Online political advertising has become central to modern electoral campaigns. However, the growing lack of transparency, particularly regarding funding, targeting, and data processing practices, raises serious concerns about...more
On June 12 2025, the French supervisory authority (CNIL) requested public comments on the draft recommendations on the use of tracking pixels in emails (Draft Recommendations)....more
On 12 June 2025, the French data protection authority (CNIL) launched a public consultation on a draft recommendation regarding the use of tracking pixels in emails. This recommendation roughly assimilates pixels and any...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
The French Data Protection Authority launches a public consultation on location data of connected vehicles, until May 20, 2025. This work will shape future regulations regarding the use of location data and its impact on...more
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
On 18 October 2023, the Commercial Division of the French Supreme Court (Court of Cassation) issued a noteworthy ruling, in which it judged its own case law on restrictive competition practices to be "complex", a source of...more
The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
The Commission Nationale de l’Informatique et des Libertés, the French Data Protection Agency, has issued a 150M Euro fine against Google and a 60M Euro fine against Facebook/Meta for cookie consent violations...more
The French Supervisory Authority has set 31 March 2021 as the end of the “reasonable period” to bring websites and mobile applications into compliance. Following the adoption and publication of its updated guidelines along...more
On 7 December 2020, the French supervisory authority CNIL (Commission nationale de l’informatique et des libertés, French data protection authority) imposed substantive fines on Amazon and Google for allegedly placing...more
The Commission nationale de l'informatique et des libertés (CNIL) is the national data protection authority in France. Recently, it announced new guidance on cookies and online trackers (Guidelines). Operators of...more
The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. On 19 June 2020, France’s Highest Administrative...more
The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more
On January 14, 2020, the French data protection authority (CNIL) launched a public consultation on its draft recommendations for the collection of consent in the context of cookies and other tracking technologies (the ‘draft...more
The French Data Protection Authority (“Commission nationale de l'informatique et des libertés” - CNIL), the independent French administrative regulatory body whose mission is to ensure that data privacy law is respected, has...more
Cookies in the spotlight in France: Actual consent – in. Continued browsing – out. The French Data Protection Authority, CNIL, repealed its 2013 guidelines on cookies consent and announced upcoming cookies guidance...more
The French Data Protection Authority (the CNIL) has made targeted online advertising a priority topic in its 2019-2020 agenda and has changed its position on cookie consent. Although the ePrivacy Regulation is still being...more
One key aspect of the EU’s General Data Protection Regulation (GDPR) is its aim of streamlining the regulatory process by providing “one-stop shopping”: the opportunity to deal with a single regulator with respect to all data...more
The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR. The recent closure of cases brought by the French Data Protection Authority (CNIL) against four...more
When you rub the magic lamp and are offered three wishes for your digital advertising program, how can you use those wishes to avoid €50,000,000 fines from the French CNIL? Transparency: You need to disclose clearly the...more
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more