fbpx

Download free GDPR compliance checklist!

Tag Archives for " CNIL "

The CNIL Can’t Legally Forbid Cookie Walls Under GDPR

France’s highest administrative court has ruled that the country’s data protection authority, the CNIL, does not have the right to ban cookie walls.

The Conseil d’État, a division of the French government that serves as its supreme court of administrative justice, issued a ruling on Friday in response to litigation initiated last year by French trade organizations.

Source: The CNIL Can’t Legally Forbid Cookie Walls Under GDPR | AdExchanger

Google Loses Its Appeal On 50 Million Euro GDPR Fine

Google lost on appeal of 50 million euro fine levied against Google in January 2019 for GDPR breaches.

On Friday, the Conseil d’État, a division of the French government that serves as the supreme court of administrative justice, sided with France’s data protection authority, the CNIL, which levied the fine against Google.

Source: Google Loses Its Appeal On 50 Million Euro GDPR Fine | AdExchanger

French Court Bans the Use of Drone Surveillance to Enforce Covid-19 Lockdown

The Conseil d’État, France’s highest administrative court, issued a decision banning French authorities from using drone surveillance to track individuals violating social distancing rules.

The Court cited privacy issues with drone surveillance and stated that drone surveillance by police would be banned until technology is added to prevent the filming and identification of individuals or approval was given by France’s privacy regulator, the Commission nationale de l’informatique et des libertés (CNIL).

Source: French Court Bans the Use of Drone Surveillance to Enforce Covid-19 Lockdown

CNIL Updates Data Protection Guidance for Employers in the Context of Lifting COVID-19 Containment Measures

On May 7, 2020, the French Data Protection Authority updated its previous guidance for employers relating to the processing of employee and visitor personal data in the context of the COVID-19 outbreak, in particular, in the context of lifting containment measures.

Some employers may consider implementing systematic body temperature checks at the entrance to their premises. Similarly, employers may wish to assess employees’ exposure to the virus or their health statuses when they return to work. The Updated Guidance analyzes some of these practices and outlines the principles applicable to data processing activities.

Source: CNIL Updates Data Protection Guidance for Employers in the Context of Lifting COVID-19 Containment Measures | Privacy & Information Security Law Blog

Privacy watchdog approves French Covid-19 contact tracing app

France’s privacy watchdog CNIL on April 26 gave a conditional green light to a government-backed scheme to monitor people infected with coronavirus.

The issue of how to keep tabs on sufferers has sparked privacy concerns in several countries but the CNIL gave the nod to the StopCovid scheme subject to civil liberty guarantees and regular oversight.

The French device will, if the country is to begin a gradual emergence from lockdown on May 11, enable creation of an index of sufferers via a smartphone app along the lines of a model touted notably by Singapore.

The idea is to send an alert to those who have downloaded the app if they come into close proximity, for example, on public transport, with those who have tested positive for the new coronavirus and who are on the app register.

Source: Covid-19: Privacy watchdog approves French contact tracing app | The Star Online

CNIL’s New Guidelines on HR Processing

The French Data Protection Authority (CNIL) has recently released new guidelines regarding human resources processing operations.

When the GDPR became effective, the CNIL’s previous set of HR Data guidelines became out of date as they did not incorporate the new law’s requirements ( e.g. obligations relating to records of processing activities and Data Protection Impact Assessments).

The new guidelines include a comprehensive grid of applicable legal bases for processing related to each standard HR purpose, including: compliance with a legal obligation, performance of a contract or steps taken prior to entering into a contract, legitimate interests, or tasks performed in the public interest or in the exercise of official authority vested in the controller.

Source: CNIL’s New Guidelines on HR Processing

CNIL Unveils 2020 Inspection Strategy and Announces Cookie Investigations

On March 12, 2020, the French Data Protection Authority (the “CNIL”) released its annual inspection strategy for 2020.

The CNIL carries out approximately 300 inspections every year. These inspections are initiated (1) following complaints lodged with the CNIL; (2) in light of current topics in the news; (3) after the CNIL has adopted corrective measures ( e.g. , formal notices, sanctions) in order to verify whether the organization in question adopted the measures or remedied the situation; and (4) as part of the CNIL’s annual inspection strategy.

Source: CNIL Unveils 2020 Inspection Strategy and Announces Cookie Investigations

Adtech giant Criteo is being investigated by France’s data watchdog

Adtech giant Criteo is under investigation by the French data protection watchdog, the CNIL, following a complaint filed by privacy rights campaign group Privacy International.

Privacy International has been campaigning for more than a year for European data protection agencies to investigate several adtech players and data brokers involved in programmatic advertising.

Source: Adtech giant Criteo is being investigated by France’s data watchdog | TechCrunch

CNIL launches a public consultation on its draft recommendation on “cookies and other trackers”

On 4 July 2019, the CNIL published guidelines on the application of Article 82 of the French Data Protection Act. This article governs actions aiming at storing or gaining access to information already stored in the terminal of a user, i.e. in particular the use of cookies or other trackers when a user visits a website.

The CNIL conducted a consultation during the fall of 2019, in order to prepare a draft recommendation proposing operational procedures for obtaining consent. This draft is now subject to public consultation until 25 February, with a view to preparing the final version of the recommendation.

Source: CNIL launches a public consultation on its draft recommendation on “cookies and other trackers”

Max Schrems Files GDPR Complaints with French DPA on Cookie Use

European privacy advocacy group None of your business (NOYB)—led by Max Schrems—announced it had filed three formal complaints with the French data protection authority (CNIL) against three French websites for  sending digital signals to tracking companies claiming that users had agreed to be tracked online, despite the same users rejecting such cookies.

Despite users going through the trouble of “rejecting” countless cookies on the French eCommerce page CDiscount, the movie guide Allocine.fr and the fashion magazine Vanity Fair, these webpages have sent digital signals to tracking companies claiming that users have agreed to being tracked online.

Source: Say “NO” to cookies – yet see your privacy crumble? | noyb.eu

1 2 3 7
>