Patrice Navarro

Posted on July 23rd, 2019 By Patrice Navarro Posted in International/EU privacy

New French Guidelines on Cookies and Trackers

On 19 July the French Data Protection Authority (the “CNIL”) published new guidelines on cookies and trackers. These replace the existing Recommendation No. 2013-378 of 5 December 2013, are intended to be in line with relevant GDPR provisions and have been produced in anticipation of the future ePrivacy Regulation. The guidelines will be supplemented, at a later stage, with sectoral … Continue Reading

Posted on May 1st, 2019 By Patrice Navarro and Elisabethann Wright Posted in International/EU privacy

EDPB’s Position on Clinical Trials Creates Friction with Other EU Legislation

Clinical trials in the EU include the collection of sensitive health data from patients. Trial sponsors are obliged to reconcile their respect of regulations governing data protection with regulations governing the conduct of clinical trials. The GDPR¹ could not fully harmonize these rules since this area is already heavily regulated by public health regulations that vary between EU Member States. … Continue Reading

Posted on May 24th, 2018 By Winston Maxwell, Patrice Navarro, Mathilde Gérot and Anne-Laure Morise Posted in Data Protection & Privacy, Policy & Regulation

One day before the entry into force of the GDPR, the French bill is adopted… but referred to the French Constitutional Council (“Conseil Constitutionnel”)

The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an accelerated procedure. This procedure led to the adoption in final reading by the French National Assembly of the bill on … Continue Reading

Posted on March 6th, 2018 By Winston Maxwell, Patrice Navarro and Charles-Henri Caron Posted in Data Protection & Privacy

Hosts of health data: certified compliant!

The Decree No 2018-137 of 26 February 2018 on the hosting of personal health data has been published on 28 February 2018 in the Official Journal. The Decree defines notably the arrangements for implementing the procedure for certifying hosts of health data.

Context

The Decree has been adopted pursuant to Order No 2017-27 of 12 January 2017 on the hosting … Continue Reading

Posted on February 17th, 2016 By Patrice Navarro and Matthieu Richard Posted in Data Protection & Privacy

French National Assembly Votes to Align the CNIL’s Sanctioning Powers with the GDPR

While organizations in the EU will have to get used to the possibility of receiving fines of up to 4% of total worldwide annual turnover when the General Data Protection Regulation (GDPR) comes into force in roughly 2 years’ time, organizations in France should prepare for higher sanctions sooner.

A bill, passed by the French National Assembly on 26th January … Continue Reading

Posted on March 26th, 2015 By Winston Maxwell and Patrice Navarro Posted in Data Protection & Privacy

CNIL Releases BYOD Guidelines

Security concerns and the need to increase cyber security measures have recently boosted the use of Bring Your Own Device (BYOD) policies in France. Recent events have exacerbated fears of data breaches and hacking for IT managers who were not overly concerned before. As a consequence, IT security teams are seeking to apply the same security and device management systems … Continue Reading