News & Analysis as of

General Data Protection Regulation (GDPR) CNIL Enforcement Actions

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Hogan Lovells

Overview of the CNIL’s enforcement actions in 2024: the simplified procedure generates an increase in sanctions

Hogan Lovells on

In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Goodwin

Navigating New CNIL Sanctions: What You Need to Know

Goodwin on

The Commission Nationale de l’Informatique et des Libertés (CNIL) is an independent French administrative regulatory body whose mission is to ensure that the collection, storage, and use of personal data comply with data...more

Barnea Jaffa Lande & Co.

GDPR – Company Fined for Improper Data Collection

Barnea Jaffa Lande & Co. on

The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more

BCLP

Employee Monitoring: Lessons from CNIL’s EUR 32M Fine Against Amazon France Logistique

BCLP on

Following the publication of several press articles and employee complaints, the French data protection regulator (“CNIL”) carried out an investigation at the Amazon France Logistique’s (“Amazon”) warehouses. The CNIL's...more

Latham & Watkins LLP

CNIL Fines Health Website for Unlawful Data Processing

Latham & Watkins LLP on

The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more

McDermott Will & Schulte

European Regulators Provide Some Key Clarifications on Cookie Banners

McDermott Will & Schulte on

The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more

Orrick, Herrington & Sutcliffe LLP

French Data Protection Authority Fines Processor for Failing to Enter into Data Processing Agreement

Orrick, Herrington & Sutcliffe LLP on

France’s data protection authority, the Commission Nationale de Informatique et des Libertés (“CNIL”), has issued one of its highest General Data Protection Regulation (“GDPR”) sanctions to-date against Dedalus Biologie SAS...more

ArentFox Schiff

Privacy Update: Best Practices for the Virginia Consumer Data Protection Act

ArentFox Schiff on

Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more

Orrick, Herrington & Sutcliffe LLP

Whether You Like it or Not, Cookies are Back on the Menu and UK and EU Data Protection Authorities are Taking Enforcement Action

Orrick, Herrington & Sutcliffe LLP on

The French data protection authority, La Commission nationale de l’informatique et des libertés ("CNIL"), one of Europe's ("EU") most active data protection regulators, has continued to focus on the lawfulness of the use of...more

BakerHostetler

International Data Protection Update – First Quarter 2021

BakerHostetler on

This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more

Epiq

Comply or Get Fined: 2020 GDPR Fines are the Highest on Record

Epiq on

The European Union’s (EU) General Data Protection Regulation (GDPR) has been in effect since May 2018. The law’s goal of protecting EU citizens’ personal information and privacy seems to be coming into fruition. In the past,...more

Herbert Smith Freehills Kramer

ICO and CNIL Levy Landmark Fines Against British Airways and Marriott for 2018 Data Breaches

Herbert Smith Freehills Kramer on

On Oct. 30, 2020, the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), in connection with France’s Commission nationale de l’informatique et des libertés (CNIL), announced the largest...more

Hogan Lovells

French Court refuses to suspend Microsoft’s hosting of a public health data lake despite CNIL opinion (the Health Data Hub case –...

Hogan Lovells on

On October 14, 2020, the French Administrative Supreme Court (Conseil d’Etat) published its decision in a lawsuit requesting that the French health data platform (Health Data Hub) be suspended for breach of the GDPR in light...more

Carlton Fields

EU Data Protection Authority Levies Its First Fine for Violations of the GDPR

Carlton Fields on

The French Data Protection Authority, CNIL, has levied its first fine for enforcement of the General Data Protection Regulation (GDPR). The enforcement target, Spartoo, is a French online shoe retailer that makes its website...more

Latham & Watkins LLP

French Data Protection Authority Hands Down First Sanction as Lead Authority

Latham & Watkins LLP on

The CNIL has imposed a €250,000 fine on an online retailer for GDPR infringements in cooperation with other EU supervisory authorities. Founded in 2006 and headquartered in France, Spartoo SAS (Spartoo) is one of the...more

Latham & Watkins LLP

French State Council Upholds CNIL’s €50M Fine for GDPR Violations

Latham & Watkins LLP on

The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. On 19 June 2020, France’s Highest Administrative...more

Orrick, Herrington & Sutcliffe LLP

Highest Administrative Court in France Upholds Google’s €50 Million Fine

Orrick, Herrington & Sutcliffe LLP on

On January 21, 2019, the CNIL (the French data protection authority) issued a fine of €50 million to Google under the General Data Protection Regulation (the “GDPR”) for its failure to (1) provide notice in an easily...more

Latham & Watkins LLP

How Are European Supervisory Authorities Exercising Cooperation and Consistency In Practice?

Latham & Watkins LLP on

Recent action by the Hamburg authority may present implications for companies regulated by a lead data protection supervisory authority in Europe. A German supervisory authority has initiated an investigation into Google’s...more

Latham & Watkins LLP

High GDPR Fines: German Data Protection Authority Joins the Club

Latham & Watkins LLP on

Following in the footsteps of the CNIL and the ICO, the Berlin DPA will impose a multimillion-euro fine for breach of the GDPR. The Berlin Data Protection Authority (Berlin DPA) recently announced that it will issue a...more

BCLP

GDPR: new CNIL fine of 180,000 euros for a car insurance company

BCLP on

The French CNIL imposed a new sanction of €180,000 last July 18th, 2019 to a French insurance company that provides car insurance to individuals (Active Assurances) which failed to adequately protect the personal data of...more

Herbert Smith Freehills Kramer

Deuxième sanction de la CNIL : il est impératif de protéger les données de vos clients

Herbert Smith Freehills Kramer on

Le 28 mai 2019, la Commission nationale de l'informatique et des libertés (« CNIL ») a prononcé une amende de 400.000 euros à l’encontre de la société Sergic, une société de gestion immobilière, pour manquement à l’obligation...more

BCLP

France’s first GDPR fine costs real estate company Euros 400k

BCLP on

The French CNIL imposed a €400,000 fine on a company specialized in real estate development, purchase, sale, rental and property management, for failing to adequately protect the data of users of its website and for...more

Hogan Lovells

GDPR – The Year in Review

Hogan Lovells on

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared a compilation of key GDPR-related developments of the past 12 months. The compilation...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

A GDPR Update for Employers, Part IV: Implementing Lessons Learned From GDPR Complaints and Enforcement Actions

Ogletree, Deakins, Nash, Smoak & Stewart,... on

Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the...more

36 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide