b2b-daily
Home | IT | Cyber Security

France’s CNIL Slaps Yahoo with a 10 Million Euro Fine for Non-Compliance with User Cookie Preferences

Avatar photo
by Dwaine Evans
January 25, 2024
Image Credit: Unsplash 
France’s CNIL Slaps Yahoo with a 10 Million Euro Fine for Non-Compliance with User Cookie Preferences
Table of Contents
  1. Yahoo's non-compliance
  2. CNIL's ruling
  3. Previous fines and investigations
  4. Yahoo's Violations and Consequences

France’s data protection watchdog, the Commission nationale de l’informatique et des libertés (CNIL), has imposed a hefty fine of 10 million euros on Yahoo for its failure to respect users’ preferences regarding internet-tracking cookies. The fine comes after receiving several complaints and conducting extensive investigations to determine the extent of the violations.

Yahoo’s non-compliance

Despite the presence of a button that allowed users to reject cookies on the main Yahoo.com site, visitors still discovered approximately 20 digital trackers deposited for advertising purposes. Additionally, Yahoo Mail users who attempted to withdraw consent for cookies were faced with a warning implying that they would lose access to messaging and other Yahoo services. These blatant disregard for user preferences and the attempt to dissuade users from opting out of cookie tracking are clear violations of privacy and data protection regulations.

CNIL’s ruling

The CNIL’s decision to fine Yahoo takes into account the company’s failure to respect the choices made by internet users regarding cookies. With the enforcement of the European Union’s General Data Protection Regulation (GDPR) in 2018, internet companies have faced stricter rules requiring explicit user consent for cookies. Yahoo’s actions directly contravened these regulations and demonstrated a lack of regard for user privacy and the protection of personal data.

Previous fines and investigations

France has been rigorously enforcing data protection regulations, fining major tech companies like Google, Meta (formerly Facebook), Amazon, Microsoft, Apple, and even TikTok for breaches. The cumulative fines imposed on these companies have reached an astonishing total of nearly 400 million euros. As part of its role as a data protection authority, the CNIL conducted investigations in October 2020 and June 2021 following user complaints, ultimately leading to the findings against Yahoo.

Yahoo’s Violations and Consequences

The investigations by the CNIL revealed that Yahoo had not only failed to respect users’ refusals of cookies, but had also taken active measures to discourage users from withdrawing their consent. Such actions not only illustrate a lack of transparency and accountability on Yahoo’s part, but also a disregard for user choices and concerns. The fine of 10 million euros serves as a penalty for Yahoo’s non-compliance and blatant violation of user preferences regarding cookies.

The CNIL’s strict enforcement of data protection regulations in France sends a clear message to internet companies regarding the importance of respecting user choices when it comes to cookies. Companies must ensure that user consent is obtained in a transparent and meaningful manner, and any attempt to dissuade or manipulate users’ choices will be met with severe consequences. Yahoo’s case serves as a stark reminder that data privacy and user consent are paramount, and companies must adhere to these principles to foster trust and protect the rights of their users.

Information Security

Explore more

Is 2026 the Year of 5G for Latin America?
January 21, 2026

The Dawning of a New Connectivity Era The year 2026 is shaping up to be a watershed moment for fifth-generation mobile technology across Latin America. After years of planning, auctions, and initial trials, the region is on the cusp of a significant acceleration in 5G deployment, driven by a confluence of regulatory milestones, substantial investment commitments, and a strategic push

EU Set to Ban High-Risk Vendors From Critical Networks
January 21, 2026

The digital arteries that power European life, from instant mobile communications to the stability of the energy grid, are undergoing a security overhaul of unprecedented scale. After years of gentle persuasion and cautionary advice, the European Union is now poised to enact a sweeping mandate that will legally compel member states to remove high-risk technology suppliers from their most critical

AI Avatars Are Reshaping the Global Hiring Process
January 21, 2026

The initial handshake of a job interview is no longer a given; for a growing number of candidates, the first face they see is a digital one, carefully designed to ask questions, gauge responses, and represent a company on a global, 24/7 scale. This shift from human-to-human conversation to a human-to-AI interaction marks a pivotal moment in talent acquisition. For

Recruitment CRM vs. Applicant Tracking System: A Comparative Analysis
January 21, 2026

The frantic search for top talent has transformed recruitment from a simple act of posting jobs into a complex, strategic function demanding sophisticated tools. In this high-stakes environment, two categories of software have become indispensable: the Recruitment CRM and the Applicant Tracking System. Though often used interchangeably, these platforms serve fundamentally different purposes, and understanding their distinct roles is crucial

Could Your Star Recruit Lead to a Costly Lawsuit?
January 21, 2026

The relentless pursuit of top-tier talent often leads companies down a path of aggressive courtship, but a recent court ruling serves as a stark reminder that this path is fraught with hidden and expensive legal risks. In the high-stakes world of executive recruitment, the line between persuading a candidate and illegally inducing them is dangerously thin, and crossing it can