On 9 February 2026, the Commission Nationale de l’Informatique et des Libertés (CNIL) published its 2025 report on its enforcement action. Beyond the €487 million – in cumulative fines – largely driven (unsurprisingly) by two sanctions related to cookies, another
Global AI regulation
As organisations continue with their roll-out of AI, the global regulatory landscape is becoming increasingly complex. AI-specific laws like the EU AI Act already applicable and new AI-specific laws are proposed, adding to the range of existing laws and regulations
12th Annual European Data Protection Conference
Please join us at our 12th Annual European Data Protection Conference.
The conference will take place in:
Frankfurt | Monday, September 30, 2024 | 11:00 – 14:30 CEST
Amsterdam | Tuesday, October 1, 2024 | 09:00 – 12:30 CEST
Paris
The right of access to personal data: a more extensive view?
This article first appeared in PLC Magazine in the January / February 2024 issue of PLC Magazine.
The right of access to personal data looks set to be a key focus area for data protection regulators for 2024 in
European Commission adopts its adequacy decision for the EU-US Data Privacy Framework
On 10 July, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (the DP Framework). It thereby declared that the United States (the US) ensures an adequate level of protection for personal data transferred
Schrems II – Irish DPC finally issues its decision – suspension order, deletion/ repatriation of data and fine
Introduction:
On 22 May, the Irish Data Protection Commissioner (the DPC) published its decision against Meta Platform Ireland Ltd (Meta Ireland) in relation to Facebook’s transfer of user’s personal data to the US (the Decision). In
Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend
Cyberattacks have become more frequent, problematic and complex over the years – so much so that they now represent a real threat to economic activities. The French Information and Digital Security Experts Club (CESIN) has estimated that 54%
European rulings on the use of Google Analytics and how it may affect your business
Recent decisions out of the EU will impact the use of Google Analytics and similar non-European analytics services when targeting EU individuals, with the potential to put many organizations at risk of receiving GDPR fines.
At issue was the transfer
How to process employees’ health data in France after lockdown: dos and don’ts for employers
A few weeks ago, we provided you with a summary of the rights and obligations of employers with regard to the personal data of their employees during lockdown.
On 11 May, many employees will return to their workplaces. Below you
StopCovid: the French contact-tracing app
Following the example of many European countries, the French government plans to introduce a contact tracing app, known as “StopCovid”. The app is designed to be used by people once they leave the confinement of their homes with the aim