Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
On 12 June 2025, the French data protection authority (CNIL) launched a public consultation on a draft recommendation regarding the use of tracking pixels in emails. This recommendation roughly assimilates pixels and any...more
Finding a European consensus around the regulation of artificial intelligence (AI) does not start with the adoption of laws. It results from their common interpretation and articulation within a broader digital regulatory...more
On January 31, 2025, the French supervisory authority (CNIL) published the final version of its guide on transfer impact assessments (TIA). A TIA must be undertaken by organisations relying on one of the ‘appropriate...more
The CNIL has published its strategic plan for the period of 2025-2028. This is typical of the CNIL, who regularly inform its stakeholders of its priorities....more
App permissions do not satisfy the requirements for valid consent for the purpose of GDPR because they lack sufficient detail and granularity, according to the Commission Nationale de l’Informatique et des Libertés (CNIL)....more
The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more
On 16 October 2023, France’s Data Protection Authority, the National Commission on Informatics and Liberty (CNIL), issued a set of guidelines for complying with the EU General Data Protection Regulation (GDPR) when...more
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
On March 16, 2023, the French Data Protection Agency (the “CNIL”) imposed a fine of € 25,000 on the company CITYSCOOT in connection with a finding that CITYSCOOT failed to comply with the obligation to ensure data...more
The French Data Protection Authority capped off 2022 by terminating an investigation into Lusha Systems, Inc.’s compliance with GDPR. CNIL concluded that the law did not apply to the US company’s activities...more
Last month, the European Center for Digital Rights (more commonly known as None of Your Business or “noyb”) launched a new campaign against the use of allegedly unlawful cookie banners by sending nearly 600 draft complaints...more
The European Court of Justice recently limited the “right to be forgotten” in a landmark decision for online privacy law. The decision arises from a dispute between Commission nationale de l'informatique et des libertés...more
French Data Protection Authority Issues Guidelines on Cookie Use - CNIL, France’s data protection authority, has released new rulesfor obtaining consumer consent under the GDPR for companies using cookies and other tracking...more
On July 18, 2019, the French Data Protection Authority (CNIL) issued new guidance on the use of cookies and similar tracking technologies (collectively referred to as “cookies” below). The guidance clarifies the instances in...more
Data protection authorities in the UK and France have released updated guidance for website operators that use cookies on their websites. This new guidance may mandate changes to existing cookie banners and provides further...more
One key aspect of the EU’s General Data Protection Regulation (GDPR) is its aim of streamlining the regulatory process by providing “one-stop shopping”: the opportunity to deal with a single regulator with respect to all data...more
Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t...more
On May 25, 2015, the French data protection authority (CNIL) published its annual inspection program for 2015, unveiling its objectives and priorities for the year. This alert highlights the main priorities of the CNIL for...more