In the aftermath of the Court of Justice of the European Union’s (“CJEU”) judgment invalidating Safe Harbor, on 16 December 2016 the European Commission published two decisions, changing its previous decisions on standard contractual clauses (“SCC”) and adequacy decisions on third countries. Arguably, the amendments have been made in order to minimise the risk of … Continue Reading
We have previously posted on the new French Digital Republic Bill which modified a number of provisions of the French Data Protection Act and other data protection related regulations. This post looks at another change introduced by the Bill. The Bill introduces a new regulation on online platforms, in the consumer protection code and the … Continue Reading
On 7 October 2016, a new French Digital Republic Bill came into force, modifying a number of provisions of the French Data Protection Act and other data protection related regulations. The Bill: modifies the rights of data subjects and the obligations of data controllers; increases the powers of the CNIL; introduces a new provision on … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from the UK, France and Germany. UK Investigatory Powers Act Given Royal Assent Information Commissioner’s Offce (ICO) Issues More Fines to Companies Sending Spam Texts France Class Action for Data Protection Newly … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from the UK, Germany, France and the US. UK Investigatory Powers Bill One Step Closer to Royal Assent Gambling Websites Warned About Using Personal Data Germany Data Protection Authorities Examine Data Transfers … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from the EU, UK, Germany and France. EU EU Data Protection Supervisor (EDPS): More Needs to Be Done to Allow Individuals to Take Back Their Online Identity UK Nuisance Callers Face … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from France and Germany. France French National Data Protection Authority (CNIL) Issues First Digital Safe Label French National Data Protection Authority (CNIL) Ordered to Put a Time Limit on the Publication … Continue Reading
As we predicted last week, the European Commission has moved swiftly to issue an adequacy decision that formally adopts an agreement finalized with the US Department of Commerce in June concerning arrangements to legitimize the transfer of EU personal data to the US. The much anticipated “EU-US Privacy Shield” arrangements will replace the Safe Harbor regime, … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from: EU EU Council Agrees on New Measures Against Cybercrimes France The CNIL Opens a Period of Public Consultation on the GDPR The French State Council Rules on Rights to … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from: EU EU and US Sign Umbrella Agreement France France Launches New Do-Not-Call List French Supreme Court Rules on Privacy Rules Germany Thüringen Data Protection Commissioner: Private Video Recordings Require … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from: EU EU Council Adopts the Network and Information Security Directive The Court of Justice of the EU Advises that IP Addresses are Personal Data France The CNIL Publishes Blanket … Continue Reading
Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from: EU New Rules Give Europol More Power to Fight Cybercrime France The CNIL Prioritises Its Topics of Investigation UK Nuisance Callers Face Tighter Controls Judicial Review into the Legality … Continue Reading
The law around data privacy is constantly evolving to keep pace with technological and political change. It can be difficult for companies to keep on top of their compliance obligations. Stéphanie Faber, data privacy specialist in our Paris office, has written a blog post summarising the hot data privacy topics right now, including the General … Continue Reading
Currently, French consumers must bring any claims they may have against French companies to court. However, starting 31 December 2015, French companies that offer goods and services to consumers will now need to set up mechanisms to make available to their consumers, free of charge, recourse to mediation in case of a dispute arising from the poor performance … Continue Reading
Recently, a new consumer law was passed in France that gave the French Data Protection Authority, the CNIL, expanded powers to perform online compliance inspections. Previously, the CNIL’s powers of investigation were limited to on-site inspections, document reviews and hearings. The CNIL is now authorised to carry out remote investigations on the internet to identify breaches … Continue Reading
The French Data Protection Authority, the CNIL, has published its annual investigation program for 2014. The CNIL anticipates carrying out a total of around 550 data breach investigations (350 on-site investigations and 200 online). Priority topics will be: Data breach notification by electronic communications operators Online social dating networks Online payment (particularly the fight against fraud … Continue Reading
Following an investigation, the French Data Protection Authority, the CNIL, has imposed a significant fine for data protection breaches on a luxury car rental company. The fine of €5000 was imposed for use of an unlawful GPS tracking system on rented cars. The CNIL found the fine justified because, amongst other things, the tracking system … Continue Reading
The French Data Protection Authority, the CNIL, recently published its annual report reviewing its activities during 2013 and setting out its priorities for 2014. The report shows that, during 2013: The number of complaints made to the CNIL fell overall to 5,640. Most of these related to requests to erase internet data;. 15 data security … Continue Reading
Businesses that trade online should be aware of the implications of a recent judgment of Europe’s highest court, the Court of Justice of the European Union (CJEU). The upshot of the judgment is that, in the event of a dispute, a supplier may be sued by a consumer in the consumer’s home courts. This has … Continue Reading
On 5 December 2013, the French data protection authority, the CNIL, published new guidance (with supporting user-friendly factsheets) on the use of cookies by businesses operating in France. The guidance updates the CNIL’s informal recommendations on the use of tracing technologies first published at the end of 2011. All businesses using cookies must familiarise themselves … Continue Reading
On 18 December 2013, a new law came into force in France giving the intelligence services increased access to data on telephone calls made by French citizens, for the purposes of preventing terrorism and organised crime. The new law has privacy implications for individuals and will mean that telecommunications companies and internet service providers operating … Continue Reading
On 14 November 2013, the CNIL (in decision n° 2013-358) replaced its previous decision of June 2003 on data processing in relation to card payments for online traders engaged in distance selling of goods and services. The intent of this decision was to provide “concrete answers to the various stakeholders, taking into account the evolution of … Continue Reading