Alla luce del recente provvedimento dell’Autorità Garante per la Protezione dei Dati Personali Francese, la Commission nationale de l'informatique et des libertés (“Garante” o “CNIL”), riportiamo di seguito un’analisi del...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their purposes (“Guidance”). This the most recent guidance of a major EU regulator on a...more
The French data protection authority’s decisions cite violations of the cookie rules under the ePrivacy Directive and provide important insights on explicit consent. Between December 2019 and May 2020, the French data...more
The French Data Protection Authority, CNIL, has levied its first fine for enforcement of the General Data Protection Regulation (GDPR). The enforcement target, Spartoo, is a French online shoe retailer that makes its website...more
The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. On 19 June 2020, France’s Highest Administrative...more
On January 21, 2019, the CNIL (the French data protection authority) issued a fine of €50 million to Google under the General Data Protection Regulation (the “GDPR”) for its failure to (1) provide notice in an easily...more
The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more
We routinely hear from United States citizens who want advice on how to remove photographs, newspaper articles, videos or personal information about themselves from the internet. Originally published by the European...more
On 24 September 2019, the European Union’s top court issued a landmark ruling declaring that Google does not have to extend the “right to be forgotten” rules to its search engines globally.1 This decision provides important...more
On September 24, 2019, the highest court of the European Union (EU), the Court of Justice of the EU (CJEU), attempted to limit the territorial scope and authority of EU data protection authorities in its recent decision...more
Under GDPR, companies are required to keep certain records of their processing activities. There has been some question about the types of records controllers should keep. To help clarify the questions arising from many...more
The French CNIL imposed a €400,000 fine on a company specialized in real estate development, purchase, sale, rental and property management, for failing to adequately protect the data of users of its website and for...more
Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared a compilation of key GDPR-related developments of the past 12 months. The compilation...more
On Jan. 21, 2019, the French Data Protection Authority (CNIL) levied a 50 million euros sanction against Google LLC for violating the EU General Data Protection Regulation2 (GDPR) in the context of the first enforcement...more
On January 21, 2019, the French data protection supervisory authority (“CNIL”) fined Google €50 million (approximately $57 million) for violating the European General Data Protection Regulation (“GDPR”). ...more
After Google was ordered to pay €50 million (about $57 million) by the French data protection authority—the largest financial penalty under the General Data Protection Regulation (GDPR) to date—other companies were left to...more
The French Data Protection Authority, CNIL, has fined Google $50 Million Euros for Google’s alleged failure to comply with the EU’s sweeping General Data Protection Regulation (GDPR). The enforcement action is significant for...more
The General Data Protection Act has been making headlines for quite some time now, especially the potential fines that can be levied for non-compliance. Since the law’s recent enactment in May 2018, legal professionals and...more
Welcome back to our two-part series examining CNIL vs. Google: 10 lessons from the largest data protection fine ever issued. In this post we continue our analysis of CNIL vs. Google by taking a closer look at the additional...more
In January 2019, the French data protection authority, CNIL (Commission Nationale de l’informatique et des libertés), announced that it had fined Google 57 million euros (approximately £44 million or USD$65 million) for...more
If you offer goods or services to individuals in the European Union, have an establishment in the EU or monitor the behavior of individuals in the EU, now would be a good time to review your privacy notices, your process for...more
France’s data protection authority (DPA) (CNIL) recently announced that it has fined Google $57 million for violations of the General Data Protection Regulation (GDPR). This is the first fine by a European DPA of an American...more
On May 29, 2017, the French Data Protection Authority (Commission Nationale Informatique et Libertés, or "CNIL") announced that it had authorized nine banking institutions to implement, on an experimental basis,...more
After the European Court of Justice invalidated Safe Harbor on October 6, ?2015, the Article 29 Working Party announced in an October 16, 2015 statement that US companies that were Safe Harbor certified had until the end of...more