Download free GDPR compliance checklist!

Tag Archives for " France "

€114 Million in Fines Imposed by EU Authorities Under GDPR

New findings from DLA Piper show that 160,000 data breach notifications reported across 28 European Union Member States and data protection authorities have imposed €114 million in monetary fines under the GDPR for a wide range of infringements. Not all fines were related to data breach infringements, however.

In terms of the total value of fines issued by geographical region, France (€51m), Germany (€24.5m) and Austria (€18m) topped the rankings, whilst the Netherlands (40,647), Germany (37,636) and the UK (22,181) had the highest number of data breaches notified to regulators.

Source: €114m in Fines Imposed by Euro Authorities Under GDPR – Infosecurity Magazine

Max Schrems Files GDPR Complaints with French DPA on Cookie Use

European privacy advocacy group None of your business (NOYB)—led by Max Schrems—announced it had filed three formal complaints with the French data protection authority (CNIL) against three French websites for  sending digital signals to tracking companies claiming that users had agreed to be tracked online, despite the same users rejecting such cookies.

Despite users going through the trouble of “rejecting” countless cookies on the French eCommerce page CDiscount, the movie guide Allocine.fr and the fashion magazine Vanity Fair, these webpages have sent digital signals to tracking companies claiming that users have agreed to being tracked online.

Source: Say “NO” to cookies – yet see your privacy crumble? | noyb.eu

French government forms cybersecurity pact with major French companies

The French government signed a three-year cybersecurity pact with eight of the country’s leading companies, as major world nations step up security arrangements in the wake of recent high-profile hacking incidents.

Companies include Airbus, Dassault Aviation, Thales, Safran, Ariane group, MBDA, Naval Group and Nexter.

Source: French government forms cybersecurity pact with major French companies – Reuters

French Supervisory Authority publishes guidance on facial recognition

On November 15, 2019, the French Supervisory Authority (CNIL) published guidance on the use of facial recognition. The guidance is primarily directed at public authorities in France that want to experiment with facial recognition.

The guidance warns that this technology risks leading to biased results and sets out three general requirements for deploying facial recognition on an experimental basis.

First, facial recognition can only be used if there is an established need to implement an authentication mechanism that ensures a high level of reliability, and there are no other less intrusive means that would be appropriate. Second, the experimental use of facial recognition must respect the rights of individuals. Third, the use of facial recognition on an experimental basis must have a precise timeline and be based on a rigorous methodology setting out the objectives pursued and the criteria for success.

Source: French Supervisory Authority publishes guidance on facial recognition

French Liberte Tested by Nationwide Facial Recognition ID Plan

France is poised to become the first European country to use facial recognition technology to give citizens a secure digital identity — whether they want it or not.

Saying it wants to make the state more efficient, President Emmanuel Macron’s government is pushing through plans to roll out an ID program, dubbed Alicem, in November, earlier than an initial Christmas target. The country’s data regulator says the program breaches the European rule of consent and a privacy group is challenging it in France’s highest administrative court. It took a hacker just over an hour to break into a “secure” government messaging app this year, raising concerns about the state’s security standards.

Source: French Liberte Tested by Nationwide Facial Recognition ID Plan – Bloomberg

France plans to scan social media for tax fraud

France ’s data protection watchdog has urged caution over plans to allow authorities to monitor individuals’ social media posts and purchasing activity on websites such as eBay in order to identify those committing tax fraud.

The French parliament is to debate proposals for a three-year trial during which the tax office’s computer system would collect information on peoples’ lifestyles from social media accounts such as Facebook, Instagram and Twitter, and also monitor their activity on sites such as eBay and the French site Le Bon Coin.

Source: French plan to scan social media for tax fraud causes alarm

CJEU to answer questions about Right to be delisted

French court the Conseil d’Etat has requested the European Court of Justice for a preliminary ruling on a series of questions concerning the implementation of the right to be delisted from search results.

The right to be delisted is not absolute. Insofar as the removal of links from the list of results displayed following a search made on the basis of a person’s name may have consequences on the legitimate interest of internet users to receive access to information, the European Court of Justice proceeds to strike a balance between such interest and the person’s fundamental rights, in particular the right to private life and to the protection of personal data.

Source: Right to be delisted

Cookies and other tracking devices: the CNIL publishes new guidelines

Without waiting for the future ePrivacy regulation, which is currently under discussion at the European level and which is not likely to come into force in the short term, the CNIL has decided to update its reference framework. In particular, it was necessary to repeal the 2013 recommendation, which was not compatible with the new provisions of the GDPR.

Full article: Cookies and other tracking devices: the CNIL publishes new guidelines

Données & Design: a platform to bring designers together on the topic of GDPR

Données & Design is a platform, created by French data protection authority CNIL, seeking to create spaces for collaboration and discussion for designers to build together user journeys respectful of privacy.

The platform aims at efficiently integrating those considerations in the daily work of designers in order to help them argue their choices and collaborate more effectively on data protection issues with privacy professionals and other members of a project team (DPO, product owner, projects manager…). The platform provides contents explaining and illustrating points of regulation on which designers can intervene.

Source: Données & Design: a platform to bring designers together on the topic of GDPR

French DPA to take action on online targeted advertisements

French data protection authority CNIL has received an important number of individual and collective complaints (La Quadrature du Net, Privacy International, NOYB) relating to online marketing. In 2018, 21% of the complaints were related to marketing in the broad sense.

Therefore, the CNIL has decided to make targeted online advertising a priority topic for 2019. In July, the CNIL will repeal its 2013 cookie recommendation that has become outdated in some respects (in particular for what concerns the expression of consent), and publish guidelines outlining the applicable rules of law.

Working sessions will be held in the second half of 2019 between the CNIL services and each category of stakeholders (content editors, advertisers, service providers and intermediaries in the marketing ecosystem, civil society), through their representative organizations.

The CNIL will carry out inspections on this the final recommendation 6 months after its final adoption.

Source: Online targeted advertisement: what action plan for the CNIL?

1 2 3 9