(Data Protection News & Services)
On 15 February 2022, the CNIL released its control programme for the year 2022. This year the priority themes are as follows:
Direct marketing ;
Employee’s monitoring in the context of remote working;
Cloud computing.
By a decision of November 25, 2021, the Court of Justice of the European Union (CJEU) ruled that the practice of displaying an advertisement under the appearance of an e-mail in the users’ e-mail box is subject to the prior information and consent of the users (as required under directive 2002/58/EC), without which it also constitutes an unfair commercial practice insofar as this practice corresponds to the notion of “repeated and unwanted solicitations” within the meaning of the Directive 2005/29/EC (“Unfair Commercial Practices Directive”) .
On 16 July 2021, the Luxembourg data protection authority imposed a fine of 746 million euros on Amazon Europe Core.
On 17 June 2021, the CNIL imposed a fine of 500,000 Euros and an obligation to comply within 3 months under a penalty of 500 Euros per day on BRICO PRIVÉ, a French company opearating a DIY private sales website
During this 37th plenary session, the Board adopted Guidelines on the concepts of controller and processor and Guidelines on the targeting of social media users. The EDPB also created a taskforce focusing complaints following the CJEU Schrems II judgement and