Alphabet Inc.'s Google received a hefty fine of $56.8 million from France's privacy regulator, which used its new powers to levy much higher penalties for the first time under European Union data protection rules.
France's data authority CNIL said the amount of the fine was "justified by the severity of the infringements observed regarding the essential principles" of the EU's General Data Protection Rules, or GDPR. They are "transparency, information and consent," it said Monday in a statement.
The EU rules took effect across the 28-nation bloc on May 25, and gave national privacy regulators equal powers to fine companies as much as 4 percent of global annual sales for the most serious violations. Google has come under CNIL's scrutiny many times before, but under the old rules, fines couldn't exceed the maximum of 150,000 euros. While this is the first time CNIL has benefited from the new rules, several other countries have issued fines.