Apple should face a 6 million euro ($6.3 million) fine for breach of privacy rules, the top advisor to French data protection authority’s sanction body recommended on Monday.
CNIL’s sanction body is free to ignore the rapporteur’s recommendations, but these typically carry a lot of weight with the watchdog’s final decision.
The rapporteur, Francois Pellegrini, made his recommendation after an investigation by the authority, itself triggered by a complaint filed last year by lobby group France Digitale.
In the complaint, the lobby, which represents the bulk of France’s digital entrepreneurs and venture capitalists, alleged that iPhone maker Apple’s former operating software, iOS 14, did not comply with EU privacy requirements.
Related: French Court Cuts Down Antitrust Fine Against Apple
France Digitale argued then that while iPhone owners were asked under iOS 14 whether they were ready to allow installed mobile apps to gather a key identifier used to define campaign ads and send targeted ads, default settings allowed Apple to carry its own targeted ad campaigns without clearly asking iPhone users for their prior consent.
Apple’s privacy updates, called App Tracking Transparency, give users the option to block apps from tracking activity across apps and websites owned by other companies.
In his remarks, Pellegrini said Apple’s previous operating system version iOS 14.6 failed to ask users properly for their prior consent, thus constituting a breach of privacy rules under the European Union’s ePrivacy directive.
He added that changes made under a subsequent version of Apple’s operating system, iOS 15, allowed for such prior consent.