IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
The French data protection authority’s decisions cite violations of the cookie rules under the ePrivacy Directive and provide important insights on explicit consent. Between December 2019 and May 2020, the French data...more
On June 19, 2020, the Conseil d’Etat, the highest administrative court in France, annulled in part the cookie guidelines issued by the CNIL (the French data protection authority). The court ruled that the CNIL did not have...more
The Information Commissioner’s Office or the “ICO” is the British supervisory authority charged with enforcing GDPR. The Commission Nationale de l’informatique et des libertes (the “CNIL”) is the French supervisory authority....more
In its long-awaited judgment, the European Court of Justice (CJEU) decided the data protection requirements for obtaining consent when using cookies. The court held that “passive” acceptance of cookies through prechecked...more
The perplexing question of what U.S. companies must do to comply with EU “cookie” law became slightly more clear with the recent decision of the European Court of Justice (CJEU) in Planet49 GmbH, but numerous questions still...more
The Situation: The European Union's General Data Protection Regulation ("GDPR") has been effective since May 2018 and has resulted in increased requirements for obtaining consent for the processing of personal data. However,...more
The guidance provides general requirements for obtaining valid consent and details conditions under which audience management cookies may be exempt. On 4 July 2019, one day after the UK Information Commissioner’s Office...more
Data protection authorities in the UK and France have released updated guidance for website operators that use cookies on their websites. This new guidance may mandate changes to existing cookie banners and provides further...more
On 19 July the French Data Protection Authority (the “CNIL”) published new guidelines on cookies and trackers. These replace the existing Recommendation No. 2013-378 of 5 December 2013, are intended to be in line with...more
The French Data Protection Authority (the CNIL) has made targeted online advertising a priority topic in its 2019-2020 agenda and has changed its position on cookie consent. Although the ePrivacy Regulation is still being...more
The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR. The recent closure of cases brought by the French Data Protection Authority (CNIL) against four...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more