The Council of State validated a 100 million euros fine issued in December 2020 by France’s data protection authority, the Commission nationale de l'informatique et des libertés, against Google and Google Ireland for placing cookies on users’ computers without their consent. The CNIL argued the action violated France’s Data Protection Act and the Council “confirmed the competence of the CNIL to take sanctions on cookies outside the one-stop-shop mechanism provided for by the (EU General Data Protection Regulation) and thus validated the sanction of the CNIL.”