Discover our publications

Since the invalidation of the Privacy Shield, legal departments and DPOs have been busy putting in place Standard Contractual Clauses for all data transfers to the US.  More recently, following the Schrems II ruling, additional measures were to be put in place.  However, the approval of the Data Privacy Framework has changed all that. What […]En savoir plus

Nowadays, the GDPR’s extraterritoriality (Article 3.2) and its related obligation to designate a representative in the EU (Article 27) are some of its best-known features. According to these, any entity without a European establishment but nevertheless subject to the GDPR must appoint a dedicated representative in the EU. The role and responsibilities of the latter […]En savoir plus

Data valuation is a concept that aims to give a financial value to the data that a company has in order to consider them as real assets. The value of data is calculated according to a multitude of factors which can go from the data as such to the way it can be used. For […]En savoir plus

When it arrived, GDPR shook up the habits of marketing departments by imposing new obligations on companies. However, these obligations are not all new in France, as GDPR can be considered a reinforced version of our former Data Protection Act (law no. 78-17 of January 6, 1978). In 2018, on the eve of GDPR’s implementation, […]En savoir plus

As part of a real process of extraterritorial normative expansion contextualized first by globalization and then by technological developments, European legislators in recent years have sought to extend the application of the legal norms they produce, in order to guarantee fundamental rights beyond borders and make companies located abroad accountable. This article aims to give […]En savoir plus

Since the beginning of the 2010s and even more so in the wake of the current COVID-19 pandemic, learning has been digitized and learning environments have been digitized. This growing development is resulting in a “boom” of data collected from different learning platforms. Thus, the current interest in learning analytics is just a reflection of […]En savoir plus

Metaverse is the contraction of “meta” and “universe”, it gives us another universe in which it becomes possible to escape. According to Webedia, it can be defined as “the meeting place, stable in time, of a community of users wishing to engage in a wide variety of online social activities, in immersion”. Sociability and immersion […]En savoir plus

Following its 384 inspections in 2021 based on complaints, data breach reports and news, the CNIL published its strategic control lines for 2022 on February 15. The control plan focuses on three main areas: commercial prospecting, surveillance tools in the context of remote working, and the use of the Cloud. 1. Commercial prospecting Commercial prospecting […]En savoir plus

When a company, a social network or a public organization says: “we protect your personal data”, what does the word “your” really mean? Is my personal data mine in the sense that I own it like any other object, or does it belong to me as an inseparable element of my personality? This contemporary debate, […]En savoir plus

This statement is already widely known today, and it is becoming more and more important: data is, and will be more and more in the future, an essential lever of digital transformation for companies. The amount of data available is constantly growing. Social networks, blogs, websites, applications, browsers, all these platforms and tools lead to […]En savoir plus

“A secret only exists if it is known to someone,” Louis Scutenaire. The Covid-19 pandemic accelerated the digital transformation of companies, but it also led to an unprecedented increase in cybercrime. The media coverage of IT security incidents has a lasting impact on the image of companies in the eyes of the public and their […]En savoir plus

The digital age symbolizes an imminent change in society and the daily life of the population and, incidentally, a change in all economic actors. The digital revolution has led to the emergence of new approaches to digital development. In this context of digital transformation, Big Data is one of the emerging technologies that can generate […]En savoir plus

In addition to the health crisis of which we are all aware, the year 2020 was marked by a 46% increase in the number of hours spent in front of screens, whether remote working, searching for activities, watching videos, creating content or even online shopping. Taking that all into account, an increase of 8.5% was […]En savoir plus

400. That’s the number of cyberattacks that healthcare institutions in France can suffer every day, as Hélène Lherbette, head of digital services at the Narbonne Hospital Center, can attest. Fortunately, most of these attacks do not overcome the security measures implemented. However, if one of them slips through the cracks, hospitals such as those in […]En savoir plus

May 25, 2021 marked the third anniversary of the entry into force of the General Data Protection Regulation. Driven by a desire to reform and standardize data protection rules while ensuring greater respect for the rights of data subjects, GDPR continues to pursue its goal of establishing itself as the benchmark text in the world […]En savoir plus

The General Data Protection Regulation of April 27, 2016 and implemented on May 25, 2018, introduced a right to portability (Article 20): “The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format […]En savoir plus

If you are reading this, then you are probably one of the 3.8 billion people with a smartphone. This morning when you woke up, like 2.8 billion other monthly users, you probably opened your favorite social network, wished your old high school friend a happy birthday, checked the weather forecast, read the news, all while […]En savoir plus

1. What is the current situation? On June 23, 2016, the British population voted in favor of Brexit (51.9%). On March 29, 2017, the Article 50 procedure of the Treaty on European Union was invoked by the United Kingdom. Negotiations then began in order to find an agreement that would satisfy the two now opposing […]En savoir plus

The European Data Protection Board (EDPB), composed of representatives of European data protection authorities and the European Data Protection Supervisor, issued recommendations on November 10, 2020 to help organizations ensure an adequate level of protection for personal data transferred outside the European Economic Area1. Background: On October 6, 2015, the Court of Justice of the […]En savoir plus

In a context where the e-Privacy Regulation is still in draft form and its entry into force remains uncertain, the CNIL is pursuing its desire to provide practical solutions for the supervision of cookies. This project was initiated in 2013 with “recommendations” on cookies and other tracking devices, which would be replaced by guidelines in […]En savoir plus