News & Analysis as of

General Data Protection Regulation (GDPR) Data Privacy France

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Hogan Lovells

Connected vehicles: CNIL’s consultation promotes driver’s consent over fraud and car theft

Hogan Lovells on

The French Data Protection Authority launches a public consultation on location data of connected vehicles, until May 20, 2025. This work will shape future regulations regarding the use of location data and its impact on...more

Hogan Lovells

Overview of the CNIL’s enforcement actions in 2024: the simplified procedure generates an increase in sanctions

Hogan Lovells on

In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more

BCLP

Mobile Apps: What Does the CNIL Recommend From a Privacy Perspective?

BCLP on

While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more

A&O Shearman

CNIL publishes Data Transfer Impact Assessment guide

A&O Shearman on

On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more

BCLP

CNIL Strategic Plan 2025

BCLP on

The CNIL has published its strategic plan for the period of 2025-2028. This is typical of the CNIL, who regularly inform its stakeholders of its priorities....more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

BCLP

AI Surveillance and Data Privacy at the Games

BCLP on

As the Paris 2024 Summer Olympic and Paralympic Games (the “Games”) turn onto the final straight, the Games have yet again captured widespread global attention, on and off the track. With over 15.3 million visitors in Paris...more

Wilson Sonsini Goodrich & Rosati

New Enforcement Powers for the French Data Protection Authority (CNIL)

Wilson Sonsini Goodrich & Rosati on

On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents,...more

Hogan Lovells

Transfer Impact Assessments: the CNIL is seeking public input on TIA guide

Hogan Lovells on

On January 8, 2024, the CNIL launched a public consultation on a draft guide (Draft Guide) covering Transfer Impact Assessments (TIA). Under GDPR, as interpreted by the Court of Justice of the European Union (CJEU) and...more

BCLP

CNIL publishes ‘AI How-To Sheets’ on Aligning Artificial Intelligence Systems with GDPR

BCLP on

A few days ago, the French Data Protection Authority (CNIL) published its first draft guidelines for the use of AI systems in the form of "AI How-To Sheets" with the aim to “help professionals reconcile innovation with...more

Hogan Lovells

CNIL confirms the compatibility of AI with the GDPR

Hogan Lovells on

On October 12, 2023, the CNIL released its first guidance on how to comply with the General Data Protection Regulation (GDPR) when developing and using artificial intelligence (AI) using personal data or impacting...more

A&O Shearman

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

A&O Shearman on

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

Hogan Lovells

Member of French Parliament lodges first request for annulment of EU-US Data Privacy Framework

Hogan Lovells on

P. Latombe, who is not only a Member of the French Parliament, but also seated at the French Data Protection Authority (CNIL)'s Commission, lodged a request for annulment of the DPF on 6 September 2023 before the Court of...more

Hogan Lovells

French CNIL released an action plan for AI focusing on generative AI systems

Hogan Lovells on

A few days after the European Parliament adoption of a compromise position on the Artificial Intelligence Act (the “AI Act”), the French Data Protection Authority (the “CNIL”) published, on 16 May 2023, a detailed 4-step...more

ArentFox Schiff

Virginia Finalizes CDPA Text With the Addition of Three Amendment Bills

ArentFox Schiff on

Connecticut Passes the Fifth US State Consumer Privacy Law - The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state...more

Orrick, Herrington & Sutcliffe LLP

French Data Protection Authority Fines Processor for Failing to Enter into Data Processing Agreement

Orrick, Herrington & Sutcliffe LLP on

France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more

Rothwell, Figg, Ernst & Manbeck, P.C.

France Fines Facebook and Google For Violating the EU Cookie Law: You Need to Make it As Easy to Refuse as a Cookie, as it is to...

Rothwell, Figg, Ernst & Manbeck, P.C. on

France recently fined Alphabet Inc’s Google $169 million and Meta Platform’s Facebook $67 million on grounds that the companies violated the EU e-Privacy directive (aka the EU “Cookie Law”) by requiring too many “clicks” for...more

Pillsbury Winthrop Shaw Pittman LLP

Record €210 Million in Fines for Breach of Cookies and Website Tracking Rules—Note e-Privacy Directive, Not Just GDPR

Pillsbury Winthrop Shaw Pittman LLP on

France’s data protection regulator (the CNIL) said this week it has fined Google and Facebook a combined €210 million for breaches of laws on cookies use and tracking of user online activity. These fines were not under the...more

Ankura

Does Your Organization Maintain an Employee Facing Privacy Notice?

Ankura on

On Tuesday, June 15, 2021, a French court ordered IKEA to pay 1 million euros ($1.2 million) for spying on its employees in France. The allegations included reviewing employees' bank account records, using fake employees to...more

Fox Rothschild LLP

Valuable Data Privacy Lessons In CNIL’s Enforcement Action Against Carrefour France

Fox Rothschild LLP on

In addition to the not-insignificant €2.25 million fine, CNIL's enforcement action against Carrefour France raises some universal points for companies handling data, both in the EU and in the U.S. Big Picture Takeaways:...more

Hogan Lovells

Facial Recognition Challenged by French Administrative Court

Hogan Lovells on

In a decision (French only) dated 27 February 2020, the French Administrative Court of Marseille invalidated the deliberation of the Provence-Alpes-Côte d’Azur Regional Council which allowed to set up...more

Morgan Lewis

COVID-19 in France: Personal Data Protection in the Workplace

Morgan Lewis on

As prevention measures against the coronavirus (COVID-19) pandemic bump into the principles and guidelines of the EU General Data Protection Regulations (GDPR), the French Data Protection Authority has reinforced essential...more

Akin Gump Strauss Hauer & Feld LLP

Court of Justice of the EU Places Limits on the Territorial Scope of the “Right to be Forgotten”

Akin Gump Strauss Hauer & Feld LLP on

On September 24, 2019, the highest court of the European Union (EU), the Court of Justice of the EU (CJEU), attempted to limit the territorial scope and authority of EU data protection authorities in its recent decision...more

Foley Hoag LLP - Security, Privacy and the...

The Paris District Court Invalidates 38 Clauses of Google+ Terms of Use and Privacy Policy

Foley Hoag LLP - Security, Privacy and the... on

It has been rough weather for Google in France. Three weeks after the French ?Data Protection Authority imposed a record fine against Google for non-compliance with the GDPR, the Paris District Court (“Tribunal de Grande...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - November 2018 #3

Robinson & Cole LLP on

According to a new report by Datto, Inc. (its third annual Global State of the Channel Ransomware Report), ransomware continues to be the top cyber-attack experienced by small- and medium-sized companies. Some managed service...more

31 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide