Laurie-Anne Ancenys on CNIL

CNIL requests public comments on draft recommendations on the use of tracking pixels in emails

On June 12 2025, the French supervisory authority (CNIL) requested public comments on the draft recommendations on the use of tracking pixels in emails (Draft Recommendations)....more

7/2/2025 / CNIL , Consent , Data Privacy , Data Protection , France , Proposed Rules , Regulatory Requirements

CNIL launches public consultation on draft recommendations relating to multi-terminal consent

On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more

5/12/2025 / CNIL , Consent , Cookies , Data Collection , Data Privacy , Data Protection , France , Mobile Apps , New Regulations , Privacy Laws , Regulatory Requirements , Technology Sector , Tracking Systems

CNIL publishes Data Transfer Impact Assessment guide

On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more

2/17/2025 / CNIL , Data Privacy , Data Protection , EU , France , General Data Protection Regulation (GDPR) , International Data Transfers , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Risk Management

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

9/15/2023 / CNIL , Cybersecurity , Data Breach , Data Privacy , Data Processors , Data Protection , Data Protection Authority , Data Security , France , General Data Protection Regulation (GDPR) , Risk Management

New French law will require reporting of cybersecurity incidents within 72 hours to benefit from insurance coverage

On 25 January 2023, France’s Orientation and Programming Law of the Ministry of the Interior (LOPMI) was published in the Official Journal. LOPMI amends various legislative acts, including the French Insurance Code....more

3/31/2023 / CNIL , Data Breach , Data Protection , France , Insurance Industry

CNIL concludes that data transfers to the US through the use of Google Analytics violate GDPR

On 10 February 2022, the French supervisory data protection authority (CNIL) announced that it issued a formal notice to a website operator to bring its data processing in relation to audience measurement and analysis in...more

2/15/2022 / CNIL , France , General Data Protection Regulation (GDPR) , Google , International Data Transfers

Schrems II: French Conseil d’Etat provides insight into sufficient safeguards for EU personal data accessed from the US

On 12 March 2021, the Conseil d’Etat, the highest administrative court of France, issued a decision that might have significant impact on personal data transfers to third countries in the aftermath of the Schrems II decision...more

3/29/2021 / CNIL , Cybersecurity , Data Protection , EU , International Data Transfers , Personal Data , Schrems I & Schrems II

France – CNIL releases guidance on data protection aspects of chatbots

On 19 February 2021, CNIL released guidance on the use of chatbots in compliance with data protection law (the Guidelines). The CNIL notes that in order to operate the chatbots, controllers will often need to process personal...more

3/2/2021 / CNIL , Cybersecurity , Data Protection , Data Protection Impact Assessments (DPIAs) , Data Retention , France , General Data Protection Regulation (GDPR) , Personal Data

Laurie-Anne Ancenys

A&O Shearman

Popular Topics by This Author

Latest Posts › CNIL