News & Analysis as of

General Data Protection Regulation (GDPR) CNIL Personal Data

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Hogan Lovells

Development of an AI system: CNIL issues guidelines regarding collection of data via web scraping

Hogan Lovells on

On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on the legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more

Hogan Lovells

Overview of the CNIL’s enforcement actions in 2024: the simplified procedure generates an increase in sanctions

Hogan Lovells on

In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more

BCLP

Mobile Apps: What Does the CNIL Recommend From a Privacy Perspective?

BCLP on

While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more

BCLP

CNIL Strategic Plan 2025

BCLP on

The CNIL has published its strategic plan for the period of 2025-2028. This is typical of the CNIL, who regularly inform its stakeholders of its priorities....more

Fox Rothschild LLP

Do App Permissions Satisfy Requirements for Valid Consent for the Purpose of GDPR?

Fox Rothschild LLP on

App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Goodwin

Navigating New CNIL Sanctions: What You Need to Know

Goodwin on

The Commission Nationale de l’Informatique et des Libertés (CNIL) is an independent French administrative regulatory body whose mission is to ensure that the collection, storage, and use of personal data comply with data...more

BCLP

Analysing the CNIL’s Latest Recommendations for AI Systems

BCLP on

Following the very recent adoption of the EU Regulation on AI (the AI Regulation) the CNIL (the French data regulator) has issued the second in its series of recommendations for the development of privacy-friendly AI models....more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

Barnea Jaffa Lande & Co.

GDPR – Company Fined for Improper Data Collection

Barnea Jaffa Lande & Co. on

The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more

Sheppard Mullin Richter & Hampton LLP

CNIL Fines Canal+ Over Marketing and Data Security Concerns

Sheppard Mullin Richter & Hampton LLP on

The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more

Skadden, Arps, Slate, Meagher & Flom LLP

AI Insights: Public Consultation Period Closes for French CNIL Guidance on GDPR-Compliant Development of AI Systems

Skadden, Arps, Slate, Meagher & Flom LLP on

On 16 October 2023, France’s Data Protection Authority, the National Commission on Informatics and Liberty (CNIL), issued a set of guidelines for complying with the EU General Data Protection Regulation (GDPR) when...more

Latham & Watkins LLP

CNIL Fines Health Website for Unlawful Data Processing

Latham & Watkins LLP on

The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more

Orrick, Herrington & Sutcliffe LLP

France fines facial recognition company additional €5.2 million for noncompliance

Orrick, Herrington & Sutcliffe LLP on

On May 10, the French data protection agency, Commission Nationale de l’Informatique et des Libertés (CNIL), fined a facial recognition company an overdue penalty payment in the amount of €5.2 million for failing to comply...more

Orrick, Herrington & Sutcliffe LLP

French and Italian Data Protection Authorities Take Issue with Google Analytics: Analysis and Key Takeaways

Orrick, Herrington & Sutcliffe LLP on

Google Analytics remains a hot topic for businesses and apparently also for data protection authorities (DPAs). With the advent of these new decisions and the new CNIL guidance, businesses have an even harder time justifying...more

Hogan Lovells

Reform of the procedure before the French Data Protection Authority

Hogan Lovells on

On 24 January and 8 April 2022, the procedure before the French Data Protection Authority (CNIL) was reformed with the aim notably to better respond to the growing number of complaints that the CNIL receives each year...more

K&L Gates LLP

The Importance of Managing DSARs

K&L Gates LLP on

Individuals having difficulties in obtaining responses to their personal data subject access requests (DSAR) from French telephone operator Free Mobile filed several complaints before the French data protection authority...more

Hogan Lovells

French Data Protection Authority publishes Q&A regarding use of Google Analytics

Hogan Lovells on

The French Data Protection Authority (CNIL) has released a Q&A providing its position, possible alternative solutions as well as guidance on using a compliant audience measurement solution. It follows a set of formal notices...more

ArentFox Schiff

Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act

ArentFox Schiff on

Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act - With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more

Stikeman Elliott LLP

Transferring Data from the EU: What to Take Away from the Recent Google Analytics GDPR Rulings

Stikeman Elliott LLP on

Companies using Google Analytics (“Analytics”) or similar platforms may be interested in recent rulings of several European data protection authorities that found Analytics data transfers to the U.S. to be non-compliant with...more

Hogan Lovells

French DPA opened public consultation on standards for Early Access and Compassionate Access

Hogan Lovells on

The healthcare sector is a current focus of the French data protection authority (CNIL) which just published two draft standards regarding processing of personal data in the context of Early Access and Compassionate Access....more

Davis Wright Tremaine LLP

Growing Trouble for EU-U.S. Data Transfers Through Google Analytics

Davis Wright Tremaine LLP on

France's data protection authority (DPA), Commission Nationale de l'Informatique et des Libertés (CNIL), announced its ruling on February 10, 2022, that the use of Google Analytics by companies in the EU violates Article 44...more

Cooley LLP

France Issues Processor Guidelines on “Reusing Personal Data to Improve or Develop Services or Products”

Cooley LLP on

On January 12, 2022, the French Data Protection Authority (CNIL) issued guidance (available in French only) that sets out the conditions for processors to reuse the personal data entrusted by controllers for their own...more

K&L Gates LLP

GDPR, Cookies, and the Ever-Filling Jar of European Data Protection

K&L Gates LLP on

European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more

Faegre Drinker Biddle & Reath LLP

The EU’s Collective Redress Directive — An Analysis of the Interplay with EU General Data Protection (GDPR)

Faegre Drinker Biddle & Reath LLP on

In this fourth alert in our series regarding the European Parliament’s formal endorsement of a new collective actions legislation titled the Directive of the European Parliament and of the Council on Representative Actions...more

84 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide