GPEN and CNIL Review Online Privacy Notices During Internet Sweep
Time 1 Minute Read
Categories: European Union, Events, International, Online Privacy

On May 6, 2013, the Global Privacy Enforcement Network (“GPEN”) announced its first “Internet Privacy Sweep,” in which 19 data protection authorities are participating. This joint effort, which runs May 6-12, 2013, involves a review of the information notices posted online by major websites.

The French Data Protection Authority (“CNIL”) is participating in this initiative and has announced that it would subject 250 top websites to further scrutiny.

According to the CNIL, the purpose of the review is to examine whether web users are properly informed of:

  • the types of personal data collected;
  • the purposes for which the data are collected;
  • whether personal data are transferred to third parties; and
  • whether web users can object to the transfer of their personal data to third parties.

The CNIL also considered whether this information was provided in clear and plain language such that web users can easily understand the notice.

The CNIL may carry out more detailed reviews if its initial findings reveal serious breaches of the French Data Protection Act. It also is possible that other data protection authorities that are participating in the Internet Sweep may take similar action.

Tags: CNIL, Data Protection Act, Data Protection Authority, Data Transfer, France, Global Privacy Enforcement Network
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 2 Minute Read
Data Protection Authorities Globally Highlight Privacy Issues in AI Image Generation

On February 23, 2026, a Joint Statement on AI-Generated Imagery was published by 61 data protection authorities. The Joint Statement addresses concerns regarding AI systems capable of generating realistic images and videos depicting identifiable individuals without their knowledge or consent.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Virginia AG to Enforce VCDPA Provisions Restricting Minors’ Use of Social Media

On February 18, 2026, Virginia Attorney General Jay Jones announced that his office intends to fully enforce new provisions of the Virginia Consumer Data Protection Act restricting minors’ use of social media.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
China CAC Issues Guidance on CBDT Security Management

On January 30, 2026, the Cybersecurity Administration of China released a Q&A document on policies and regulations for the security management of cross-border data transfers. 

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 1 Minute Read
Brazil and the European Union Reach Agreement to Recognize Mutual Adequacy in Personal Data Protection

On January 26, 2026, the Brazilian data protection authority (“ANPD”) announced that Brazil and the European Union agreed to mutually recognize the adequacy of each other’s data protection networks.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page