News & Analysis as of

Data Security France

BCLP

AI Surveillance and Data Privacy at the Games

BCLP on

As the Paris 2024 Summer Olympic and Paralympic Games (the “Games”) turn onto the final straight, the Games have yet again captured widespread global attention, on and off the track. With over 15.3 million visitors in Paris...more

Wilson Sonsini Goodrich & Rosati

New Enforcement Powers for the French Data Protection Authority (CNIL)

On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents,...more

Hogan Lovells

Measuring diversity at work: the CNIL finally opens a public consultation

Hogan Lovells on

On July 9, 2024, the CNIL launched a public consultation on a draft recommendation (“Draft Recommendation”) on measuring diversity in the workplace. While measuring diversity is an important indicator in the fight against...more

Orrick, Herrington & Sutcliffe LLP

A Customer Relationship Checklist for Cloud Providers, Including SaaS Companies, Operating in France

For more information about France’s SREN law, see our update that provides five key takeaways for businesses. Two new laws impose an array of obligations and restrictions on cloud providers in France. First, the European...more

Hogan Lovells

Public consultation and major updates from French Data Protection Authority on health data and research

Hogan Lovells on

On May 16, 2024, the CNIL announced a critical public consultation and three significant updates to adapt health research regulations in France. These updates, focusing on remote quality control, home monitoring, and...more

Wilson Sonsini Goodrich & Rosati

French Data Protection Authority Publishes Recommendations on the Development of AI Systems: Seven Takeaways

On April 8, 2024, the French Data Protection Authority (CNIL) published recommendations on the development phase of artificial intelligence (AI) systems1 (Recommendations). They are the first set of recommendations designed...more

Hogan Lovells

Significant data breach investigation launched by CNIL affecting over 33 million in France

Hogan Lovells on

The CNIL has launched an investigation into a significant data breach affecting over 33 million individuals in France, involving third-party payment operators Viamedis and Almerys. It is the biggest breach in France involving...more

Sheppard Mullin Richter & Hampton LLP

CNIL Fines Canal+ Over Marketing and Data Security Concerns

The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more

Hogan Lovells

CNIL publishes new reference methodologies for French public database access for health research purposes

Hogan Lovells on

The French Data Protection Authority (the "CNIL") has just published two new reference methodologies for research, studies, or evaluations necessitating access to the data in the French Healthcare database. These new...more

Hogan Lovells

Help shape the future of AI: Take the CNIL questionnaire

Hogan Lovells on

The French Data Protection Authority (CNIL) is still seeking input from Artificial Intelligence (AI) stakeholders on how to ensure that AI systems comply with data protection laws. Use of large amount of data and data...more

A&O Shearman

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

A&O Shearman on

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

White & Case LLP

AI Legal News Summer Roundup: Edition 3

White & Case LLP on

Welcome to the third edition of our AI Legal News Summer Roundup! After five class actions were filed between June 28 and July 11 (as reported on in our first edition of this series), on July 21, another class action lawsuit...more

Hogan Lovells

Update by the CNIL of its guidelines on whistleblowing systems

Hogan Lovells on

On 6 July 2023, the French data protection authority (the "CNIL") updated its guidelines on whistleblowing systems again. The last version dated from December 2019. This update is the result of the French transposition of...more

Hogan Lovells

Comprendre et tirer les leçons de la riche activité de la CNIL de ces derniers mois

Hogan Lovells on

Les derniers mois ont vu une activité bouillonnante de la CNIL avec l’adoption de nombreuses délibérations. Nous avons analysé ces décisions pour comprendre les principales orientations prises par l’autorité française....more

Orrick, Herrington & Sutcliffe LLP

France Cybersecurity Update: Cyber-Attacks Must Be Reported to Authorities Within 72-Hours to Benefit from Insurance Coverage

From 24 April, 2023, victims of cyber-attacks (as defined by the Criminal Code in italic text below) will have 72 hours to file a complaint with “competent authorities” if they want to obtain reimbursement under their...more

Ballard Spahr LLP

The Cost of a Click: Microsoft fined 60 Million Euros by French Privacy Watchdog for French Data Protection Act Violations

Ballard Spahr LLP on

On December 22, 2022, France’s National Commission for Technology and Freedoms (“CNIL”) fined Microsoft’s Irish subsidiary 60 million euro for failure to comply with Article 82 of the French Data Protection Law (known as the...more

Orrick, Herrington & Sutcliffe LLP

The French Law on Connected Devices Parental Control System is Now Applicable

Version Française: La loi relative aux dispositifs de contrôle parental sur les appareils connectés est désormais applicable. This Law n°2022-300 of March 2, 2022 provides for new obligations in order to strengthen parental...more

Orrick, Herrington & Sutcliffe LLP

French Data Protection Authority Fines Processor for Failing to Enter into Data Processing Agreement

France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more

Orrick, Herrington & Sutcliffe LLP

French Government Considering a Draft Law Imposing New Cybersecurity Transparency Obligations for Platforms

What You Need to Know The draft law would impose transparency obligations relating to cybersecurity. It is still being discussed and adjusted, but it could potentially come into effect in 2023. “Large-scale” online platforms...more

A&O Shearman

Schrems II Update

A&O Shearman on

French CNIL issues guidance for organisations on transfer impact assessments, German DSK releases statement on supplementary measures and SCCs, and Hessian DPA comments on data transfer obligations (23 June 2021)....more

Kramer Levin Naftalis & Frankel LLP

Fichiers de gestion des ressources humaines : il faut s'assurer de la conformité sans attendre la fin de la pandémie

Le Covid-19 n’a pas empêché la Commission nationale de l’informatique et des libertés (« CNIL ») de publier le 15 avril 2020 son référentiel relatif aux traitements de données à caractère personnel mis en œuvre aux fins de...more

Hogan Lovells

CNIL’s New Guidelines on HR Processing

Hogan Lovells on

The French Data Protection Authority (CNIL) has recently released new guidelines (French only) regarding human resources processing operations. ...more

White & Case LLP

COVID-19 and Data Protection Compliance in France

White & Case LLP on

Following the outbreak of COVID-19, organizations have been implementing exceptional measures to maintain "business-as-usual" to the extent allowed by their particular circumstances and to protect their employees, customers...more

Fox Rothschild LLP

CNIL, France’s Data Protection Authority, Releases Strategic Road Map

Fox Rothschild LLP on

In a statement of its priorities over the next year, French data privacy regulator CNIL emphasizes the importance of a balanced approach to data protection regulation....more

Kramer Levin Naftalis & Frankel LLP

Les règles contraignantes d'entreprises ("BCR"), une solution pour les multinationales qui peut être à géométrie variable

I. Les BCR pour faciliter les transferts intra-groupes - Les données personnelles ont vocation à circuler sans s’arrêter aux frontières de l’Union européenne (« UE »). Aussi, le règlement général sur la protection des...more

35 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide