The rapporteur for the limited formation of the National Commission for Computing and Liberties (CNIL) believes that Apple should be fined 6 million euros for a breach of the rules on the protection of personal data.
The recommendation of the rapporteur, François Pellegrini, comes after the initiation of an investigation by the CNIL following the complaint of the association France Digitale. The limited composition of the Commission, which has not yet decided on this issue, is free to follow or not follow the rapporteur’s recommendations.
In its complaint, France Digitale, which represents the majority of French digital entrepreneurs and venture capitalists, claims that iOS 14 did not comply with EU privacy requirements. France Digitale then claimed that while under iOS 14 iPhone owners were asked to indicate whether they were willing to allow installed apps to collect a key ID used to set ad campaigns and send targeted ads, the settings allowed by default Apple to run its own targeted advertising campaigns without clearly asking users for prior consent.
In his remarks, François Pellegrini said that iOS 14.6 does not properly ask users for their prior consent to the collection of personal data, which constitutes a violation of privacy rules set out in the EU’s “privacy and electronic communications” directive. He added that changes made as part of iOS 15 allow for such prior consent.