Our latest letters
• Lettre DPO
Data at the heart of influence!
This month, La Lettre du DPO interviewed Valérie Revol (Category Sourcing Manager Marketing/Communication at LVMH) and Léa Coffrant(content creator entrepreneur). They provide La Lettre du DPO with their respective views on the vigilance required when engaging in, or using, the e-business of influencer marketing (the players of which are commonly known as “influencers”). This activity, which is now clearly defined by law, is carried out by people who, “against payment, use their reputation among their followers to communicate to the public, by electronic means, content with a view to promoting, directly or indirectly, goods, services or any cause whatsoever”.
23 Feb 2023
• Lettre DPO
The Whistleblowers and personal data : joint protection is essential !
This month, La Lettre du DPO interviewed Domitille Fontaine-Castets, Chief Compliance Officer of the renowned French hotel group Accor, and Claudio Interdonato, Business Development Director South Europe of EQS Group (a provider of cloud-based compliance software solutions). In this issue of La Lettre du DPO, they give their respective views on the need to protect whistleblower data, in a world where whistleblowing is increasingly widespread due to the need to respond to systemic risks (corruption and money laundering, environmental destruction, cyber-insecurity, etc.), while striking the necessary balance in also protecting the fundamental rights of the whistleblowers themselves (privacy, security, etc.).
26 October 2023
Our previous letters
• Lettre DPO
The 2024 Olympic and Paralympic Games: Impact of the new regulation on personal data and privacy
This month, La Lettre de la DPO interviewed Jean Martinot, vice-president of the Cercle de la Donnée (an independent and interdisciplinary think tank producing forward-looking reflections on data and digital technology) and Frédéric Le Corre, a specialist in the sports ecosystem and co-founder of Whimup, a social fan-experience platform. They have provided La Lettre du DPO with their views on the major challenges in terms of personal data protection resulting from the provisions of the law relating to the 2024 Olympic and Paralympic Games, and the future of sports content broadcasting in the digital world.
3 may 2023
• Lettre DPO
The Digital Services Act: the new legal landscape for Internet intermediaries
This month, La Lettre du DPO interviewed Romain Darfeuille (Head of Legal of Bedrock), and Oscar Lourdin (DPO of Bedrock). They have provided La Lettre du DPO with their views on this new Regulation, certain provisions of which have already entered into force, and the rest of which will do so in February 2024, i.e. in less than 12 months’ time – which will come around very quickly bearing in mind the level of the changes that need to be adopted for certain companies, particularly all those operating online platforms.
23 Feb 2023
• Lettre DPO
Metaverse : time for reflection !
This month, La Lettre du DPO interviewed Professor Michel Beaudouin-Lafon, renowned academic who has won awards for his work on human-computer interaction and is a committed member of the prestigious ACM (Association for Computing Machinery), and Arnaud Tanguy, President of the Cercle de la Donnée (an independent and interdisciplinary think tank producing forward-looking reflections on data and digital technology). They have provided La Lettre du DPO with their view on the need to protect data generated in the metaverse and, more generally, on the very real impacts that the metaverse will have on the world and society.
8 Dec 2022
• Lettre DPO
The digital euro: what are the challenges for personal data protection?
This month La Lettre du DPO interviewed Dominique Jeanne (Data Protection Officer at the Banque de France), Luc Millot (Expert in cyber resilience and operational risk management at the Banque de France) and Barbara Buchalik (IT lawyer, co-founder of the FinTech Brygge, after working at the Federal Ministry of Finance in Germany). They have provided La Lettre du DPO with their insight on the challenges of the digital euro.
29 sep 2022
• Lettre DPO
Gdpr, year 4: comparative views from abroad
This month, on the fourth anniversary of the GDPR implementation, our newsletter, “La Lettre du DPO”, has interviewed the legal experts of PANGEA NET, an international network of independent law firms, including klein • wenner. They share with us their personal views on the practical application of the GDPR and the main trends that are emerging in their respective countries. Many thanks to all of them!
