Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: CNIL

Posted on By Christopher Wolf Posted in International/EU Privacy

German Privacy Publication Features Hogan Lovells Piece on Proposed Data Protection Regulation

The German publication, Zeitschrift fur Datenschutz, has just published a piece authored by Christopher Wolf, director of the global Privacy and Information Management practice, entitled “A Critical Time for the EU Data Protection Regulation.” The article highlights issues that have been raised about the proposed Regulation, described as ”real and substantial.”  The point of the piece is… Continue Reading

Posted on By Winston Maxwell Posted in Cybersecurity & Data Breaches, International/EU Privacy

French CNIL Publishes English Language Compliance Guides

France’s data protection authority, the Commission Nationale de l’Informatique et des Libertés (CNIL), released on November 14, 2012 English-language versions of its compliance guides for businesses. The first guide, “Methodology for Privacy Risk Management”, provides a step-by-step guide for identifying risks and prioritising remedial actions. The second guide, “Measures for the Privacy Risk Treatment“, provides practical guidance on… Continue Reading

Posted on By Winston Maxwell Posted in International/EU Privacy

CNIL Cloud Guidelines Address Controller vs. Processor Issues

The French CNIL’s new guidelines on cloud computing revisit the tricky question of whether a cloud provider is a data processor or a data controller under French data protection law. The CNIL’s guidelines contain seven recommendations for cloud customers, and a list of recommended contractual clauses. The CNIL points out that when the cloud provider is located in a non-European country “local government authorities can send requests to the provider to have access to the data.”

Posted on By Lionel de Souza Posted in International/EU Privacy

French Data Protection Authority launches public consultation on cloud computing

The French Data Protection Authority (the Commission Nationale de l’Informatique et des Libertés or CNIL) opened a public consultation on cloud computing, citing the growing significance of the cloud computing market: “already €6 billion at the European level, with a yearly growth of approximately 20%”. The CNIL is focusing on five areas: definition of cloud computing, role of the parties, applicable law, international transfers of data outside the European Union and data security. Public input into the issue is sought by the CNIL, as explained in this blog entry.

Posted on By Lionel de Souza Posted in Employment Privacy, International/EU Privacy

French Court of Appeals reject company’s whistleblower system despite CNIL approval

A French Court of Appeals in Caen recently confirmed a lower court’s order for the suspension of a whistleblowing system implemented by French company Benoist Girard, a subsidiary of American group Stryker. The decision comes as a surprise as it rejects the approval of the whistleblower system by French data protection authority (the “CNIL”).

Posted on By HL Chronicle of Data Protection Posted in International/EU Privacy, News & Events

Upcoming EU Cloud Strategy Announced: Application of Local Privacy Laws Remain an Issue, To Be Explored at IAPP Navigate on September 14

An announcement came this week from EC Digital Agenda VP Neelie Kroes of an EU Cloud Strategy (described in this blog entry), for which the former US CIO Vivek Kundra will be an advisor, and it once again raises questions about the application of the EU Directive in the cloud. This is an issue that will be explored through a Moot Court problem at IAPP’s Navigate in Dallas on September 14, also described and shared in this entry.