Region: France

CNIL imposes seven-figure fine despite Carrefour’s full remediation

Companies in the Carrefour retail conglomerate must pay a total of €3.05 million for a raft of data protection failures uncovered by an audit, despite their full remediation of all issues identified by France’s data watchdog.

26 November 2020

Riding the tidal wave

Data privacy class actions in Europe are here to stay. Bird & Bird partner Bryony Hurst explores the rise in class actions, the EU member states that are likely to become popular litigation forums, key cases that have already been filed across Europe, and how organisations can stay as dry as possible when the data protection class action tidal wave hits.

02 November 2020

Ad bodies attempt to block Apple store privacy pop-up

A group of online advertising trade bodies has asked France’s Competition Authority to find that Apple’s new app store consent pop-up is anticompetitive.

29 October 2020

Denis survives CNIL leadership challenge

A French court has refused to strike down the appointment of Marie-Laure Denis as the head of France’s data regulator.

22 October 2020

Riding the tidal wave: claimants choose their swimming lanes

Data privacy class actions in Europe are here to stay. In the second article of a four-part series, Bird & Bird partner Bryony Hurst picks out the EU member states that are likely to become popular litigation forums.

22 October 2020

Microsoft to continue hosting French health data – for now

A French administrative judge has refused to order France’s health database to stop processing personal information on Microsoft’s cloud, despite Schrems II-driven fears that US intelligence could access it – but France may nonetheless take the data away from Microsoft.

14 October 2020

ECJ blocks bulk data harvesting but allows targeted collection

The EU’s top court has confirmed that member states cannot order telecoms providers to indiscriminately harvest data for national security purposes, but ruled the practice can continue in exceptional circumstances.

06 October 2020

France’s facial recognition law attacked

A French advocacy group has asked the country’s highest administrative court to repeal a law that authorises law enforcement to use facial recognition technology.

11 August 2020

CNIL fines online retailer in cross-border case

France’s data regulator has fined an online shoe retailer for multiple GDPR infringements, marking its first fine as a one-stop-shop lead authority.

05 August 2020

What Google’s failed €50 million GDPR appeal means for the one-stop-shop

The judgment that ended Google’s French GDPR appeal provides some much-needed clarity on the one-stop-shop; organisations using data across borders in Europe should pay attention.

25 June 2020

Unlock unlimited access to all Global Data Review content