Actualités & veille juridique et technique
Nouvelle sanction de l’autorité espagnole sur les cookies
L’AEPD (agence espagnole de protection des données) a annoncé le 21 octobre une sanction de 30 000€ pour pratiques illégales en matière de cookies à l’encontre d’Ibéria, la compagnie aérienne nationale espagnole. Elle reproche à cette dernière une information...
British Airways fined for personal data breach
The airline British Airways has been fined £20 million by the Information Commissioner's Office, the British counterpart of the CNIL. The British data protection authority accuses it of poor protection of its customers' personal data. Indeed, in the summer of 2018,...
British Airways sanctionnée pour fuite de données personnelles
La compagnie aérienne British Airways a été condamnée à une amende de 20 millions de livres sterling par l’Information Commissioner’s Office, l’homologue britannique de la CNIL. L’autorité britannique de protection des données lui reproche une mauvaise protection des...
French Data Protection Authority opposed to the hosting of health data by Microsoft
Due to the invalidation of the Privacy Shield that was supposed to govern the exchange of personal data between the European Union and the United States, the CNIL wants to stop the hosting of the health data platform for research by Microsoft. The CNIL is therefore...
Employee personal data: H&M fined 35 million euros
The Swedish company H&M was fined 35 million euros on October 1, 2020 by the Hamburg Data Protection Commissioner's Office. It is accused of having collected and stored personal data of employees without their knowledge. Between 2014 and 2019, managers at an...
Facebook and Instagram, a « new deal » for the transfer of personal data to the United States
Facebook and its subsidiary Instagram have engaged in an arm wrestling match with the Data Protection Commission (the Irish CNIL), which has ordered them to suspend data transfers from Europe to its data centers in the United States. At issue was the invalidation last...
New German law on the protection of health data
On July 3, 2020, the Bundestag, the German parliament, passed a new law to protect patients' health data. The law provides for the creation of a digital medical file, or shared medical file, which German health insurance companies will have to offer to their clients...
First sanction on cookies
On August 6th, 2020, the Spanish authorities imposed a €3000 penalty on GROW BEATS SL, a company specializing in the sale of headphones and earphones, for non-compliance with the principles related to the deposit of cookies. The Spanish authority found a lack of...
First CNIL sanction as a lead supervisory authority
On Wednesday, July 5th, 2020, the CNIL (the French data protection authority) imposed a sanction of 250,000 € on Spartoo, an online sales company specializing in online ready-to-wear fashion, shoes and bags. Following a control launched in 2018, the CNIL had initiated...