Apple must be fined 6 million euros, says CNIL

The rapporteur of the restricted training of the National Commission for Computing and Liberties (CNIL) valued that Apple should be fined 6 million euros for a breach of personal data protection rules.

The recommendation of the rapporteur, François Pellegrini, comes after the opening of an investigation by the CNIL following the complaint of the association France Digitale. The restricted formation of the Commission, which has yet to decide on this matter, is free to follow or not the recommendations of the rapporteur.

In its complaint, France Digitale, which represents the bulk of French digital entrepreneurs and venture capitalists, claims that iOS 14 failed to comply with European Union privacy requirements. France Digitale then argued that while iPhone owners were asked under iOS 14 to indicate whether they were willing to allow installed apps to collect a key identifier used to set ad campaigns and send targeted ads, the settings per default allowed Apple to run its own targeted advertising campaigns without clearly asking users for prior consent.

In his remarks, François Pellegrini said that iOS 14.6 does not correctly ask users for their prior consent for the collection of personal data, which constitutes a violation of the rules of confidentiality provided by the directive “privacy and electronic communications” of the European Union. He added that changes made as part of iOS 15 allow for such prior consent.