On August 5, 2020, the French Data Protection Authority announced that it has levied a fine of €250,000 on a French online shoe retailer for various infringements of the GDPR. This is the first penalty under the GDPR enforced by the CNIL as the lead supervisory authority in cooperation with other EU supervisory authorities.
Continue Reading CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

On June 19, 2020, France’s Highest Administrative Court upheld the French Data Protection Authority’s decision, whereby the CNIL imposed a fine of 50 million euros on Google under the EU General Data Protection Regulation.
Continue Reading French Highest Administrative Court Upholds 50 Million Euro Fine against Google for Alleged GDPR Violations

On April 30, 2020, the French Data Protection Authority published guidance on the extraction of web users’ personal data from online public spaces by web scraping tools and re-use of such data for direct marketing purposes.
Continue Reading CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing