UPDATE ON GOOGLE ANALYTICS IN FRANCE
1. Formal notice issued by CNIL
The French data protection authority (CNIL) issued a Lire la suite
Consequences of Brexit on data protection
Regime of data transfers to the United Kingdom
As part of the Trade and Cooperation Agreement concluded on 24 December 2020, the United Kingdom and the European Union have agreed that the General Data Protection Regulation (GDPR) will continue to apply in the United Kingdom on a ...Lire la suite
‘Cookie walls’: The French administrative supreme court partly quashes the CNIL’s guidance
Following a claim brought by professional associations from the media, communications and digital marketing sectors, the Conseil d’Etat has Lire la suite
A record-€50 millions fine for GOOGLE by the CNIL – The French Privacy Protection Authority
On January 21st, the CNIL sanctioned Google with a €50 million fine pursuant to the GDPR for lack of transparency, ...Lire la suite
Transposition of the new GDPR provisions – Publication of Decree n° 2018-687
Following the adoption of GDPR, France started to transpose this new European regulatory framework regarding data protection within its legal system. ...Lire la suite
Sapin II law: What are the new obligations for companies?
The law n°2016-1691of 9 December 2016 targeting transparency, anti-bribery and the modernization of the economic life, known as "Loi Sapin II" imposes new ...Lire la suite
Connected vehicles and personal data
The development of connected vehicles has raised many concerns from drivers concerning the protection of their personnel data.
With regard to the risk of the violation of the regulation applicable to the personal data by these new technological tools (sensors, ...Lire la suite
ECHR sets out the circumstances under which employees messages can be monitored
In its decision dated 5 September 2017, the Grand Chamber of the European Court of Human Rights (ECHR) sets out the circumstances under which employers can monitor their employees’ personal electronic communications at their workplace. It also states under which circumstances employers can ...Lire la suite
In light of the Equifax and CareFirst data hacking...
In light of the Equifax and CareFirst data hacking cases in the United States, Anne-Solène Gay was interviewed by Le Figaro on the French legal framework regarding class actions concerning personal data.
Article in Le Figaro.fr tech & web ...Lire la suite
G29: new opinion on data processing at work
The Opinion n°2/2017 (WP 249) adopted by the G29 on 8 June 2017 aims at evaluating the risks resulting from the use of new technologies at work especially in terms of respect of employees’ privacy. ...Lire la suite
The European Commission has published its proposal to reform the e-privacy directive
The 10 January 2017, the European Commission announced its draft regulation on privacy aims to reforming the Lire la suite
Open data in the health domain
To improve research and innovation in the health domain, the law n°2016-41 dated 26 January 2016 for the modernization of our health system created the national health ...Lire la suite
Personal data: class actions are now possible
The law n°2016-1547 dated 18 November 2016 for the modernization of the justice of the XXIst century has extended the right to class action in many areas and notably regarding personal ...Lire la suite
The French Supreme Court dispels any doubt: an IP address is personal data
In its decision dated 3 November 2016, the French Supreme court brings to an end many years of uncertainty by explicitly ...Lire la suite
Privacy Shield: a threatened future
On July 12th 2016, the European Commission issued an adequacy decision according to which it recognizes that the Privacy Shield provides a level of protection ...Lire la suite
Brexit: possible consequences on data protection
On June 24th 2016, the United Kingdom voted its withdrawal from the European Union (EU).
Under article 50 of the Lisbon Treaty, the United Kingdom (UK) will have to serve notice of intention to exit the EU to the European Commission. The UK will then have a two year period to negotiate ...Lire la suite
The new Regulation on the protection of data privacy will enter into force on May 25th, 2018
The Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data which was adopted by the European Parliament on ...Lire la suite
Privacy Shield: promises of a better protection of personal data
Since the Court of Justice of the European Union declared on October 6, 2015 that the "Safe Harbor" was invalid, a new framework for transatlantic data flows has been expected in ...Lire la suite
The Constitutional Council approves the core of the Intelligence Act
Referred to the Constitutional Council by the President of the Republic, the President of the Senate and more than 60 deputies, the Intelligence Act has now completed the legislative process. The Constitutional Council has approved the major part pf the law by its Lire la suite
New CNIL “Data protection governance” Label
By deliberation n°2014-500 dated December 11th 2014 on the adoption of a frame of reference regarding the grant of a label regarding procedures of data ...Lire la suite
