fbpx

Download free GDPR compliance checklist!

Tag Archives for " France "

Law enforcement wiretapped the very service used by criminals to evade interception

The virtual private network (VPN) Safe-Inet used by the world’s foremost cybercriminals has been taken down in a coordinated law enforcement action led by the German Reutlingen Police Headquarters together with Europol and law enforcement agencies from around the world.

This VPN service was sold at a high price to the criminal underworld as one of the best tools available to avoid law enforcement interception, offering up to 5 layers of anonymous VPN connections.

Much of the criminal activity occurring on the network involved cyber actors responsible for ransomware, E-skimming breaches, spearphishing, and account takeovers.

Source: Law enforcement wiretapped the very service used by criminals to evade interception

COVID Cops in Europe Will Search Your Car for Evidence of Ski Gear

Switzerland has opened its Alps for the holiday ski season, but COVID-weary European governments will force anyone caught with ski gear into compulsory quarantine.

French Prime Minister Jean Castex said Wednesday that anyone found with ski paraphernalia would be forced to quarantine. The move to check travelers has been met with harsh criticism across the alpine regions.

Source: COVID Cops in Europe Will Search Your Car for Evidence of Ski Gear

France fines Google $120M and Amazon $42M for dropping tracking cookies without consent

France’s data protection agency, the CNIL, has slapped Google and Amazon with fines for dropping tracking cookies without consent.

Google has been hit with a total of €100 million ($120 million) for dropping cookies on Google.fr and Amazon €35 million (~$42 million) for doing so on the Amazon .fr domain under the penalty notices issued on December 10.

The regulator carried out investigations of the websites over the past year and found tracking cookies were automatically dropped when a user visited the domains in breach of the country’s Data Protection Act.

Source: France fines Google $120M and Amazon $42M for dropping tracking cookies without consent

More GDPR applied in the UK than in Italy & France Combined

A report released by BuyShares has revealed that the United Kingdom tops for the imposition of data breach penalties with €132.7 million in the total value of General Data Protection Regulation fines since the legislation was became enforceable on May 25 2018.

It is higher than the combined total of fines sanctioned in Germany and Italy combined. Indeed, the largest five fines for GDPR breaches in the European Union account for 70% of the total fines sanctioned since the data privacy legislation became live in 2018.

Source: More GDPR applied in the UK than in Italy & France Combined – Compliance Junction

Apple Faces Antitrust Complaint in France Over Privacy Changes in iPhones

Apple’s operating software starting early next year will require apps to get opt-in permission from users to collect their advertising identifier, a number used to deliver targeted ads and check how ad campaigns performed.

Advertising companies and publishers have filed a complaint against Apple Inc. with France’s competition authority, arguing that privacy changes the smartphone maker plans to roll out are anticompetitive.

The companies behind the complaint, brought through a group of trade associations, say few users will agree to be tracked, making it harder for companies from game-makers to news publishers to sell personalized ads and tough for the middlemen in those transactions.

Source: Apple Faces Antitrust Complaint in France Over Privacy Changes in iPhones – WSJ

French Supervisory Authority Releases Strict Guidance on the Use of Facial Recognition Technology at Airports

On October 9, 2020, the French Supervisory Authority (CNIL) issued guidance on the use of facial recognition technology for identity checks at airports.

The CNIL indicates that it has issued this guidance in response to a request from several operators and service providers of airports in France who are planning to deploy this technology on an experimental basis. In this blog post, we summarize the main principles that the CNIL says airports should observe when deploying biometric technology.

Source: French Supervisory Authority Releases Strict Guidance on the Use of Facial Recognition Technology at Airports | Inside Privacy

France’s Health Data Hub to move to European cloud infrastructure to avoid EU-US data transfers

France’s data regulator CNIL has issued some recommendations for French services that handle health data, as Mediapart first reported.

Those recommendations follow a landmark ruling by Europe’s top court in July. The ruling, dubbed Schrems II, struck down the EU-U.S. Data Privacy Shield. Under the Privacy Shield, companies could outsource data processing from the EU to the U.S. in bulk. Due to concerns over U.S. surveillance laws, that mechanism is no longer allowed.

The CNIL is going one step further by saying that services and companies that handle health data should also avoid doing business with American companies — it’s not just about processing European data in Europe. Once again, this is all about avoiding falling under U.S. regulation and rulings.

Source: France’s Health Data Hub to move to European cloud infrastructure to avoid EU-US data transfers | TechCrunch

CJEU ruling puts in danger EU-UK adequacy talks

This week, the CJEU issued a ruling that could spring a leak and potentially sink adequacy negotiations between the U.K. and EU.

CJEU ruled to restrict surveillance activities on phone and internet data by EU member states but specifically to regimes in Belgium, France and the U.K. The decision means governments have limited grounds for mass data retention unless they face a “serious threat to national security.” Additionally, access to phone and internet data, as well as the duration of that access, should be determined based on necessity.

The U.K. is chief among those affected by the court’s ruling as the clock winds down on its Brexit transition period, which is set to expire with or without an adequacy decision from the EU December 31. Doubts about an adequacy agreement already loomed, but the latest CJEU ruling further clouds a potential deal.

Source: CJEU throws wrinkle into EU-UK adequacy talks

French Supervisory Authority Publishes Final Version of Cookie Guidelines

On October 1, 2020, the French Supervisory Authority (CNIL) published the final version of its Guidelines on cookies and other tracking technologies, as well as an adjoining set of best practice recommendations with examples on how to implement the guidelines.

The new version of the guidelines takes into account contributions submitted by various stakeholders during the public consultation period for both documents, as well as a recent decision of the French Council of State regarding a prior version of the guidelines.

Source: French Supervisory Authority Publishes Final Version of Cookie Guidelines, Says It Will Start Enforcing Them in April 2021

European Police Malware Could Harvest GPS, Messages, Passwords, More

The malware that French law enforcement deployed en masse onto Encrochat devices, a large encrypted phone network using Android phones, had the capability to harvest “all data stored within the device,” and was expected to include chat messages, geolocation data, usernames, passwords, and more.

As well as the geolocation, chat messages, and passwords, the law enforcement malware also told infected Encrochat devices to provide a list of WiFi access points near the device.

Organized crime groups across Europe and the rest of the world heavily used the network before its seizure, in many cases to facilitate large scale drug trafficking.

Source: European Police Malware Could Harvest GPS, Messages, Passwords, More

1 2 3 11
>