France: CNIL’s new approach to cookies

Compliance with new guidelines is enforced efficiently by audits and fines. Alexandra Guérin-François and Judicaël Phan of CNAM University, France analyse the changes.

The end of March 2021 was a key date for many companies operating on the Internet in France as France’s Data Protection Authority, the CNIL, had put cookies on the table once again. One may wonder why this date was chosen since the e-Privacy directive is still under discussion at EU level. To better understand what the changes are and what companies should be careful of, let’s first have a quick look at the history of cookies in France.


The e-Privacy directive (2002/58/CE) that regulated cookies had to be transposed into all national laws of EU member states. France implemented it by an amendment to its Data Protection Act in 2011. That is when cookie banners started to appear on the front pages of French websites.

Continue reading

International Report subscribers please login to access the full article.

If you wish to subscribe please see our subscription information.