On 10 February 2022, the CNIL issued a formal notice to a website operator using Google Analytics cookies to comply with the GDPR and more specifically with the CJEU Schrems 2 ruling on the transfer of data to the US.
The CNIL considers that as long as the US authorities can access users’ data, the use of Google Analytics is not legal. The Authority has therefore asked the website operator to comply with the GDPR and if necessary, to stop using Google Analytics cookies.
The CNIL reminds in its recommandations that it constitutes only examples which are neither prescriptive nor exhaustive and that although they are focused on the web and mobile environment, they can also be applied to other environments (connected TV etc.).
On 2 March 2021, the CNIL announced its control programme for the year 2021. In addition to the inspections that the CNIL carries out following complaints or in connection with the news, the CNIL will focus its inspection activities on
On February 10, 2021, member states agreed on a negotiating mandate for revised rules on the protection of privacy and confidentiality in the use of electronic communications services (e-privacy regulation). These updated ‘ePrivacy’ regulation will specify when service providers are