Posts Tagged Commission nationale de l’informatique et des libertés
Postscript 30 September 2013: see here for the CNIL press release stating that Google has failed to comply and shall be served an official enforcement notice.
I reported earlier on the referral to the ECJ of questions surrounding jurisdiction under the data protection Directive: the AG’s Opinion in that case, C-131/17 is due tomorrow (25 June). Last week, the French data protection authority (‘CNIL’) ordered Google to comply with the French Data Protection Act, within three months. That in itself of course is testimony to the French determination in their own national procedure. However the agency’s action is unusual in that it announces co-ordinated action between a wide variety of European data protection agencies. CNIL notes
‘The Data Protection Authorities from Germany, Italy, the Netherlands, Spain and the United Kingdom carry on their investigations under their respective national procedures and as part of an international administrative cooperation.
- The Spanish DPA has issued to Google his decision today to open a sanction procedure for the infringement of key principles of the Spanish Data Protection Law.
- The Data Protection Commissioner of Hamburg has opened a formal procedure against the company. It starts with a formal hearing as required by public administrative law, which may lead to the release of an administrative order requiring Google to implement measures in order to comply with German national data protection legislation.
- As part of the investigation, the Dutch DPA will first issue a confidential report of preliminary findings, and ask Google to provide its view on the report. The Dutch DPA will use this view in its definite report of findings, after which it may decide to impose a sanction.
- The Italian Data Protection Authority is awaiting additional clarification from Google Inc. after opening a formal inquiry proceeding at the end of May and will shortly assess the relevant findings to establish possible enforcement measures, including possible sanctions, under the Italian data protection law.’
Other than perhaps in competition law, such co-ordinated action among national authorities is rare. That it should be in data protection, confirms the relevance which Europeans and their legislators attach to the protection of personal data.
Case C-131/12, CNIL, Co-operation, Commission nationale de l’informatique et des libertés, Data protection, Data protection authorities, Data protection Directive, Directive 95/46, EU law, Extraterritoriality, France, Google, Jurisdiction, Prism, Regulatory agencies
- Vestel v HEVC Advance (Delaware) and Philips (NL). High Court denies stand-alone competition law damage both on the basis of Article 7(2) BRU Ia and residual CPR rules. 05/12/2019
- The High Court on the lawfulness of the proposed ivory ban. 03/12/2019
- The UK ban on e-collars. High Court finds decision does not breach property rights (ECHR) or internal market (TFEU). 02/12/2019
- ED&F Man Capital Markets v Come Harvest Holding et al. Court of Appeal confirms Tolenado DJ’s forum analysis of Vedanta. Leaves Rome II issue undiscussed. 30/11/2019
- Is the innovation principle compatible with a European Green Deal? 29/11/2019
Also of noteMy Tweets