France slaps €750,000 fine on Vanity Fair magazine for placing cookies without consent

Published: 27 November 2025
Last updated: 27 November 2025
Vanity Fair France, cookies

The French data protection authority, CNIL, imposed a €750,000 ($869,000) fine on the publisher of Vanity Fair magazine in the country for placing cookies on user devices without proper consent.

Even the “Reject all” button did not work.

CNIL says that a prominent fashion and culture magazine, vanityfair.fr, placed cookies on user devices as soon as they arrived on the website, before interacting with any consent banner.

ADVERTISEMENT

The €750,000 fine is levied on the company LES PUBLICATIONS CONDE NAST, which publishes the printed and online magazines in France.

The investigations began after a public complaint from the association noyb in December 2019. In July 2022, the proceedings were closed after the company received an order to comply. However, further investigations revealed that the company had failed to comply with the obligations of the French Data Protection Act (Article 82).

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

This legislation requires websites to clearly inform users and obtain their prior consent before storing or accessing any non-essential cookies or trackers on their devices.

“The amount of this fine takes into account the fact that the company had already been issued with an order to comply, as well as the number of people affected and the various breaches of the rules protecting users with regard to cookies,” CNIL said.

The watchdog outlined several bad practices through which the Vanity Fair publisher failed to comply with the law:

  • Vanityfair.fr failed to obtain user consent before placing cookies. The website placed cookies on the devices as soon as visitors arrived on the site, even before interacting with the information banner to express a choice.
  • Information provided to users lacked clarity. Some cookies were incorrectly labeled as “strictly necessary,” without providing any useful information about their purposes, and allowing them to bypass the consent requirement, despite serving tracking or advertising purposes.
  • Refusing mechanisms were ineffective. When users clicked the “Refuse all” button in the consent banner or decided to withdraw their consent to have trackers installed on their device, the website still placed new cookies, subject to consent obligations. Present cookies also remained active

The CNIL emphasizes in the decision that the fine is high in part because Conde Nast had already been issued a formal notice in 2021, but failed to correct its practices.

ADVERTISEMENT

According to the decision, the company acknowledged violations but cited technical errors, blamed the Internet Advertising Bureau's (IAB) Transparency and Consent Framework (TCF) for misleading information, and stated that the cookies in question fall under the “functionality” category. The company claimed good faith and cooperative efforts, and also argued against the publicity of the sanction.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
Français English Português (BR) Español Niederländisch Deutsch Italian (IT)
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT