Free took his hand in the bag. The mobile operator will have to pay a fine of € 300,000 to the National Commission for Informatics and Freedoms (Cnil) due to breaches of the GDPR, the European Union’s personal data protection regulations. Several consumers had seized the telecoms gendarme in this sense to denounce abusive practices. Complaints on which the CNIL investigated to lead to this sanction. Four practices in particular are identified. Free was found guilty of having continued to prospect commercially from Internet users who had nevertheless requested that this canvassing be stopped, of not allowing certain complainants to have access to data concerning them, of having sent telephone bills to customers whose subscription had been terminated, for having communicated passwords by email, in the clear without them being temporary and the company imposing to change them.