From the conversations I've been having this week, however -- including people in advertising and senior trade body representatives -- Google is thought to be batting on a proverbial sticky wicket. It can counter-argue all it likes, but, ultimately, CNIL probably has a good point.
The fundamental problem is that GDPR was supposed to be all about a very clear explanation of why a company wanted to collect personal information, what it was going to do with it and who it was going to share it with.
From the conversations I've been having it would appear that adland was waiting for a data giant to be challenged so the rest of the industry could get a better understanding of the murky waters of trading data -- particularly around programmatic.
As one exec quipped: "The problem is this data is personal when it suits the tech giants, and they're selling their services, and then it's not personal when they're defending themselves to a regulator. You can't have it both ways."
When ad execs can't be entirely sure that their budget is only going to display and search results that have been targeted 100% through GDPR-compliant data, you know there is a test case coming your way soon.
The general feeling, from what I'm hearing, is that the London scene has been waiting for a tech giant to get a bloodied nose before a clearer way of working is accepted and trickles down through the ecosystem.
As for the appeal, well again, adland seems to think Google is not defending an admirable position.
"When not even the lawyers can understand your consent forms, you know you've got a problem," one exec commented, pointing out the ICO's guidance that consent was supposed to be easy enough for a chid to understand.
As for pre-ticked boxes? Well, there's not even a conversation to be had there. If CNIL has found evidence of this, Google doesn't have a leg to stand on. If we all knew one thing about GDPR, it was that pre-ticked boxes were banished forever.
One area where Google might find some traction is the legitimacy of the French watchdog fining a company registered in Ireland. Apparently it's a complicated legal argument that I won't claim to understand -- but the French authorities felt Ireland didn't have the full rights to regulate Google on mobile, and so it stepped in to raise a fine.
If I were Google, the legitimacy of a fine from Paris for a company based in Dublin is where I would start the appeal.
Probably the least surprising bit of news this week is that Google will contest the 50m Euro fine it received from France's data watchdog, CNIL. The tech giant has a lot of lawyers and deep pockets, and let's face it -- nobody welcomes a 50m Euro fine, particularly if it risks encouraging other EU watchdogs to get in on the act.
From the conversations I've been having this week, however -- including people in advertising and senior trade body representatives -- Google is thought to be batting on a proverbial sticky wicket. It can counter-argue all it likes, but, ultimately, CNIL probably has a good point.
The fundamental problem is that GDPR was supposed to be all about a very clear explanation of why a company wanted to collect personal information, what it was going to do with it and who it was going to share it with.
From the conversations I've been having it would appear that adland was waiting for a data giant to be challenged so the rest of the industry could get a better understanding of the murky waters of trading data -- particularly around programmatic.
As one exec quipped: "The problem is this data is personal when it suits the tech giants, and they're selling their services, and then it's not personal when they're defending themselves to a regulator. You can't have it both ways."
When ad execs can't be entirely sure that their budget is only going to display and search results that have been targeted 100% through GDPR-compliant data, you know there is a test case coming your way soon.
The general feeling, from what I'm hearing, is that the London scene has been waiting for a tech giant to get a bloodied nose before a clearer way of working is accepted and trickles down through the ecosystem.
As for the appeal, well again, adland seems to think Google is not defending an admirable position.
"When not even the lawyers can understand your consent forms, you know you've got a problem," one exec commented, pointing out the ICO's guidance that consent was supposed to be easy enough for a chid to understand.
As for pre-ticked boxes? Well, there's not even a conversation to be had there. If CNIL has found evidence of this, Google doesn't have a leg to stand on. If we all knew one thing about GDPR, it was that pre-ticked boxes were banished forever.
One area where Google might find some traction is the legitimacy of the French watchdog fining a company registered in Ireland. Apparently it's a complicated legal argument that I won't claim to understand -- but the French authorities felt Ireland didn't have the full rights to regulate Google on mobile, and so it stepped in to raise a fine.
If I were Google, the legitimacy of a fine from Paris for a company based in Dublin is where I would start the appeal.
Regardless of what you think of this case, it will raise the alarm for many companies outside the EU setting up a base within the EU that they are not subject to solely that country's regulator and its interpretation of GDPR.
Other than that, the feeling in adland is that any business that appeals and is still found to have spread consent over several pages of legalese jargon and uses pre-ticked boxes to get consent really doesn't have a leg to stand on.
Other than that, the feeling in adland is that any business that appeals and is still found to have spread consent over several pages of legalese jargon and uses pre-ticked boxes to get consent really doesn't have a leg to stand on.