Sensitive data is a goldmine for adversaries. Recently, the Italian Antitrust Authority fined Google Ireland Ltd. and Apple Distribution International Ltd. €10 million ($11.26 million) each, citing aggressive data practices. The agency stated that both companies had violated the Consumer Code practices during customers’ data acquisition and commercial use.
Both companies leveraged consumers’ data for commercial purposes, promoting their various products and services. As per data privacy laws, organizations should not leverage users’ data for commercial/promotional purposes without their consent.
The privacy regulator mentioned multiple reasons for its penalty:
Also Read: French Regulator Fines Google €220 Mn for Unfair Advertising Practices
“In the account creation phase, Google pre-sets the user’s acceptance of the transfer and/or use of their data for commercial purposes. This pre-activation allows the transfer and use of data by Google, once generated, without the need for other steps in which the user can confirm or change the choice pre-set by the agency from time to time. In the case of Apple, the promotional activity is based on acquiring consent to use user data for commercial purposes without providing the consumer with the possibility of a prior and express choice on sharing their data. This acquisition architecture, prepared by Apple, does not make it possible to exercise one’s will on the use of one’s data for commercial purposes. Therefore, the consumer is conditioned in the choice of consumption and undergoes the transfer of personal information, which Apple can dispose of for its own promotional purposes carried out in different ways,” the regulator said.
Organizations need to be vigilant and practice robust cybersecurity measures while handling users’ classified information.
The post Italy’s Antitrust Regulator Fines Google and Apple for Poor Data Practices appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor