• PRO
  • Events
  • About Blog Store Popular
  • Login
  • Register
  • PRO
  • Resources
    • Latest updates
    • Q&A
    • In-depth
    • In-house view
    • Practical resources
  • Resources
  • Research
    • Legal research hub
    • Primary Sources
    • Research reports
    • Explore all
  • Research
  • Learn
    • All
    • Webinars
    • Videos
  • Learn
  • Experts
    • Find experts
    • Influencers
    • Firms
    • About
    Introducing Instruct Counsel
    The next generation search tool for finding the right lawyer for you.
  • Experts
  • My newsfeed
  • Events
  • About
  • Blog
  • Store
  • Popular
  • Legal research hub
  • Primary Sources
  • Research reports
  • Explore all
  • Find experts
  • Influencers
  • Firms
  • About
Introducing Instruct Counsel
The next generation search tool for finding the right lawyer for you.
  • Compare
  • Topics
  • Interviews
  • Guides

ANALYTICS

Review your content's performance and reach.

  • Analytics dashboard
  • Top articles
  • Top authors
  • Who's reading?

CONTENT DEVELOPMENT

Become your target audience’s go-to resource for today’s hottest topics.

  • Trending Topics
  • Discover Content
  • Horizons
  • Ideation

CLIENT INTELLIGENCE

Understand your clients’ strategies and the most pressing issues they are facing.

  • Track Sectors
  • Track Clients
  • Mandates
  • Discover Companies
  • Reports Centre

COMPETITOR INTELLIGENCE

Keep a step ahead of your key competitors and benchmark against them.

  • Benchmarking
  • Competitor Mandates
Back Forward
  • Save & file
  • View original
  • Forward
  • Share
    • Facebook
    • Twitter
    • Linked In
  • Follow
    Please login to follow content.
  • Like
  • Instruct

add to folder:

  • My saved (default)
  • Read later
Folders shared with you

Register now for your free, tailored, daily legal newsfeed service.

Questions? Please contact [email protected]

Register

What Companies Can Learn From CNIL’s Privacy Consent Cases on Targeted Marketing
Blog Global Privacy and Security Compliance Law Blog

Latham & Watkins LLP

To view this article you need a PDF viewer such as Adobe Reader. Download Adobe Acrobat Reader

If you can't read this PDF, you can view its text here. Go back to the PDF .

European Union, France March 26 2019

The closure of four cases involving targeted advertising provides lessons for navigating compliance standards under the GDPR.

Four French advertising technology companies that received a warning in 2018 from the French Data Protection Authority (CNIL) have all implemented the regulator’s required changes. The recent closure of the cases highlights opportunities for businesses at all layers of the adtech value chain to address emerging compliance challenges.

The companies — Fidzup, Teemo, Singlespot, and Vectaury — collect geolocation data for targeted advertising purposes via third-party apps. Initially, the French regulator found that they had failed to obtain an informed, freely given, and specific consent from app users, since:

  • The information provided was insufficient, as it was unclear, used complex terms, and was difficult to access.
  • The consent was not based on an affirmative declaration, as the options were pre-ticked.
  • Users were not asked to consent to the processing of their geolocation data specifically.

Whilst the requirements imposed by the CNIL may have appeared at first sight unduly burdensome to the adtech industry, they are unsurprising since they strictly align with the CNIL’s interpretation of the obligations under the General Data Protection Regulation (EU) 2016/679 (GDPR).

These cases provide helpful guidance to other adtech companies that are developing privacy compliance strategies. In particular, such companies should:

  • Not rely on the sole contractual commitments made by the app providers to collect valid consent, but rather provide for concrete and precise obligations as to how the consent should be obtained from data users (e.g., by agreeing on a banner template to be displayed at the installation of the app)
  • Control if such banner template is actually displayed in practice, if necessary by carrying out an audit
  • Provide users with complete and clear information (including the name of the data controller) at the installation of the app, before the collection process actually begins
  • Enable users to choose the different purposes of processing at the first layer (and not only via the preferences page, in the app settings)

For a full client briefing, see Latham’s Client Alert.

This article is made available by Latham & Watkins for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. Your receipt of this communication alone creates no attorney client relationship between you and Latham & Watkins. Any content of this article should not be used as a substitute for competent legal advice from a licensed professional attorney in your jurisdiction.

Latham & Watkins LLP - Myria Saarinen and Elise Auvray
Back Forward
  • Save & file
  • View original
  • Forward
  • Share
    • Facebook
    • Twitter
    • Linked In
  • Follow
    Please login to follow content.
  • Like
  • Instruct

add to folder:

  • My saved (default)
  • Read later
Folders shared with you

Filed under

  • European Union
  • France
  • IT & Data Protection
  • Media & Entertainment
  • Latham & Watkins LLP

Tagged with

  • GDPR
  • CNIL

Popular articles from this firm

  1. Bundeskabinett beschließt Betriebsrätemodernisierungsgesetz - Regelung zur datenschutzrechtlichen Stellung des Betriebsrats auf dem Weg *
  2. New guidance on Article 22 EUMR referrals to the European Commission *
  3. ESG Disclosures Under the EU Taxonomy Regulation and CRR: Latest Developments *
  4. Strategien zur erfolgreichen Verteidigung gegen DSGVO-Bußgelder - Data Privacy Litigation *
  5. UK Issues New Guidance for Medical Device Regulation After Brexit *

If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].

Powered by Lexology

More from Global Privacy and Security Compliance Law Blog

  1. UAE’s New Consumer Protection Law: An End to Direct Marketing?
  2. Remote Evidence in English Courts: Some Timely Reminders
  3. Virginia Consumer Data Protection Act: Second US State Passes Comprehensive Data Privacy Legislation
  4. Extensive Changes to Singapore’s Data Protection Regime Take Effect
  5. FTC Chair Rebecca Slaughter Outlines Data Privacy Enforcement Agenda
loading...

Related research hubs

  • GDPR
  • France
  • European Union
  • Media & Entertainment
  • IT & Data Protection
Veta T. Richardson
President
Association of Corporate Counsel
What our clients say

”ACC Newsstand is another  useful, tailored and easily accessible resource that coincides directly with our focus on saving ACC members time, money and effort.”

Back to Top
Resources
  • Daily newsfeed
  • Q&A
  • Research hubs
  • Learn
  • In-depth
Experts
  • Find experts
  • Legal Influencers
  • Firms
  • About Instruct Counsel
More
  • About us
  • Blog
  • Events
  • Store
  • Popular
Legal
  • Terms of use
  • Cookies
  • Disclaimer
  • Privacy policy
  • GDPR compliance
Contact
  • Contact
  • RSS feeds
  • Submissions
 
  • Login
  • Register
  • Follow on Twitter
  • Follow on LinkedIn

© Copyright 2006 - 2021 Law Business Research

Law Business Research