The French Data Protection Authority (Commission nationale de l’informatique et des libertés or “CNIL”) receives many individual and collective complaints (La Quadrature du Net, Privacy International, NOYB) relating to online marketing. In 2018, 21% of the complaints were related to marketing in the broad sense. Meanwhile, online marketing professionals and their representatives are seeking to better understand their obligations under the General Data Protection Regulation. Pending the adoption of the forthcoming ePrivacy Regulation, the CNIL has released new guidelines.
On April 15, the Commission Nationale de l’Informatique et des Libertés (French Data Protection authority, hereinafter the “CNIL”) presented its 2018 activity report, i.e. the assessment that it draws from its activities during the year 2018 which has been marked by the application of the General Data Protection Regulation and the new French Data Protection Act.
From the CNIL’s assessment and the decisions it took in 2018, we can learn lessons to prevent the risks incurred when processing personal data.
In the wake of the lengthy judgment by which it had ordered Twitter to amend almost all the clauses contained in its contractual documentation intended for French users – which we commented in an article entitled Unfair terms and personal data: Twitter sentenced by a French court – the Paris Court of First Instance ruled […]
On January 21, 2019, the Commission nationale de l’informatique et des libertés (French Data Protection Authority) fined Google LLC 50 million euros under EU Regulation known as the General Data Protection Regulation (“GDPR”) for lack of transparency, inadequate information and lack of valid consent as regards personalized advertisements. This is the largest fine imposed in […]
The blockchain is a technology a personal data processing can rely on. Its very specific characteristics raise difficulties for the implementation of the obligations imposed by the General Data Protection Regulation (GDPR). On September 24, 2018, the CNIL (The French Data Protection Authority) issued its first analysis and recommendations for those who wish to use […]