The French data protection watchdog has imposed its harshest penalty on Facebook for six breaches of French privacy law.
The breaches include tracking users across websites other than Facebook.com without their knowledge, and compiling a massive database of personal information in order to target advertising.
The French National Commission on Computing and Liberty (CNIL) began its investigation of Facebook and its European subsidiary, Facebook ireland, after the company made changes to its terms and conditions outlining the practices in January 2015.
CNIL wasn’t the only organization concerned by Facebook’s changes: data protection authorities in Belgium, the Netherlands, Spain and Hamburg, Germany also began investigations around the same time.
After a year’s digging, including visits to Facebook offices, CNIL sent the company a formal notice giving it three months to comply with the French Data Protection Act. Facebook asked for, and was granted, an extension, in order to respond.
Facebook’s response, when it eventually came, did not satisfy CNIL, which has now decided to impose a fine — the largest it can under French…