fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " France "

Données & Design: a platform to bring designers together on the topic of GDPR

Données & Design is a platform, created by French data protection authority CNIL, seeking to create spaces for collaboration and discussion for designers to build together user journeys respectful of privacy.

The platform aims at efficiently integrating those considerations in the daily work of designers in order to help them argue their choices and collaborate more effectively on data protection issues with privacy professionals and other members of a project team (DPO, product owner, projects manager…). The platform provides contents explaining and illustrating points of regulation on which designers can intervene.

Source: Données & Design: a platform to bring designers together on the topic of GDPR

French DPA to take action on online targeted advertisements

French data protection authority CNIL has received an important number of individual and collective complaints (La Quadrature du Net, Privacy International, NOYB) relating to online marketing. In 2018, 21% of the complaints were related to marketing in the broad sense.

Therefore, the CNIL has decided to make targeted online advertising a priority topic for 2019. In July, the CNIL will repeal its 2013 cookie recommendation that has become outdated in some respects (in particular for what concerns the expression of consent), and publish guidelines outlining the applicable rules of law.

Working sessions will be held in the second half of 2019 between the CNIL services and each category of stakeholders (content editors, advertisers, service providers and intermediaries in the marketing ecosystem, civil society), through their representative organizations.

The CNIL will carry out inspections on this the final recommendation 6 months after its final adoption.

Source: Online targeted advertisement: what action plan for the CNIL?

Facebook to give data on hate speech suspects to French courts

Facebook has agreed to hand over the identification data of French users suspected of hate speech on its platform to judges.

The decision by the world’s biggest social media network comes after successive meetings between Zuckerberg and Macron, who wants to take a leading role globally on the regulation of hate speech and the spread of false information online.

Source: Exclusive: In a world first, Facebook to give data on hate speech suspects to French courts – Reuters

French lawsuit accuses Google of violating EU privacy rules

A leading French consumer group has filed a class-action lawsuit accusing Google of violating the European Union’s landmark 2018 privacy rules.

In its filing Wednesday, the UFC Que Choisir group is seeking 1,000 euros in damages for each one of the 200 Google users involved so far. It’s among the first cases challenging tech giants over their application of the EU’s new rules, known as the General Data Protection Regulation or GDPR.

Source: French lawsuit accuses Google of violating EU privacy rules | WWMT

CNIL issues fine of 20,000 euros against a small company in France regardin videosurveillance

The French data protection authority, the CNIL, announced on 18th June 2019 that it has issued a 20,000 euros fine against Uniontrad Company, a small company (9 employees) based in France and specialized in translations, for “excessive videosurveillance”.

According to the CNIL, employees of the company had filed complaints with the CNIL between 2013 and 2017 over the filming. In February 2018, the CNIL conducted an investigation at the company’s offices and found that a camera was continuously recording the staff’s activities at their work station, without sufficient information being provided to the staff.

Source: Videosurveillance: CNIL issues fine of 20,000 euros against a small company in France

France enacts Decree on application of data protection

On 1 June 2019 Decree No. 2019-536 of 29 May 2019 Enacted For the Application of Act No. 78-17 of 6 January 1978 on Data Processing, Files and Individual Liberties came into force.

The Decree clarifies procedural rules of the French data protection authority, including its control and sanctions, and further specifies data subject rights. It also brings Act on Data Processing, Files and Individual Liberties in line with the General Data Protection Regulation (GDPR) and the Data Protection Directive with Respect to Law Enforcement.

Read the Decree here (in French).

CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures

On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates.

Source: CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures

CNIL releases its 2018 annual report and announces its next challenges for 2019

On April 15 2019, the French Data Protection Authority (the “CNIL”) released its 2018 Annual Report.

In 2018 the CNIL:

  • received more than 11,000 data subjects’ complaints, which represents an increase of 32% as compared to 2017.
  • sought to provide professionals with guidelines and documentation and took into account the need for legal certainty in a context of increased sanctions and the demand for greater simplification for smaller businesses.
  • conducted 204 on-site inspections (including 20 on-site inspections of CCTV devices); 51 online inspections; 51 controls on a document production basis, and 4 hearings.
  • of the 310 controls carried out, only 11 sanctions were adopted by the Restricted Committee.

Source: CNIL releases its 2018 annual report and announces its next challenges for 2019 – Privacy, Security and Information Law Fieldfisher

The French Data Protection Authority Announces Stricter Enforcement

On April 15, 2019, the French Data Protection Authority (CNIL) published its 2018 activity report and announced its 2019 enforcement agenda.

The CNIL’s message is clear: if some leniency was tolerated in 2018, this transitional period for GDPR enforcement is now over. Going forward, the CNIL will adopt a stricter approach when investigating companies’ GDPR compliance and make full use of its enforcement powers, including the power to fine.

Source: The French Data Protection Authority Announces Stricter Enforcement

French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

Five years after the commencement of legal proceedings against Google by leading French consumer association UFC Que Choisir, the Paris “Tribunal de Grande Instance” (TGI), in a decision dated 12 February 2019, issued its ruling on the legality of the Google+ Terms of Use and Privacy Rules, both with respect to consumer law and personal data protection regulations.

Full article: French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

1 2 3 9
>