24 MAY 2022
• Lettre DPO
Successful fundraising: enhancing data and ensuring compliance with applicable regulations
This month, our newsletter “La Lettre du DPO” interviewed Samuel Brau, President of Drone Géofencing (which has developed a professional drone management software) and Bruna Sellin Trevellin, lawyer specialized in IP/IT law and DPO at the Agency for the Protection of Programs (“APP”). They share with us their views about the importance of proving the ownership and lawfulness of a company’s intangible assets and data in the context of fundraising operations.
24 MAR 2022
• Lettre DPO
The environmental footprint of digital technology: it is time to wake up!
This month, our newsletter “La Lettre du DPO ” interviewed Vanessa Kurukgy, former lawyer, legal expert at the French Federation of Conservatories of Natural Areas (Fédération des Conservatoires d’espaces naturels – FCEN) and David Bessot, founding member and CEO of the company Infhotep. They share with us their personal views on the environmental impact of digital technology.
27 Jan 2022
• Lettre DPO
Digital Africa: the new Eldorado for the tech giants?
This month, the team responsible for the drafting of our newsletter “La Lettre du DPO” was honored to interview Mr Roger Félix Adom, (Minister for Digital Economy, Telecommunications and Innovation of the Republic of Côte d’Ivoire), as well as Mr Franck Kié (expert in cyber risk management, founder of the “CYBER AFRICA FORUM”). They share with us their experiences and feedback on the issues and challenges of the digital economy, data protection and cybersecurity in Africa.
25 nov 2021
• Lettre DPO
International transfers of personal data: the new legal framework of the upcoming work year
This month, our newsletter “La Lettre du DPO” has decided to interview Myriam Quéméner (lawyer at the Economic and Financial Investigation Division of the Paris Court of Appeal, Ph.D. in Law and author of numerous books and articles on digital law) and Lauren Webb (partner at the law firm Browne Jacobson, specializing in new technologies law). They share with us their experiences and practical insights, in particular on the matter of international transfers of personal data, a very topical subject in the upcoming work year 2021.
30 sept 2021
• Lettre DPO
Cloud: the European battle for trust!
This month, la Lettre du DPO interviewed Henri d’Agrain (General Delegate of the Cigref, appointed by the Secretary of State for Digital Transformation to lead the European GAIA-X project) and David Chassan (Director of Strategy at Outscale, a “Trusted Cloud” provider with the “SecNumCloud” label). They provide la Lettre du DPO with their experience and practical guidance on Cloud computing, which is now a key technological and industrial link for competitiveness, but also for the economic and political influence of Europe.
23 July 2021
• Lettre DPO
The irresistible rise of e voting and its challenges!
This month, the Lettre du DPO interviewed the Professor Judith Rochfeld (University Professor at the Sorbonne Law School, University of Paris 1 Panthéon‑Sorbonne, who teaches and mentors numerous researchers in digital law), as well as Bruce Bonnaure (Expert at the Paris Court of Appeal, specialist in e‑voting devices). They have provided the Lettre du DPO with details of their experience and some practical guidance, in particular on e‑voting, the use of which has steadily increased for certain professional elections in order to meet the restrictions imposed by current health measures, and for which there is every reason to believe that, for other reasons (environment, efficiency, etc.), its use could well take a permanent hold.
21 may 2021
• Lettre DPO
Impact assessment: the countdown has begun!
This month, the Lettre du DPO has interviewed Cédric Cantillon (DPO and Security Advisor at Radio Télévision Belge Francophone “RTBF”) and Claire de la Fouchardière (Product Manager at INFHOTEP, for “Adequacy” – a GDPR compliance management software). They have provided the Lettre du DPO with details of their experience, as well as practical guidance on impact assessments, which are mandatory for certain processing operations, and bearing in mind that the exemption granted by the CNIL for those implemented before May 2018 is due to expire on 25 May 2021.
12 mar 2021
• Lettre DPO
Fake news: the counter-attack is launched!
This month, the Lettre du DPO interviewed Delphine Sabattier, a journalist who presents “Smart Tech” (a television programme on digital technology and innovation that is broadcast daily on the economic news channel “B Smart” launched in June 2020), and Aude Favre, a journalist who launched the YouTube channel “WTFake”. They provided us with their insight and views on ways to fight against disinformation.
