News & Analysis as of

European Union France Personal Data

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Wilson Sonsini Goodrich & Rosati

New Enforcement Powers for the French Data Protection Authority (CNIL)

Wilson Sonsini Goodrich & Rosati on

On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents,...more

Barnea Jaffa Lande & Co.

GDPR – Company Fined for Improper Data Collection

Barnea Jaffa Lande & Co. on

The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more

Sheppard Mullin Richter & Hampton LLP

CNIL Fines Canal+ Over Marketing and Data Security Concerns

Sheppard Mullin Richter & Hampton LLP on

The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more

Latham & Watkins LLP

CNIL Fines Health Website for Unlawful Data Processing

Latham & Watkins LLP on

The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more

K&L Gates LLP

French Supervisory Authority Publishes Guidance on the Use of Website Analytics in Compliance With GDPR Requirements

K&L Gates LLP on

Following the 2020 Court of Justice of the European Union’s (CJEU) ruling invalidating the Privacy Shield (see our alert here), personal data transfers from the European Union to the United States required EU companies to...more

White & Case LLP

France: The new whistleblower

White & Case LLP on

Adoption of a new law improving the protection of whistleblowers in companies with more than 50 employees. The law implements an EU directive and goes beyond the European requirements. A whistleblower remains a "natural...more

Hogan Lovells

French DPA opened public consultation on standards for Early Access and Compassionate Access

Hogan Lovells on

The healthcare sector is a current focus of the French data protection authority (CNIL) which just published two draft standards regarding processing of personal data in the context of Early Access and Compassionate Access....more

Dechert LLP

Dechert Cyber Bits - Issue 6

Dechert LLP on

On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their own purposes (the “Guidance”)....more

Dechert LLP

French DPA Sets Conditions for Processors' Reuse of Personal Data Processed on Behalf of Controllers

Dechert LLP on

On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their purposes (“Guidance”). This the most recent guidance of a major EU regulator on a...more

McDermott Will & Emery

CNIL Issues Provisional Recommendations for Remote Quality Control of Clinical Trials During the Health Crisis

McDermott Will & Emery on

Given the challenges of conducting clinical trials during the COVID-19 pandemic, many countries — including France — have allowed for some use of remote quality controls. In response to guidelines issued recently by European...more

Epiq

Comply or Get Fined: 2020 GDPR Fines are the Highest on Record

Epiq on

The European Union’s (EU) General Data Protection Regulation (GDPR) has been in effect since May 2018. The law’s goal of protecting EU citizens’ personal information and privacy seems to be coming into fruition. In the past,...more

Hogan Lovells

French Court refuses to suspend Microsoft’s hosting of a public health data lake despite CNIL opinion (the Health Data Hub case –...

Hogan Lovells on

On October 14, 2020, the French Administrative Supreme Court (Conseil d’Etat) published its decision in a lawsuit requesting that the French health data platform (Health Data Hub) be suspended for breach of the GDPR in light...more

McDermott Will & Emery

Transfers of Health Data from France to the United States Not Prohibited... but Must be Protected by Strong Safeguards

McDermott Will & Emery on

On October 9, 2020, there were media reports that the French Data Protection Authority (CNIL) had expressed concerns regarding the hosting by Microsoft (EU) of the French centralized public health database (the Health Data...more

Latham & Watkins LLP

French Data Protection Authority Hands Down First Sanction as Lead Authority

Latham & Watkins LLP on

The CNIL has imposed a €250,000 fine on an online retailer for GDPR infringements in cooperation with other EU supervisory authorities. Founded in 2006 and headquartered in France, Spartoo SAS (Spartoo) is one of the...more

Cohen & Gresser LLP

Navigating the Atlantic with Personal Data

Cohen & Gresser LLP on

Executive summary - In a repeat move echoing the previous invalidation of the “Safe Harbor”, on 16th July 2020 the Court of Justice of the European Union (“CJEU”) invalidated the “Privacy Shield”, which had allowed the...more

Latham & Watkins LLP

French State Council Upholds CNIL’s €50M Fine for GDPR Violations

Latham & Watkins LLP on

The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. On 19 June 2020, France’s Highest Administrative...more

Orrick, Herrington & Sutcliffe LLP

Highest Administrative Court in France Upholds Google’s €50 Million Fine

Orrick, Herrington & Sutcliffe LLP on

On January 21, 2019, the CNIL (the French data protection authority) issued a fine of €50 million to Google under the General Data Protection Regulation (the “GDPR”) for its failure to (1) provide notice in an easily...more

Orrick, Herrington & Sutcliffe LLP

French Court Annuls Parts of the CNIL’s Cookie Guidelines

Orrick, Herrington & Sutcliffe LLP on

On June 19, 2020, the Conseil d’Etat, the highest administrative court in France, annulled in part the cookie guidelines issued by the CNIL (the French data protection authority). The court ruled that the CNIL did not have...more

Hogan Lovells

Facial Recognition Challenged by French Administrative Court

Hogan Lovells on

In a decision (French only) dated 27 February 2020, the French Administrative Court of Marseille invalidated the deliberation of the Provence-Alpes-Côte d’Azur Regional Council which allowed to set up...more

Morgan Lewis

COVID-19 in France: Personal Data Protection in the Workplace

Morgan Lewis on

As prevention measures against the coronavirus (COVID-19) pandemic bump into the principles and guidelines of the EU General Data Protection Regulations (GDPR), the French Data Protection Authority has reinforced essential...more

BCLP

5 Recommendations for French HR on How to Process Personal Data Collected During COVID-19

BCLP on

As the coronavirus has spread worldwide to reach pandemic level, employers are putting into place measures group-wide to limit risks of contagion within the work place. Some of these measures have led companies to question...more

Orrick, Herrington & Sutcliffe LLP

Guidance from E.U. Supervisory Authorities on Data Processing in a Time of COVID-19

Orrick, Herrington & Sutcliffe LLP on

The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more

Morgan Lewis

Coronavirus v. GDPR: Suspending Data Privacy Protection During Civil Crisis - The eData Guide To GDPR

Morgan Lewis on

The EU General Data Protection Regulation allows the temporary suspension of some data-protection rights in times of crisis, such as the outbreak of the 2019 Novel Coronavirus. This installment of The eData Guide to GDPR...more

Hogan Lovells

Whistleblowing Schemes: New Guidelines Issued by the CNIL

Hogan Lovells on

The French Data Protection Authority (CNIL) published new Guidelines (French only) on December 10, 2019 applicable to whistleblowing schemes, following a public consultation process. The Guidelines replace the former Single...more

44 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide