Orange Fined €50M for In-Email Ads and Cookie Consent Violations

In a significant ruling, the French Data Protection Authority (CNIL) has imposed a hefty fine of 50 million euros on the French telecom giant Orange for displaying advertisements in users’ email inboxes without obtaining their explicit consent. Specifically, Orange was embedding these ads within its Mail Orange service, leading them to appear as genuine emails among personal messages. This deceptive practice contravenes the French Post and Electronic Communications Code, which unambiguously requires user consent for such advertisements. The collective impact of this non-compliant behavior was profound, affecting over 7.8 million individuals who use Orange’s services and highlighting the company’s significant market position in France.

Moreover, Orange was found to be continuing to read cookies on users’ devices, despite users withdrawing their consent on the orange.fr website. This breach compounds the issue, reflecting a disregard for user preferences and established data protection laws. According to CNIL, Orange will be required to cease reading user cookies without consent within three months from the ruling. Failure to comply with this directive would result in Orange facing additional penalties amounting to 100,000 euros for each day it remains in breach. This ruling underscores the robust nature of the GDPR and the significant consequences companies face for failing to comply with its stringent requirements.

The CNIL’s decision aligns with previous European court rulings that categorize unsolicited advertisements in email inboxes as spam. This case reinforces the necessity for service providers to obtain explicit user consent before embedding advertisements within email services. The fine imposed on Orange serves as a stark reminder to all companies operating within the EU about the critical importance of maintaining user consent and complying with privacy regulations. These rulings reiterate the value of data privacy rights and illustrate the severe repercussions for failing to uphold these principles. With GDPR guidelines continuing to evolve, staying compliant is not only a legal obligation but also an ethical duty to protect user privacy.

Explore more

Qilin Ransomware Rises After RansomHub’s Sudden Collapse

I’m thrilled to sit down with Dominic Jainy, a seasoned IT professional whose deep expertise in artificial intelligence, machine learning, and blockchain offers a unique perspective on the ever-evolving world of cybersecurity. Today, we’re diving into the dramatic shifts in the ransomware landscape, particularly the rise of Qilin ransomware following the unexpected collapse of a major player in early 2025.

Erlang/OTP SSH Flaw Exploited in Critical OT Networks

What happens when the very systems designed to keep industries running become the perfect target for cybercriminals? In a world increasingly reliant on interconnected technology, a critical flaw in Erlang/OTP’s SSH daemon has emerged as a devastating entry point for attackers targeting operational technology (OT) networks. This vulnerability, known as CVE-2025-32433, has already triggered thousands of exploitation attempts, threatening the

Trend Analysis: DLL Sideloading in Ransomware Attacks

Introduction to a Growing Cyber Threat Imagine a scenario where a trusted application on an enterprise system, one relied upon daily for critical operations, becomes the very tool that locks down sensitive data with unbreakable encryption. This is not a hypothetical but a stark reality in 2025, as ransomware attacks have surged by over 60% in recent threat intelligence reports,

Trend Analysis: Mobile Banking Malware Evolution

Imagine opening a banking app on an Android device, only to unknowingly hand over login credentials to cybercriminals through a pixel-perfect fake interface. This is the chilling reality of mobile banking malware like ToxicPanda, which has already compromised over 4,500 devices across Europe, highlighting the urgent need for robust security measures. With digital transactions becoming the backbone of modern finance,

How Can Introverted Leaders Build a Strong Brand with AI?

This guide aims to equip introverted leaders with practical strategies to develop a powerful personal brand using AI tools like ChatGPT, especially in a professional world where visibility often equates to opportunity. It offers a step-by-step approach to crafting an authentic presence without compromising natural tendencies. By leveraging AI, introverted leaders can amplify their unique strengths, navigate branding challenges, and