The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules.
On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
6/12/2023
/ CNIL ,
Consent ,
Cookies ,
Corporate Fines ,
Enforcement Actions ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Personal Data ,
PHI ,
Risk Management ,
Statutory Violations ,
Websites
The court determined that mere infringement of the GDPR is insufficient for a damages claim, but that there is no minimum threshold for non-material damages.
In a recent judgment (Case C-300/21), the Court of Justice of...more
5/17/2023
/ Calculation of Damages ,
Court of Justice of the European Union (CJEU) ,
Damages ,
De Minimis Claims ,
EU ,
General Data Protection Regulation (GDPR) ,
Infringement ,
Member State ,
Personal Data ,
Rules of Civil Procedure ,
UK
The French Data Protection Authority’s white paper discusses how companies can comply with data privacy and security obligations.
The use of card, contactless, and innovative digital payment solutions has significantly...more
11/9/2021
/ Anti-Money Laundering ,
Bank Secrecy Act ,
CNIL ,
Consultation ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Central Bank ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Mobile Payments ,
Open Payments ,
Payment Systems ,
PCI-DSS Standard ,
Personal Data ,
Sensitive Personal Information ,
White Papers
Die Datenschutzorganisation noyb droht mit über 10.000 Beschwerden wegen möglicher rechtswidriger Verwendung von Cookies.
Am 31. Mai 2021 startete die Datenschutzorganisation noyb (die Abkürzung steht für „none of your...more
The CNIL has imposed a €250,000 fine on an online retailer for GDPR infringements in cooperation with other EU supervisory authorities.
Founded in 2006 and headquartered in France, Spartoo SAS (Spartoo) is one of the...more
The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising.
On 19 June 2020, France’s Highest Administrative...more
7/6/2020
/ Android ,
CNIL ,
Consent ,
Corporate Fines ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
Personal Data ,
Regulatory Violations
The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR.
The recent closure of cases brought by the French Data Protection Authority (CNIL) against four...more
3/28/2019
/ Advertising ,
Behavioral Advertising ,
CNIL ,
Consent ,
Corporate Counsel ,
Data Protection ,
e-Privacy Directive ,
Enforcement Actions ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
Geolocation ,
Ireland ,
Personal Data ,
UK
The CNIL decision handed down on 21 January 2019, which cites violations of several GDPR obligations, provides important insights for groups wishing to benefit from the “one-stop-shop mechanism”.
The Complaints -
Not...more
1/24/2019
/ Advertising ,
Android ,
CNIL ,
Data Processors ,
Data Protection Authority ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
Personal Data ,
Privacy Policy ,
Schrems I & Schrems II ,
Security and Privacy Controls
The enactment of Law No. 2018-493 represents a significant milestone in France’s implementation of the new European corpus on data protection.
Key Points:
..The new law increases fines and considerably reinforces the...more
On 7 October 2016, the president of the French Republic promulgated the Law for a Digital Republic. This promulgation closes the legislative process commenced in December 2015, which itself was preceded by a public...more