Tag Archives for " France "

Nice is building “safe city”, rising privacy concerns

After terrorist attack of July 14, 2016, French city of Nice has turned itself into a testing ground for surveillance technology. Growing opposition to cutting-edge security highlights how the use of systems like facial recognition and artificial intelligence to fight crime is on a collision course with advocates of data privacy.

Read full article: Two Years Ago Terror Struck. Now They’re Unsure of the Response – Bloomberg

French website publisher fined for violation of the cookie requirements

The French Council of State affirmed the EUR 25,000 fine imposed by the CNIL on Editions Croque Futur (challenges.fr) for non-compliance with French data protection law, and in particular cookie requirements.

This decision is particularly interesting in that it clarifies that browser settings are not always a valid means of consent to cookies, while many cookies policies out there still refer to such browser settings as the only way to control cookies.

Source: FRANCE: Website publisher fined for violation of the cookie requirements

New French data protection law declared constitutional and ready for promulgation

The French Constitutional Council has issued its ruling on June 12 regarding the new data protection law implementing the EU General Data Protection Regulation (GDPR). It’s a PASS! Almost a month after Senators referred the newly adopted data protection law to the Constitutional Council, thus blocking its promulgation on time for the GDPR’s entry into application last May 25, the suspense comes finally to an end.

Source: FRANCE: New data protection law declared constitutional and ready for promulgation

CNIL updates its PIA tool

French data protection authority CNIl has updated its PIA software to make the privacy impact assessment more practical and to foster collaboration between stakeholders.

The new features cover mainly the creation of the PIA report and on the tool’s workflow:

  • it is now possible to filter the information to be shown in the report;
  • the PIA’s visual elements (risk overview, risk mapping, action plan overview) are now visible on the report page and available for download;
  • the action plan can be downloaded in csv format in order to easily follow up on its implementation and/or to include it in existing internal project management processes;
  • several improvements were made to the workflow and contextual information was enhanced, in order to clarify the PIA steps.

Source: May 2018 updates for the PIA tool

French GDPR Bill Has Been Adopted But Referred to the French Constitutional Council

The General Data Protection Regulation (GDPR) entered into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an accelerated procedure.

This procedure led to the adoption in final reading by the French National Assembly of the bill on personal data protection on 14 May 2018. However, some French Senators lodged a constitutional complaint against the said law on 16 May 2018.

Source: GDPR Is In Effect: The French Bill Has Been Adopted…But Referred to the French Constitutional Council

New guide regarding security of personal data from French DPA

The GDPR provides in Article 32 that “the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk”.

But it is sometimes difficult, when one is not familiar with risk management methodologies, to implement this approach and to ensure that the minimum has been done. To help professionals in their compliance, the CNIL publishes a guide reminding the basic precautions to be implemented systematically.

Source: A new guide regarding security of personal data | CNIL

Is France misusing secretive database in hunt for security threats?

France has flagged more than 78,000 people as security threats in a database intended to let European police share information on the continent’s most dangerous residents — more than all other European countries put together — according to an analysis by The Associated Press.

A German parliamentarian, Andrej Hunko, was the first to raise the alarm about potential misuse of the Schengen Information System database in a question to his country’s Interior Ministry about “discreet checks” — secret international checks on people considered a threat to national security or public safety. He questioned whether and why different countries seemed to apply very different criteria.

Source: ‘Discreet checks’: Is France misusing secretive database in hunt for security threats? | CTV News

CNIL’s notice on collection of smart meters data shows likely approach of DPAs post-GDPR

The French data protection authority (‘CNIL’) announced, on 27 March 2018, that it had issued a formal notice to DIRECT ENERGIE, Société Anonyme, for failing to obtain consent for the collection of customer usage data from its Linky smart meters, and ordered it to collect valid consent for the processing, including from those whose data has already been processed, within three months of receiving of the notice.

Source: France: CNIL notice to DIRECT ENERGIE on collection of smart meters data “indication of likely approach of DPAs post-GDPR”

1 2 3 4