Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Patrice Navarro

Posts by Patrice Navarro
Posted on By Patrice Navarro Posted in Policy & Regulation Photo of Patrice Navarro

New French Guidelines on Cookies and Trackers

On 19 July the French Data Protection Authority (the “CNIL”) published new guidelines on cookies and trackers. These replace the existing Recommendation No. 2013-378 of 5 December 2013, are intended to be in line with relevant GDPR provisions and have been produced in anticipation of the future ePrivacy Regulation. The guidelines will be supplemented, at a later stage, with sectoral recommendations setting out practical methods for obtaining consent. These sectoral recommendations will be included in a final version of the guidelines on cookies and trackers open for public consultation, which

Posted on By Patrice Navarro and Elisabethann Wright Posted in Policy & Regulation Photo of Patrice NavarroPhoto of Elisabethann Wright

EDPB’s Position on Clinical Trials Creates Friction with Other EU Legislation

Clinical trials in the EU include the collection of sensitive health data from patients. Trial sponsors are obliged to reconcile their respect of regulations governing data protection with regulations governing the conduct of clinical trials. The GDPR¹ could not fully harmonize these rules since this area is already heavily regulated by public health regulations that vary between EU Member States. One of the most disconcerting areas of divergence between EU Member States is the different national positions on whether patient consent is a valid legal ground for processing personal data in

Posted on By Winston Maxwell, Patrice Navarro, Mathilde Gérot and Anne-Laure Morise Posted in Data Protection & Privacy, Policy & Regulation Photo of Winston MaxwellPhoto of Patrice Navarro

One day before the entry into force of the GDPR, the French bill is adopted… but referred to the French Constitutional Council (“Conseil Constitutionnel”)

The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an accelerated procedure. This procedure led to the adoption in final reading by the French National Assembly of the bill on personal data protection on 14 May 2018. However, some French Senators lodged a constitutional complaint against the said law on 16 May 2018. The bill on personal data protection aims to adapt the “French Data Protection” Act

Posted on By Winston Maxwell, Patrice Navarro and Charles-Henri Caron Posted in Data Protection & Privacy Photo of Winston MaxwellPhoto of Patrice Navarro

Hosts of health data: certified compliant!

The Decree No 2018-137 of 26 February 2018 on the hosting of personal health data has been published on 28 February 2018 in the Official Journal.  The Decree defines notably the arrangements for implementing the procedure for certifying hosts of health data. Context The Decree has been adopted pursuant to Order No 2017-27 of 12 January 2017 on the hosting of personal health data which substantially modified Article L1111-8 of the French Public Health Code (FPHC).  As a reminder, this updated version of the Article, which will enter into force

Posted on By Patrice Navarro and Matthieu Richard Posted in Data Protection & Privacy Photo of Patrice Navarro

French National Assembly Votes to Align the CNIL’s Sanctioning Powers with the GDPR

While organizations in the EU will have to get used to the possibility of receiving fines of up to 4% of total worldwide annual turnover when the General Data Protection Regulation (GDPR) comes into force in roughly 2 years’ time, organizations in France should prepare for higher sanctions sooner. A bill, passed by the French National Assembly on 26th January 2016, and now before the French Senate, would amend Article 47 of the French Data Protection Act to give the French Data Protection Authority (the CNIL) the power to impose penalties for

Posted on By Joke Bodewits and Patrice Navarro Posted in Data Protection & Privacy, Policy & Regulation Photo of Joke BodewitsPhoto of Patrice Navarro

Part 6: Profiling Restrictions v. Big Data

A stricter regime for profiling Profiling and Big Data analytics are set to play a pivotal role in the growth of the digital economy. From cookie-based tracking to people’s interaction through social media, the size and the degree of granularity of our digital footprints have created unprecedented opportunities for business development and service delivery. The scale of data collection, data sharing and data analysis has not gone unnoticed to public policy makers and this has led to the inclusion of special rules addressing profiling in the Regulation. In fact, from

Posted on By Winston Maxwell and Patrice Navarro Posted in Data Protection & Privacy Photo of Winston MaxwellPhoto of Patrice Navarro

CNIL Releases BYOD Guidelines

Security concerns and the need to increase cyber security measures have recently boosted the use of Bring Your Own Device (BYOD) policies in France. Recent events have exacerbated fears of data breaches and hacking for IT managers who were not overly concerned before. As a consequence, IT security teams are seeking to apply the same security and device management systems that apply to their own company’s equipment to employees’ devices when employees use their devices for work purposes. Obligation to notify A BYOD policy usually forms part of a company’s