The French Data Protection Authority,  CNIL, has prohibited the use of facial recognition to control entry into a school as disproportionate saying that alternative less intrusive means are available, such as badge control.

Key takeaways:

  • Processing of biometric data is of particular sensitivity, justifying enhanced protection of individuals.
  • Facial recognition devices are particularly intrusive and

Cookies in the spotlight in France:

Actual consent – in.

Continued browsing – out.

The French Data Protection Authority, CNIL, repealed its 2013 guidelines on cookies consent and announced upcoming cookies guidance will be published later this month (July).  Per the new guidance, continued browsing of a website will not suffice to indicate consent to

Spotlight on adequate/reasonable protections to personal information – Part 1 – France.

CNIL fined a real estate company 400,000 EUR for failure to implement adequate protections to personal data in violation of GDPR.

In this case, the URLs on the company’s website were the problem. By changing a character, you could gain access to documents