29 jan 2021
• Lettre DPO
Data security: encryption, the keys to success!
Encryption, an essential process to guarantee data security. The use of encryption (an operation that converts a message to be sent, known as a “clear message”, into another message, unintelligible to a third party, known as an “encrypted message”, in order to ensure secrecy) is as old as communication itself. As far back as 1900 BC, an Egyptian scribe used non‑standard hieroglyphics to conceal the meaning of an inscription. In an increasingly digitalised world, data encryption appears to be an essential technical measure to guarantee the security and confidentiality of data stored on computer systems or transmitted via the Internet or other networks, thus preventing it from being stolen and read by a third party who might wish to use it for malicious purposes.
24 dec 2020
• Lettre DPO
Data transfer across the Atlantic : the consequences of the “SCHREMS II” Case (CJEU, 16 July 2020)
In the midst of the digital boom, the “Schrems II” judgment has been rendered and calls into question the transfer of personal data to the United States. The widespread use of digital tools, arising from the obligatory reduction in contacts due to the current pandemic, has resulted in extensive recourse to American solutions which, in this area, clearly dominate the market (in particular, discussion and videoconferencing tools, which appear to be free of charge but may hide a business model based on data collection).
27 nov 2020
• Lettre DPO
E‑commerce: data as a source of profitability and reduction of the ecological footprint!
Changes in online shopping habits. The current health crisis has not finished influencing our lifestyles and in particular our shopping habits. According to a survey conducted by Médiamétrie and the Fevad (Fédération e-commerce et vente à distance – Federation for e-commerce and distance selling), an increase in online shopping was observed during the lockdown period, and this trend continues. In an increasingly competitive sector, e‑commerce players must innovate and adapt to new consumer habits.
30 oct 2020
• Lettre DPO
Education: a mainstay of digital trust
Digital technology, education’s blind spot. Contrary to most disciplines (mathematics, physics, chemistry, etc.) which enabled the advent of previous industrial revolutions, the digital space and all its components (infrastructure, data, software, etc.) have not been taught in school. Often out of ignorance, or sometimes indifference, the digital space and the powers that control it remain little known to the general public, fuelling political inaction and jeopardising prosperity, security and certain foundations of the French and European models inherited from the Age of Enlightenment.
25 sept 2020
• Lettre DPO
The lasting success of remote working, and its challenges!
The rise and perpetuation of remote working. The recourse to remote working, which refers to a form of organisation where work that could have been done in the usual workplace is carried out away therefrom by using information and communication technologies, has increased considerably as a result of the Covid 19 pandemic and the government measures taken to deal with it, in particular the lockdown period decided upon in the context of the health crisis.
24 JULY 2020
• Lettre DPO
Artificial Intelligence: the decisive role of data
The rise of algorithms and artificial intelligence in our daily lives. Technologies based on algorithms (defined as a finite and unambiguous sequence of instructions for obtaining a result from input data) and artificial intelligence (“AI”) are everywhere in our daily lives (self-driving cars, personalised newsfeed on social networks, automated medical diagnosis, etc.). Although there is an unprecedented boom in AI, it is nonetheless sparking social debate, as it fuels fantasies about what our world will be like tomorrow.
26 june 2020
• Lettre DPO
GDPR, YEAR II: Viewpoints from Europe and elsewhere…
GDPR: two years down the line, actions still need to be taken. A few days ago, the General Data Protection Regulation (“GDPR”) celebrated its 2nd anniversary. Despite the binding nature of this text (for all organisations based in Europe and those which, whilst not based in Europe, process data concerning people located in Europe), a study carried out by the Ipsos Institute on behalf of the four largest associations of users of integrated management software packages in France reveals that six out of seven French companies consider that they still need to take actions in order to be compliant with the GDPR. This trend is more generally observed in Europe, particularly in Austria and Spain.
