which Apple by default baked into the iPhone, was the subject of a number of complaints to EU data protection watchdogs back in 2020. They claimed that the IDFA's inclusion was a similar violation of the prior consent to tracking principle.
Apple has continued to dispute these lines of arguments -- claiming it complies with local privacy laws and offers a higher level of privacy and data protection for iOS users than rival platforms.
France's Data Privacy Stronghold
It may come as no surprise that Apple has been fined by France regarding privacy violations. France has been very active in recent years in enforcing breaches of ePrivacy against tech giants. As an example, just last month, it fined Microsoft €60 million ($63 million) over dark pattern design concerning cookie tracking after discovering the company had not provided a mechanism for users to refuse cookies that were as simple as the button it presented them with for accepting cookies.
Since 2020, CNIL punishments have been imposed on Amazon, Google, and Meta for cookie-related violations. Additionally, Google updated its cookie consent pop-up across the EU last year to provide a straightforward "accept all" or "refuse all" option presented at the top level.
Related Article: Apple Fires Contractor Over Viral 'Day-in-the-Life' TikTok Video