fbpx

Download free GDPR compliance checklist!

Tag Archives for " CNIL "

French data watchdog to start checking cookie policy compliance

France’s data protection watchdog CNIL will from 1st April begin conducting checks to ensure websites are in compliance with new guidelines on advertising trackers after the deadline it granted expired.

The new rules mean that user consent for advertising cookies must be granted by a “clear and positive act” such as clicking on an “I accept” button now ubiquitous across European websites. “Simply continuing to browse a site can no longer be considered as a valid expression of the web user’s consent,” the CNIL framework states.

Source: French data watchdog to start checking cookie policy compliance – EURACTIV.com

French data protection watchdog casts doubt on Apple’s privacy compliance

Apple has put privacy at the heart of its sales pitch to users, but an internal document from France’s data regulator suggests the iPhone maker’s own targeted advertising practices may be problematic.

According to the 13-page confidential note seen by POLITICO, France’s CNIL data protection authority cast doubt on Apple’s compliance with EU privacy rules. Last week, the country’s competition authority ruled in Apple’s favor in a case over its new anti-tracking tool.

“Apple’s advertising processing requires consent when it involves reading or writing data on the user’s device,” the CNIL wrote. “Apple’s practices suggest a lack of consent collection.”

Source: French data protection watchdog casts doubt on Apple’s privacy compliance – POLITICO

French Data Privacy Watchdog Opens Probe Into Clubhouse

France’s data privacy watchdog said Wednesday that it had opened an investigation into Clubhouse, the US audio chat app that has become a social media hit.

The inquiry will seek to determine if European data protection rules apply to the app’s parent company, Alpha Exploration, the CNIL said in a statement, adding that it could take punitive measures if Clubhouse does not respect the legislation.

The CNIL said it was unclear how Clubhouse, which appears to have “no corporate entity within the European Union”, was using members’ personal information, and how secure the data was.

Source: French Data Privacy Watchdog Opens Probe Into Clubhouse

Apple hit with personalised ads complaint in France

A group representing 2,000 French startups filed a complaint against Apple on Tuesday, accusing the US company of failing to seek permission from users for personalised advertising.

In a petition filed with the French data privacy watchdog CNIL, the France Digitale group says such advertising is activated automatically during an update of Apple iPhones and Mac computers.

Apple rejected the allegations as “patently false”, saying in a statement to AFP that “privacy is built into the ads we sell on our platform with no tracking.”

Source: Apple hit with personalised ads complaint in France

Google challenges French data watchdog’s €100 million fine in court

France’s administrative court known as the Council of State considered on Thursday an application for interim measures filed by Google LLC and Google Ireland after the French Data Protection Authority known as the CNIL fined the digital giant €100 million last December for its cookie collection policy.

In its deliberation of 7 December 2020, the French data protection authority (CNIL) accused the US giant, whose European headquarters are based in Dublin, of contravening the law on information technology, files, and freedoms.

For its part, Google has appealed to the one-stop-shop mechanism provided for in the General Data Protection Regulation (GDPR) which, in its view, requires it to report on data protection matters only to the corresponding authority in the country in which it is based, namely Ireland.

Source: Google challenges French data watchdog’s €100 million fine in court – EURACTIV.com

CNIL Calls Organizations to Audit their Sites and Apps for Cookie Compliance

French Data Protection Authority (CNIL) announced that it sent letters and emails to approximately 300 organizations, both private and public, to remind them of the new cookie law rules and the need to audit sites and apps to comply with those rules by March 31, 2021.

On October 1, 2020, the CNIL published a revised version of its guidelines on cookies and similar technologies, its final recommendations on the practical modalities for obtaining users’ consent to store or read non-essential cookies and similar technologies on their devices and a set of questions and answers regarding the Recommendations. The CNIL decided to allow for a transition period of six months to comply with the Guidelines (i.e., until March 31, 2021), and announced that it will carry out inspections to enforce the Guidelines after that transition period.

Source: CNIL Calls Organizations to Audit their Sites and Apps for Cookie Compliance

France fines Google $120M and Amazon $42M for dropping tracking cookies without consent

France’s data protection agency, the CNIL, has slapped Google and Amazon with fines for dropping tracking cookies without consent.

Google has been hit with a total of €100 million ($120 million) for dropping cookies on Google.fr and Amazon €35 million (~$42 million) for doing so on the Amazon .fr domain under the penalty notices issued on December 10.

The regulator carried out investigations of the websites over the past year and found tracking cookies were automatically dropped when a user visited the domains in breach of the country’s Data Protection Act.

Source: France fines Google $120M and Amazon $42M for dropping tracking cookies without consent

French food retail giant Carrefour fined €3m for GDPR breaches

The French multinational retailer Carrefour has been fined €3m for multiple data protection failings.

Data protection agency CNIL has fined two companies of the Carrefour Group for breaches of GDPR in several areas, including the obligation to inform individuals, use of cookies, limiting the retention of data, the obligation to facilitate the exercise of rights and failure to respect rights.

Source: French food retail giant Carrefour fined €3m for GDPR breaches

French Supervisory Authority Releases Strict Guidance on the Use of Facial Recognition Technology at Airports

On October 9, 2020, the French Supervisory Authority (CNIL) issued guidance on the use of facial recognition technology for identity checks at airports.

The CNIL indicates that it has issued this guidance in response to a request from several operators and service providers of airports in France who are planning to deploy this technology on an experimental basis. In this blog post, we summarize the main principles that the CNIL says airports should observe when deploying biometric technology.

Source: French Supervisory Authority Releases Strict Guidance on the Use of Facial Recognition Technology at Airports | Inside Privacy

France’s Health Data Hub to move to European cloud infrastructure to avoid EU-US data transfers

France’s data regulator CNIL has issued some recommendations for French services that handle health data, as Mediapart first reported.

Those recommendations follow a landmark ruling by Europe’s top court in July. The ruling, dubbed Schrems II, struck down the EU-U.S. Data Privacy Shield. Under the Privacy Shield, companies could outsource data processing from the EU to the U.S. in bulk. Due to concerns over U.S. surveillance laws, that mechanism is no longer allowed.

The CNIL is going one step further by saying that services and companies that handle health data should also avoid doing business with American companies — it’s not just about processing European data in Europe. Once again, this is all about avoiding falling under U.S. regulation and rulings.

Source: France’s Health Data Hub to move to European cloud infrastructure to avoid EU-US data transfers | TechCrunch

1 2 3 9
>