29 may 2020
• Lettre DPO
Digital transformation: France finds its way
France finds its voice. Amidst concerns over the global spread of COVID-19, France used its voice on 12 March 2020 to reiterate its unwavering commitment to essential values: the need to protect the weakest and the importance of health over wealth (“save lives at any cost” President Macron declared in his 12/03/20 address). That contrasts with the so-called ‘herd immunity’ strategy advocated by certain advisors to the UK Prime Minister Boris Johnson, which involves letting the virus spread — with inevitable tragic consequences for the most vulnerable — sparing the more resistant and (hopefully) preventing future waves of the epidemic, thereby reducing the burden on health services.
20 mar 2020
• Lettre DPO
Domain names and the GDPR: France is ahead of the game!
Whois, a global personal database. ICANN (Internet Corporation for Assigned Names and Numbers), the authority responsible for assigning domain names, has developed a registry and registrar accreditation system. Accreditation agreements between registries, registrars and ICANN include the requirement to provide details of the domain name on the Whois directory. That database contains technical information, but is better known for displaying the personal data of individual domain name registrants (full name, postal and email address, phone number, etc.).
21 feb 2020
• Lettre DPO
The GDPR in 2020: the advent of tooling!
Like bookkeeping, GDPR compliance implies a software tool. The historical reasons that led lawmakers to introduce the requirement to keep a book meeting strict financial information presentation standards (following several financial scandals during the Industrial Revolution in the late nineteenth and early twentieth centuries) can be applied to the Digital Revolution: holders of vast quantities of data (with much of it now undermining individuals’ privacy as well as governments’ security), companies can trigger systemic risks by processing their data illegally or improperly.
31 jan 2020
• Lettre DPO
Digital sovereignty: the need for a New Deal!
One world. Make no mistake. The digital world isn’t ‘virtual’, i.e. defined by the dictionary as one ‘that does not exist’. Nor is it ‘another’ world, different to and separate from the real world, having no law, ignoring the balance of power and domination, and providing the forum for unrestricted freedom that optimistic digital champions hailed at its launch. It’s all too obvious: digital networks are the extension of the real world; they ‘are’ our world. And like the physical world, cyberspace is ridden by conflict with opposing economic and ideological forces, but, unlike it, not everyone in it has the same ‘common sense’ as in the natural world.
20 dec 2019
• Lettre DPO
Digital services: the African miracle and its challenges!
Digital services in Africa: leapfrog technology. The term ‘leapfrogging’ is sometimes used to refer to the paradoxical advantage gained by economic players that skip their peers’ incumbent technologies, and so find themselves in a better position for adopting new advances. Which is exactly what’s happening in many parts of Africa, which were limited to very few infrastructures before the digital revolution but are now enjoying unprecedented economic growth via the digital space — led by mobile telephony and banking! All in a few years and often with few resources, whilst previously much more advanced countries are still struggling to adapt their economy to newcomer technologies.
22 nov 2019
• Lettre DPO
“Data analysis: driving change in the energy sector”
Exponential growth in energy sector data. With the boom in digital technologies across public gas and electricity networks as well as Open Data, the available data is growing exponentially in number and variety. Numerous tools installed throughout the networks and downstream of the meter generate data (network sensors, smart gas and electricity meters in end customers’ properties to measure usage, connected devices, etc.).
18 oct 2019
• Lettre DPO
Agriculture: data is becoming strategic!
The explosion in agricultural data. The agricultural world has always collected and processed specific information on its activity (weather, yield, status of livestock and/or of plots of land…), and this has developed into a strongly growing trend as a result of regulations (registration of land imposed by the Common Agricultural Policy (“CAP”), unique identification of animals, which has been compulsory in France since 1978 and extended to all of Europe in 1998 following the mad cow crisis…). More recently, the massive influx of connected objects for farmers has led to an unprecedented increase in the data collected.
20 sept 2019
• Lettre DPO
Biometrics: For worse, and especially for better!
