News & Analysis as of

General Data Protection Regulation (GDPR) Data Protection CNIL

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
BCLP

EMEA - Data Privacy, Digital and AI Round Up - July 2025

BCLP on

As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to...more

Skadden, Arps, Slate, Meagher & Flom LLP

CNIL Clarifies GDPR Basis for AI Training – But It’s Just One Part of the Compliance Picture

Skadden, Arps, Slate, Meagher & Flom LLP on

Key Points - - The French CNIL’s recent guidance regarding the application of legitimate interest as a legal basis in AI training is welcome, but several other AI regulatory issues remain unresolved. - Issues such as...more

King & Spalding

New Security Measures for Large Databases: When a DPA’s Directives Set Standards

King & Spalding on

In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more

Hogan Lovells

Connected vehicles: CNIL’s consultation promotes driver’s consent over fraud and car theft

Hogan Lovells on

The French Data Protection Authority launches a public consultation on location data of connected vehicles, until May 20, 2025. This work will shape future regulations regarding the use of location data and its impact on...more

Hogan Lovells

Overview of the CNIL’s enforcement actions in 2024: the simplified procedure generates an increase in sanctions

Hogan Lovells on

In 2024, the CNIL stepped up its enforcement action, issuing 87 sanctions, 180 compliance orders and 64 reprimands. However, only 12 decisions were made public, thus complicating the exercise of making the regulator’s...more

Hogan Lovells

New CNIL’s guidelines on AI models: a practical approach amidst EU’s regulatory tangles

Hogan Lovells on

Finding a European consensus around the regulation of artificial intelligence (AI) does not start with the adoption of laws. It results from their common interpretation and articulation within a broader digital regulatory...more

BCLP

Mobile Apps: What Does the CNIL Recommend From a Privacy Perspective?

BCLP on

While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more

A&O Shearman

CNIL publishes Data Transfer Impact Assessment guide

A&O Shearman on

On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more

BCLP

CNIL Strategic Plan 2025

BCLP on

The CNIL has published its strategic plan for the period of 2025-2028. This is typical of the CNIL, who regularly inform its stakeholders of its priorities....more

Fox Rothschild LLP

Do App Permissions Satisfy Requirements for Valid Consent for the Purpose of GDPR?

Fox Rothschild LLP on

App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more

Hogan Lovells

CNIL 2025-2028 strategic plan: AI, Minors, Mobile Apps & Cybersecurity

Hogan Lovells on

Anticipating enforcement priorities of regulators may partly rely on their long-term trajectory and domestic dynamics, which differ from a country to another. This action plan reflects CNIL’s ambition (i) to be appointed by...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

BCLP

AI Surveillance and Data Privacy at the Games

BCLP on

As the Paris 2024 Summer Olympic and Paralympic Games (the “Games”) turn onto the final straight, the Games have yet again captured widespread global attention, on and off the track. With over 15.3 million visitors in Paris...more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

BCLP

AI Developers - Make Sure You Are Compliant With the GDPR!

BCLP on

The CNIL’s newly released recommendations for AI system developers set out the regulator’s expectations for the entire development process of an AI system, from design to database creation and integration, ensuring...more

BCLP

CNIL's Strategic Focus Areas for Data Protection in 2024 The Summer Olympics and Beyond

BCLP on

Each year, the CNIL selects key areas of high interest to concentrate its investigations and assess the compliance of select commercial sectors. On February 8, The CNIL announced its four main areas of focus for...more

BCLP

Employee Monitoring: Lessons from CNIL’s EUR 32M Fine Against Amazon France Logistique

BCLP on

Following the publication of several press articles and employee complaints, the French data protection regulator (“CNIL”) carried out an investigation at the Amazon France Logistique’s (“Amazon”) warehouses. The CNIL's...more

Hogan Lovells

Transfer Impact Assessments: the CNIL is seeking public input on TIA guide

Hogan Lovells on

On January 8, 2024, the CNIL launched a public consultation on a draft guide (Draft Guide) covering Transfer Impact Assessments (TIA). Under GDPR, as interpreted by the Court of Justice of the European Union (CJEU) and...more

Sheppard Mullin Richter & Hampton LLP

CNIL Fines Canal+ Over Marketing and Data Security Concerns

Sheppard Mullin Richter & Hampton LLP on

The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more

Skadden, Arps, Slate, Meagher & Flom LLP

AI Insights: Public Consultation Period Closes for French CNIL Guidance on GDPR-Compliant Development of AI Systems

Skadden, Arps, Slate, Meagher & Flom LLP on

On 16 October 2023, France’s Data Protection Authority, the National Commission on Informatics and Liberty (CNIL), issued a set of guidelines for complying with the EU General Data Protection Regulation (GDPR) when...more

Ius Laboris

SAF Logistics fined for mishandling employee data

Ius Laboris on

French authorities have fined an air freight company for a string of employee data violations, and for its failure to fully cooperate with their investigation....more

Hogan Lovells

CNIL confirms the compatibility of AI with the GDPR

Hogan Lovells on

On October 12, 2023, the CNIL released its first guidance on how to comply with the General Data Protection Regulation (GDPR) when developing and using artificial intelligence (AI) using personal data or impacting...more

A&O Shearman

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

A&O Shearman on

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

Hogan Lovells

Member of French Parliament lodges first request for annulment of EU-US Data Privacy Framework

Hogan Lovells on

P. Latombe, who is not only a Member of the French Parliament, but also seated at the French Data Protection Authority (CNIL)'s Commission, lodged a request for annulment of the DPF on 6 September 2023 before the Court of...more

Hogan Lovells

French CNIL released an action plan for AI focusing on generative AI systems

Hogan Lovells on

A few days after the European Parliament adoption of a compromise position on the Artificial Intelligence Act (the “AI Act”), the French Data Protection Authority (the “CNIL”) published, on 16 May 2023, a detailed 4-step...more

138 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide