Garbage Collector

The little space of a writer, tinkerer, and a coffee addict

The EDPB adopts the final report of the cookie banner recommendations

- 8 minutes read time

Between May 2021 and August 2022, 18 European data protection authorities (DPA) received several hundred of complaints from NOYB regarding the design of the cookies banners.

A coordinated task force between the DPAs, piloted by the French authority La CNIL and its Austrian counterpart, the DSB, ended-up after 13 meetings by the production of a report containing various recommendations for designing a cookie banner. I propose here a summary of my understanding of this report.

GDPR : French ISP Free sanctioned for violations

- 5 minutes read time

On November 30th (link in French), la CNIL, the French personal data protection authority, sanctioned the French Internet Service Provider FREE for data security issues and not respecting the people rights granted by the GDPR.

According to the more complete délibération (in French) published in the Journal Officiel de la République Française, the Authority received 41 complains between October 2018 and November 2019. Ten of the complains were analyzed during the procedure which ended by this sanction. The complains topics were difficulties to use their personal data access right (GDPR 12 and 15), and their personal data deletion right (GDPR 12 and 21). Others complains were worries about the personal data security (GDPR 32), with weak passwords, clear text password transmission, and also about around 4 100 repackaged Freebox (the Internet router designed by Free and included in their subscriptions) that were not completely erased with the data from previous subscribers.