Tag

France

Browsing

After months of debates, on 24 January 2023, France enacted the Orientation and Programming Law (LOPMI) which introduced amendments to the insurability of losses and damages paid in response to cyber-attacks. At the center of the debates: the insurability of ransom payments. The LOPMI has confirmed such insurability with conditions. Pursuant to article 5 of the LOPMI, introduced under the French Insurance Code at article L. 12-10-1: “The payment of a sum pursuant to an…

28 January 2023 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2023, Baker McKenzie’s Global Data Privacy and Security Team is pleased to present this special edition update of key data protection and privacy developments and trends across the globe, as well summarising future legislative changes, predictions, and enforcement priorities to look out for during 2023.…

The French data protection authority (“Commission nationale de l’informatique et des libertés” or “CNIL”) published, on January 12, 2022, a statement on processor reuse of data entrusted by data controllers. This guidance aims at establishing a legal framework to determine if, and under which conditions, a processor can use personal data it obtained from a controller for purposes broader than just strictly providing services to the controller. Can a processor reuse the data it receives…

The 25 May 2021 marks the third anniversary of the GDPR coming into force. As we have moved from preparation for the GDPR to business as usual compliance with the GDPR, regulators have focused on various issues in different jurisdictions. Although we are now three years into compliance with the GDPR being part of our day to day operations, it is clear that interpretation and expectations regarding compliance from the courts and regulators continue to…

On 11 December 2020, the French Supreme Administrative Court ruled that Valueclick International, an Irish company in the digital sector, had a permanent establishment in France, for purposes of both corporate income tax (CIT) and value-added tax (VAT), through another Valueclick subsidiary, Valueclick France. In this episode of TMT Talk, Kate Alexander, Ariane Calloud, and Erik Christenson review this landmark decision from the perspectives of French and US tax law. Listen to our panel of experts explore both the…

Happy Data Protection Day! The 28 January each year is celebrated as Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2021, we have summarised some of the key trends and developments in the EU, UK and beyond from a data protection perspective and looking ahead to what to expect for 2021. You can jump to specific country…

Since the loot box debate peaked again in April 2018 with regulatory enforcement action being announced or taken in South Korea, Belgium and the Netherlands, things have calmed down significantly. Nevertheless, several proceedings, investigations and legislative actions which were initiated during the first loot box peak in October/November 2017 are still ongoing, one of them being the investigation commenced by the French gambling regulator, the Autorité de regulation des jeux en ligne (“ARJEL”). For different reasons, the decision of the…

The Australian and French privacy regulators have also respectively issued guidance on getting accountability right but take a slightly different approach compared to the Canadian, Hong Kong and Colombian regulators in that they do not expressly refer to, or promote the implementation of, privacy management programs.The French ApproachThe French data protection authority was the first European privacy regulator to release a standard outlining what accountability means in practice. The French Standard, released in January 2015,…

Nearly every company in the world is struggling to effectively manage the broad range of legal and operational risks associated with data. Data is everywhere, and everyone is working to maximize its organizational value, while avoiding wrongful disclosures, theft of informational assets, and the losses related to the costly legal fallout. This is the result, in large part, of new legislation, heightened regulatory scrutiny and marketplace expectations, and increased dependence on service providers for core…

On 19 November 2015, the French data protection authority (“CNIL”) published a set of guidelines and FAQs providing guidance to French businesses currently transferring, or planning to transfer, personal data from the EU to the U.S. What Options Are Available For Transferring Personal Data From France To the U.S.?CNIL expressly states that transferring personal data from France to the U.S. on the basis of Safe Harbor is no longer an option. It further confirms that, while…