Global Privacy & Security Compliance Law Blog

Tag Archives: CNIL

France’s Highest Administrative Court Provides Insights on Lawful Cookie Practices

Court’s decision struck down blanket prohibition on so-called “cookie walls” that prevent users from accessing a website or an application. By Myria Saarinen and Charlotte Guérin France’s Highest Administrative Court (the Conseil d’Etat) issued a decision on 19 June 2020 upholding most of the guidance on cookies and other tracking devices that the French Data … Continue Reading

French State Council Upholds CNIL’s €50M Fine for GDPR Violations

The Council decision contains useful considerations and clarifications on the “one-stop shop” mechanism, transparency obligations, and consent for targeted advertising. By Myria Saarinen and Camille Dorval On 19 June 2020, France’s Highest Administrative Court (Council) handed down its decision on the appeal filed by Google LLC (Google) against the French Data Protection Authority’s (CNIL’s) decision … Continue Reading

High GDPR Fines: German Data Protection Authority Joins the Club

Following in the footsteps of the CNIL and the ICO, the Berlin DPA will impose a multimillion-euro fine for breach of the GDPR. By Tim Wybitul, Joachim Grittmann, Ulrich Wuermeling, Wolf-Tassilo Böhm, and Isabelle Brams The Berlin Data Protection Authority (Berlin DPA) recently announced that it will issue a multimillion-euro fine for breach of the … Continue Reading

France’s CNIL Publishes New Guidance on Cookies

The guidance provides general requirements for obtaining valid consent and details conditions under which audience management cookies may be exempt. By Myria Saarinen and Camille Dorval On 4 July 2019, one day after the UK Information Commissioner’s Office (ICO) published new guidance on cookies, the French Data Protection Authority (CNIL) released its own new guidance … Continue Reading

What Companies Can Learn From CNIL’s Privacy Consent Cases on Targeted Marketing … in 60 Seconds

The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR. By Myria Saarinen and Elise Auvray Four French advertising technology companies that received a warning in 2018 from the French Data Protection Authority (CNIL) have all implemented the regulator’s required changes. The recent closure of the cases highlights … Continue Reading

CNIL Offers Guidance on Aligning Cloud Services with Data Protection Requirements

The French Data Protection Authority (CNIL) has issued a working document setting out its recommendations to companies contemplating the use of cloud computing services. This is in part the result of a public consultation carried out by the CNIL from October to December 2011. The guidance includes a checklist applicable to both private and public … Continue Reading
LexBlog