Google Pays More Money In European Privacy Fines Than They Do In Taxes

Carsten KoallGetty Images

Alphabet, the company that owns Google, spent more money paying European Union fines last year than it paid in taxes, according to Computing. Revenue reports show that they were forced to pay out $5.1 billion in a line-item labeled “European Commission fines,” while their total tax bill for the same year was $4.2 billion.

“In 2018 we delivered strong revenue growth, up 23% year over year to $136.8 billion, and up 22% for the fourth quarter to $39.3 billion,” said Ruth Porat, chief financial officer of Alphabet and Google. “With great opportunities ahead, we continue to make focused investments in the talent and infrastructure needed to bring exceptional products and experiences to our users, advertisers and partners around the globe.”

Even so, those EU fines continue to take up a larger and larger share of that revenue. As for fines in 2019, the year is off to a fast start for Google, who as of January already owed €50 million thanks to a reprimand by regulators in France who cited the company for violations of the General Data Protection Regulation (GDPR). Google intends to appeal.

The GDPR has been in place since 2016 and focuses largely on protecting the privacy of EU citizens’ personal data. Among other provisions, the regulations set strict standards of requiring user consent for the processing of personal data, anonymizing data to protect privacy, and providing notice of data breaches that could affect consumers.

The most recent fine, the €50 million levied by France, was issued on the basis that Google did not have legal standing to process consumer data for personalization of targeted ads. This is a practice central to Google’s advertising model throughout the world, but these emerging European regulations are proving to be the first with the necessary provisions to not only cite the company, but to meaningfully impact their bottom line as well.

While Google did adjust their advertising targeting following the implementation of GDPR, regulators found that they hadn’t gone far enough in their compliance and determined that they fell short of obtaining the required consumer notification and consent needed to analyze and process personal data.

“The Google case though really sends a strong message which should be received loud and clear, ” writes Karen Holden for The HR Director in an analysis of Google’s situation. “Regulators have powers to levy huge fines on companies found to be in breach and they are willing to use it even outside of the companies housed jurisdiction.

For the time being, Google will continue to find ways to navigate the increasingly complex European regulatory landscape and, presumably for the time being, keep a line item in their annual report for further fines paid.