Strategic Lawering Paris Lyon Bruxelles

Personal Data

Published at 30 November 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: November 2018
The blockchain is a technology a personal data processing can rely on. Its very specific characteristics raise difficulties for the implementation of the obligations imposed by the General Data Protection Regulation (GDPR). On September 24, 2018, the CNIL (The French Data Protection Authority) issued its first analysis and recommendations for those who wish to use the blockchain when they process personal data.
Read more
Published at 28 September 2018
Author : Anaëlle Idjeri
E-newsletter: September 2018
By a judgment dated August 7, 2018, the First Instance Court of Paris ruled on the illegal nature – under French Consumer law and the French Data Protection Act of January 6, 1978 – of several clauses included in the various versions of Twitter’s Terms of Use, Confidentiality Policy and Rules. Twitter was ordered to change all of its contractual documentation intended for French users and to make the entire judgment publicly available. Professionals are now warned: French consumer law provisions must be strictly considered when drafting their general terms of use and confidentiality policies.
Read more
Published at 30 August 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: August 2018
250,000 euros. This is the amount of the fine imposed by the Commission Nationale de l’Informatique et des Libertés (French Data Protection Authority or “CNIL”) on Optical Center, a French company specialized in optics, for having failed to properly secure its website www.optical-center.fr. This is the first time that the CNIL imposes such a heavy fine. And this is not under the General Data Protection Regulation (“GDPR”) which provides that companies may be fined up to 20 million euros and 4% of their turnover.
Read more
Published at 29 June 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: June 2018
Law n°2018-493 of June 20, 2018 on the protection of personal data was promulgated on June 20, 2018 and published in the Official Journal on June 21, 2018. The purpose of this new Law is to adapt Law n° 78-17 of January 6, 1978 on information technology, data files and liberties to UE law following the General Data Protection Regulation that entered into force on May 25, 2018 (a Regulation is binding in its entirety and directly applicable in all EU Member States) and Directive 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties (a Directive is binding on Member States as to the result to be achieved but leaves them the choice of the form and method) that ought to be transposed into domestic law by May 6, 2018.
Read more
Published at 30 March 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: March 2018
The EU General Data Protection Regulation will take effect on May 25, 2018. Companies must take steps to ensure an enhanced protection of personal data, failing which they will face heavy fines of up to 4% of their annual turnover. The GDPR – that includes 99 articles and 173 recitals – combines both legal and technical provisions that promote an accountability approach. What are the key practical implications for businesses?
Read more
Published at 30 January 2018
Author : Laure Marolleau
Category : Personal Data
E-newsletter: January 2018
In a deliberation dated January 8; 2018, the Commission Nationale de l'Informatique et des Libertés (French Data Protection Authority or “CNIL”) imposed a 100,000 euros fine on Darty (a leader in the retail of entertainment and leisure products, consumer electronics and household appliances) for not having sufficiently secured the data of its customers who had made online requests for after-sale services. The sanction imposed by the CNIL serves as a warning to companies which must comply with the General Data Protection Regulation that will enter into force on May 25, 2018.
Read more
Published at 28 June 2016
Author : Laure Marolleau
Category : Personal Data
E-newsletter: June 2016
The very much expected Regulation n°2016/679 of the European parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also known as “General Data Protection Regulation” or “GDPR”) has just been published on the Official Journal of the European Union (OJ, L 119, May 4, 2016). Based on a proposal from the European Commission of January 25, 2012, this Regulation jointly adopted by the European Parliament and the Council repeals Directive 95/46/EC and provides for a general and unique framework for the data protection in Europe. In this article (Part II; Part I published last month), we propose to identify the most important innovations in this Regulation.
Read more
Published at 30 May 2016
Author : Laure Marolleau
Category : Personal Data
E-newsletter: May 2016
The very much expected Regulation n°2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also known as “General Data Protection Regulation” or “GDPR”) has just been published on the Official Journal of the European Union (OJ, L 119, May 4, 2016). Based on a proposal from the European Commission of January 25, 2012, this Regulation jointly adopted by the European Parliament and the Council repeals Directive 95/46/EC and provides for a general and unique framework for the data protection in Europe. In this article (Part I; Part II to be published next month), we propose to identify the most important innovations in this Regulation.
Read more
Published at 01 May 2014
Author :
Category : Personal Data
E-newsletter: May 2014
Through its judgment of May 13, 2014 , the Court of Justice of the European Union (“CJEU“) allows individuals to obtain directly from the operator of a search engine, such as Google, the removal, under certain conditions, of links to web pages that display personal data relating to them.
Read more
Published at 01 November 2011
Author :
Category : Personal Data
E-newsletter: November 2011
Companies that comply with the legislation on the protection of personal data in relation to data processing audit procedures and privacy training may now lodge an application with the Commission Nationale de l' Informatique et des Libertés (French Data Protection Authority or hereinafter the “CNIL”) in order to obtain a privacy seal. The privacy seal granted by the CNIL will serve as a proof that the procedures implemented by these companies comply with the provisions of the Loi Informatique et Libertés (literally the Law on Information Technology, Data Files and Civil Liberties, hereinafter the “Data Protection Act”)
Read more