Strategic Lawering Paris Lyon Bruxelles

Articles from Laure Marolleau

Published at 28 May 2019
Author : Laure Marolleau
Category : Personal Data
E-newsletter: May 2019
On April 15, the Commission Nationale de l'Informatique et des Libertés (French Data Protection authority, hereinafter the “CNIL”) presented its 2018 activity report, i.e. the assessment that it draws from its activities during the year 2018 which has been marked by the application of the General Data Protection Regulation and the new French Data Protection Act. From the CNIL's assessment and the decisions it took in 2018, we can learn lessons to prevent the risks incurred when processing personal data.
Read more
Published at 27 February 2019
Author : Laure Marolleau
Category : Personal Data
E-newsletter: February 2019
On January 21, 2019, the Commission nationale de l’informatique et des libertés (French Data Protection Authority) fined Google LLC 50 million euros under EU Regulation known as the General Data Protection Regulation (“GDPR”) for lack of transparency, inadequate information and lack of valid consent as regards personalized advertisements. This is the largest fine imposed in relation to the GDPR, the key text in the field of data protection, that came into force on May 25, 2018.
Read more
Published at 30 November 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: November 2018
The blockchain is a technology a personal data processing can rely on. Its very specific characteristics raise difficulties for the implementation of the obligations imposed by the General Data Protection Regulation (GDPR). On September 24, 2018, the CNIL (The French Data Protection Authority) issued its first analysis and recommendations for those who wish to use the blockchain when they process personal data.
Read more
Published at 30 August 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: August 2018
250,000 euros. This is the amount of the fine imposed by the Commission Nationale de l’Informatique et des Libertés (French Data Protection Authority or “CNIL”) on Optical Center, a French company specialized in optics, for having failed to properly secure its website www.optical-center.fr. This is the first time that the CNIL imposes such a heavy fine. And this is not under the General Data Protection Regulation (“GDPR”) which provides that companies may be fined up to 20 million euros and 4% of their turnover.
Read more
Published at 29 June 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: June 2018
Law n°2018-493 of June 20, 2018 on the protection of personal data was promulgated on June 20, 2018 and published in the Official Journal on June 21, 2018. The purpose of this new Law is to adapt Law n° 78-17 of January 6, 1978 on information technology, data files and liberties to UE law following the General Data Protection Regulation that entered into force on May 25, 2018 (a Regulation is binding in its entirety and directly applicable in all EU Member States) and Directive 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties (a Directive is binding on Member States as to the result to be achieved but leaves them the choice of the form and method) that ought to be transposed into domestic law by May 6, 2018.
Read more
Published at 30 March 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: March 2018
The EU General Data Protection Regulation will take effect on May 25, 2018. Companies must take steps to ensure an enhanced protection of personal data, failing which they will face heavy fines of up to 4% of their annual turnover. The GDPR – that includes 99 articles and 173 recitals – combines both legal and technical provisions that promote an accountability approach. What are the key practical implications for businesses?
Read more
Published at 30 January 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: January 2018
In a deliberation dated January 8; 2018, the Commission Nationale de l'Informatique et des Libertés (French Data Protection Authority or “CNIL”) imposed a 100,000 euros fine on Darty (a leader in the retail of entertainment and leisure products, consumer electronics and household appliances) for not having sufficiently secured the data of its customers who had made online requests for after-sale services. The sanction imposed by the CNIL serves as a warning to companies which must comply with the General Data Protection Regulation that will enter into force on May 25, 2018.
Read more
Published at 26 December 2016
Author : Laure Marolleau
E-newsletter: December 2016
Can legal privilege under US law prevent the enforcement of a preparatory inquiry in futurum (literally for the future) ordered in France? Under French law, preparatory inquiries in futurum are designed to establish or preserve evidence, most of the time in connection with a future trial. Their implementation may be hindered by several barriers, including business secrecy, professional secrecy, employees’ right to privacy, or else the interference with the specific procedure called saisie-contrefaçon (i.e. search and seizure to document and establish infringements of IP rights). In a decision issued on November 3, 2016, the Cour de Cassation (French Supreme Court) ruled on the tricky issue of how to accommodate the protection of professional secrecy and the right to evidence in an international context.
Read more
Published at 28 June 2016
Author : Laure Marolleau
Category : Personal Data
E-newsletter: June 2016
The very much expected Regulation n°2016/679 of the European parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also known as “General Data Protection Regulation” or “GDPR”) has just been published on the Official Journal of the European Union (OJ, L 119, May 4, 2016). Based on a proposal from the European Commission of January 25, 2012, this Regulation jointly adopted by the European Parliament and the Council repeals Directive 95/46/EC and provides for a general and unique framework for the data protection in Europe. In this article (Part II; Part I published last month), we propose to identify the most important innovations in this Regulation.
Read more
Published at 30 May 2016
Author : Laure Marolleau
Category : Personal Data
E-newsletter: May 2016
The very much expected Regulation n°2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also known as “General Data Protection Regulation” or “GDPR”) has just been published on the Official Journal of the European Union (OJ, L 119, May 4, 2016). Based on a proposal from the European Commission of January 25, 2012, this Regulation jointly adopted by the European Parliament and the Council repeals Directive 95/46/EC and provides for a general and unique framework for the data protection in Europe. In this article (Part I; Part II to be published next month), we propose to identify the most important innovations in this Regulation.
Read more