On November 26, 2020, the French Data Protection Authority announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation and Article 82 of the French Data Protection Act governing the use of cookies.
Continue Reading CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

On November 5, 2020, Hunton Andrews Kurth will host a panel discussion with representatives from the UK Information Commissioner’s Office (“ICO”) and the French Data Protection Authority (“CNIL”) to explore the latest developments on cookie guidance and compare their respective approaches. In our webinar titled “From a Regulator’s Perspective: Latest Developments on Cookie Guidance from the ICO and CNIL,” our speakers will discuss practical cookie law issues, including:
Continue Reading Webinar on the Latest Developments on Cookie Guidance Featuring the UK ICO and CNIL

On October 13, 2020, France’s highest administrative court issued a summary judgment that rejected a request for the suspension of France’s centralized health data platform, Health Data Hub.
Continue Reading French Highest Court Rejects Temporary Suspension of France’s Health Data Hub; Calls for Additional Guarantees Following Schrems II

On October 1, 2020, the French Data Protection Authority published a revised version of its guidelines on cookies and similar technologies, its final recommendations on the practical modalities for obtaining users’ consent to store or read non-essential cookies and similar technologies on their devices and a set of questions and answers on the Recommendations.
Continue Reading CNIL Publishes Updated Cookie Guidelines and Final Version of Recommendations on How to Get Users’ Consent

On August 5, 2020, the French Data Protection Authority announced that it has levied a fine of €250,000 on a French online shoe retailer for various infringements of the GDPR. This is the first penalty under the GDPR enforced by the CNIL as the lead supervisory authority in cooperation with other EU supervisory authorities.
Continue Reading CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

On June 19, 2020, France’s Highest Administrative Court upheld the French Data Protection Authority’s decision, whereby the CNIL imposed a fine of 50 million euros on Google under the EU General Data Protection Regulation.
Continue Reading French Highest Administrative Court Upholds 50 Million Euro Fine against Google for Alleged GDPR Violations

On April 30, 2020, the French Data Protection Authority published guidance on the extraction of web users’ personal data from online public spaces by web scraping tools and re-use of such data for direct marketing purposes.
Continue Reading CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing