CNIL fines Google and Shein for cookie consent violations
Regulatory/Legal Action
Summary
Hide ▲
Show ▼
The French CNIL fined Google and Shein over cookie consent violations, adding major financial penalties to France's privacy enforcement. The regulator said both companies placed advertising cookies on browsers without valid consent, and it ordered Google to fix its systems within six months. CNIL also said Google used Gmail ad placements in the Promotions and Social tabs without explicit consent. The action increases compliance pressure on consumer web platforms that rely on tracking and ad personalization.
Related Happenings
Browser extensions selling user data across consumer and enterprise cohorts
Trend
H score53
First: 27.04.2026 16:30
Last: 27.04.2026 16:30
Sources 1
About this happening:
A browser-security analysis found **more than 80 browser extensions** explicitly reserve the right to sell user data, exposing users to disclosed but widely overlooked privacy mon...
Browser extensions selling user data across consumer and enterprise cohorts
TrendAbout this happening: A browser-security analysis found **more than 80 browser extensions** explicitly reserve the right to sell user data, exposing users to disclosed but widely overlooked privacy mon...
Google expands Gemini AI for malicious ad blocking on Google Ads
Security Tool/Service
H score56
First: 16.04.2026 18:24
Last: 16.04.2026 18:24
Sources 1
About this happening:
**Google** expanded **Gemini AI** use across its ad platforms to detect and block **malicious ads** in real time, reducing scam and malvertising exposure at scale. The move matter...
Google expands Gemini AI for malicious ad blocking on Google Ads
Security Tool/ServiceAbout this happening: **Google** expanded **Gemini AI** use across its ad platforms to detect and block **malicious ads** in real time, reducing scam and malvertising exposure at scale. The move matter...
Google Chrome 146 adds Device Bound Session Credentials to block session-cookie theft
Security Tool/Service
H score11
First: 09.04.2026 21:33
Last: 09.04.2026 21:33
Sources 1
About this happening:
Google has rolled out **Device Bound Session Credentials (DBSC)** in **Chrome 146 for Windows**, binding sessions to device hardware to blunt **infostealer malware** that steals s...
Google Chrome 146 adds Device Bound Session Credentials to block session-cookie theft
Security Tool/ServiceAbout this happening: Google has rolled out **Device Bound Session Credentials (DBSC)** in **Chrome 146 for Windows**, binding sessions to device hardware to blunt **infostealer malware** that steals s...
TikTok for Business phishing campaign using Turnstile and reverse proxy
Campaign
H score31
First: 26.03.2026 16:09
Last: 26.03.2026 16:09
Sources 1
About this happening:
A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
TikTok for Business phishing campaign using Turnstile and reverse proxy
CampaignAbout this happening: A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
ShieldGuard browser-extension data-harvesting malware
Malware Activity
H score29
First: 18.03.2026 16:15
Last: 18.03.2026 16:15
Sources 1
About this happening:
A malicious **ShieldGuard** browser extension was dismantled after it was found harvesting sensitive data from **crypto users**, putting wallet and account information at risk. Th...
ShieldGuard browser-extension data-harvesting malware
Malware ActivityAbout this happening: A malicious **ShieldGuard** browser extension was dismantled after it was found harvesting sensitive data from **crypto users**, putting wallet and account information at risk. Th...
Timeline
-
04.09.2025 13:09 2 articles · 9mo ago
CNIL fines Google and Shein for cookie consent violations
Legal Policy Action UpdateFrance's CNIL fined Google $379 million (€325 million) and Shein $175 million (€150 million) for placing advertising cookies on users' browsers without valid consent. CNIL also said Google used Gmail advertisements in the Promotions and Social tabs without explicit consent and ordered Google to bring its systems into compliance within six months, warning of €100,000 per day penalties if it does not comply; Shein said it has updated its systems and plans to appeal.
Show sources
- Google Fined $379 Million by French Regulator for Cookie Consent Violations — thehackernews.com — 04.09.2025 13:09
- Google Fined $379 Million by French Regulator for Cookie Consent Violations — thehackernews.com — 04.09.2025 13:09