The lighting speed at which the field of biometrics is developing: a sign of interpenetration between the physical and digital worlds. According to some sources, the biometrics component of mobile phones is expected to double between 2019 and 2022. This trend can of course be explained by the limits of the “login/password” tandem (we have too many of them, they are too hard to remember, and so on), and also by the mainstreaming of digital services whereby we all feel that the frontier between the physical and digital worlds is getting more blurred by the day.
19 July 2019
• Lettre DPO
Certification and codes of conduct: good tools for successful compliance!
L’exigence de documentation. Pour protéger les données, le RGPD oblige tous les organismes à concevoir et formaliser des documents décrivant les processus de traitement, qui bien souvent correspondent aux opérations métiers mais qui devront être décrits sous l’angle du traitement de l’information, ce qui exige un véritable savoir-faire. Pour ce faire, les organismes, surtout les petits, sont démunis et souffrent d’un déficit de moyens humains et méthodologiques. Pour y faire face, le RGPD prévoit deux instruments facultatifs : les certifications, et les code de conduites.
21 june 2019
• Lettre DPO
GDPR, year I: retrospective views from Europe and elsewhere….
A year after, the GDPR has been a game changer. Many were those who, until May the 25th 2018, predicted an immobilism, believing they were out of the scope, thinking that the impunity era with weak and rare sanctions would endure, speculating that, in the end, no one – clients and competitors – would care about this text. And yet, a year after, nothing was the same as before…
17 May 2019
• Lettre DPO
Data is not just a matter for lawyers
The GDPR is not about information technology, but about information. We forget it too often – it is not technology that is at the core of this regulation, but rather the material of which it permits the circulation: i.e. data. Data is traditionally distinguished from information in that it is devoid of meaning. For our part, we shall assimilate information and data, considering that the latter (a basic description of a reality) has varying degrees of meaning (but this is only a variation in degrees and not in nature). And, in practice, who cares about such a distinction for application of the GDPR?
19 Apr 2019
• Lettre DPO
Brexit: continuity in the midst of change
The end of direct application of the GDPR in the United Kingdom. Originally scheduled for March 2019, the United Kingdom (“UK”) should be leaving the European Union (the “EU”) by May. This implies that from then on, all European regulations, including the GDPR, will cease to apply directly in the UK.
Nonetheless, under the European Union Withdrawal Act 2018, the provisions of the GDPR will become provisions of UK domestic law.
22 Mar 2019
• Lettre DPO
When the GDPR becomes a reality
The GDPR is not simply a buzzword: On 21 January 2019, and for the first time, the CNIL fined Google LLC for violation of the GDPR. To date, this fine of 50 million euros is the highest ever imposed by the CNIL. The amount of the fine may seem derisory for Google LLC (such fines representing a maximum of 4% of the offender’s total annual worldwide turnover for the previous year – in this case, close to 3.5 billion euros), but it nonetheless reflects the CNIL’s determination to send a serious warning to operators and remind them that the GDPR is not simply a buzzword.
15 Feb 2019
• Lettre DPO
Security and compliance: a convergent approach!
The GDPR: a new era for security. The end of 2018 saw certain major economic operators being ordered by the CNIL (the French data protection authority) to pay significant financial penalties for breaching data security obligations (such breaches having occurred prior to the date of application of the GDPR). As everyone knows, the GDPR has considerably increased the amount of the fines. It is a safe bet that, in the future, the financial penalties imposed by the CNIL for breaches in data security recorded after 25 May 2018 will undoubtedly be more substantial.
18 Jan 2018
• Lettre DPO
Lawyers and the GDPR: an alliance with a bright future!
As revealed by the CNIL’s report published on 23 November 2018, more than two thirds of the French population have declared that they now pay more attention to the protection of their data. We can therefore say that the GDPR has already partially succeeded where previous regulations have failed: by creating mass public awareness!
21 dec 2018
• Lettre DPO
La Lettre du DPO is going international!
La Lettre du DPO: recent news on GDPR. Practical information, breaking news on legal and professional issues, and above all an original perspective on this area, which requires deep thought and exchanges – you’ll find all this in La Lettre du DPO. An English version of La Lettre du DPO: An English version is necessary in the era of the universal digital market.
16 nov 2018