On March 28, 2017, the French Data Protection Authority published its Annual Activity Report for 2016 and released its annual inspection program for 2017. The Report presents the main accomplishments in 2016 and highlights the diversified activity at both the national and EU level with the adoption of two major pieces of legislation.… Continue Reading
On March 15, 2017, the French data protection authority published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation that will become applicable on May 25, 2018. The six steps are outlined in this entry. … Continue Reading
On February 23, 2017, the French Data Protection Authority launched an online public consultation on three topics identified by the Article 29 Working Party in its 2017 action plan for the implementation of the EU General Data Protection Regulation. The three topics are consent, profiling and data breach notification. … Continue Reading
On November 19, 2016, the French government enacted a bill creating a legal basis for class actions against data controllers and processors resulting from data protection violations. The bill establishes a general class action regime and includes specific provisions regarding data protection violations.… Continue Reading
On October 7, 2016, the French Digital Republic Bill (the “Bill”) was enacted after a final vote from the Senate. The Bill aligns the French legal data protection framework with the EU General Data Protection Regulation (“GDPR”) requirements before the GDPR becomes applicable in May 2018.… Continue Reading
On October 3, 2016, at the Paris Motor Show, the CNIL reported on the progress of a new, expanded compliance pack on connected vehicles. The work was launched on March 23, 2016, and should be finalized in Spring 2017. … Continue Reading
On September 27, 2016, the French Data Protection Authority announced the adoption of two new decisions that will now cover all biometric access control systems in the workplace. These two new decisions repeal and replace the previous biometric decisions adopted by the CNIL.… Continue Reading
On September 26, 2016, the French Data Protection Authority published the results of the Internet sweep on connected devices. The sweep was conducted in May 2016 to assess the quality of the information provided to users of connected devices, the level of security of the data flows and the degree of user empowerment.… Continue Reading
On July 20, 2016, the French Data Protection Authority announced that it issued a formal notice to Microsoft Corporation ordering the company to address several alleged violations of the French Data Protection Act concerning the Windows 10 operating system.… Continue Reading
On June 30, 2016, a joint committee composed of representatives from both chambers of the French Parliament reached a common position on the French ‘Digital Republic’ Bill that rejects the data localization amendment previously approved by the French Senate, but significantly amends other aspects of the French Data Protection Act. … Continue Reading
Hunton & Williams announces its participation with the Global Legal Group in the publication of the third edition of the book The International Comparative Legal Guide to: Data Protection 2016. The guide provides corporate counsel and international practitioners with a comprehensive worldwide legal analysis of the laws and regulations relating to data protection. … Continue Reading
On June 16, 2016, the French Data Protection Authority launched a public consultation on the four priority topics identified in the Article 29 Working Party's action plan for the implementation of the EU General Data Protection Regulation.… Continue Reading
On June 1, 2016, a new do-not-call list was implemented in France. French residents who do not wish to receive marketing phone calls may register their landline or mobile phone number online at www.bloctel.gouv.fr.… Continue Reading
On April 12, 2016, the French Data Protection Authority announced that it will participate in a coordinated online audit to analyze the impact of everyday connected devices on privacy. The audit will be coordinated by the Global Privacy Enforcement Network, a global network of approximately 50 data protection authorities from around the world.… Continue Reading
On March 23, 2016, the Chairwoman of the French Data Protection Authority opened proceedings that will lead to the release of a compliance pack on connected vehicles.… Continue Reading
On February 19, 2016, the French Data Protection Authority made public its new Single Authorization Decision No. 46. This decision relates to the data processing activities of public and private organizations with respect to the preparation, exercise and follow-up regarding disciplinary or court actions, and the enforcement of those actions.… Continue Reading
On November 19, 2015, the French Data Protection Authority published guidance, including a set of frequently asked questions, to assist companies that are transferring personal data to the U.S. pursuant to the Safe Harbor framework.… Continue Reading
On November 13, 2015, the French Data Protection Authority announced its decision in a case against Optical Center, imposing a fine of 50,000 Euros on the company for violations related to the security and confidentiality of its customers’ personal data. … Continue Reading
On September 2, 2015, the French Data Protection Authority published the results of a sweep of 54 sites visited by children and teenagers. The sweep was conducted in May 2015 to assess whether websites that are directed toward, frequently used by or popular among children comply with French data protection law.… Continue Reading
Hunton & Williams is pleased to announce its participation with the Global Legal Group in the publication of the second edition of the book The International Comparative Legal Guide to: Data Protection 2015.… Continue Reading
On June 30, 2015, the French Data Protection Authority summarized the results of the cookie inspections it conducted at the end of 2014.… Continue Reading
On May 25, 2015, the French Data Protection Authority released its long-awaited annual inspection program for 2015, announcing that a target of 550 inspections was set for 2015, including 350 on-site inspections, document reviews or hearings and 200 online inspections. This blog entry provides a summary of the program.… Continue Reading
On May 11, 2015, the French Data Protection Authority announced that it will participate, along with 28 other data protection authorities in the Global Privacy Enforcement Network, in a joint online audit to assess whether websites directed toward children comply with global privacy laws.… Continue Reading
On April 16, 2015, the French Data Protection Authority published its Annual Activity Report for 2014, which highlights its accomplishments during the past year and outlines new topics it will consider further in 2015.… Continue Reading
