The Three Wishes to Save Your Digital Advertising From the CNIL

When you rub the magic lamp and are offered three wishes for your digital advertising program, how can you use them to avoid €50,000,000 fines from the French CNIL?    

1. Transparency:  You need to disclose clearly the scope of personal data processing, including the purposes for which data is processed and the sources for personalized advertising.  And the disclosures must be very specific, organized, and available without clicking through several links.  For example, you need to tell users how long you will store their data, not just tell them how you decide whether to destroy it.   A failure of transparency can be used, as by the CNIL, to justify the maximum fine.  

2. Clear, Affirmative, Granular Consent:  The legal basis will be consent, so you need a specific, unambiguous, granular, affirmative consent to each of the processing activities that you have transparently disclosed.  Your page describing targeted advertising will mention each of the services and products included in each granular consent for each processing activity!  And no pre-ticked boxes in consents!   And if you thought that unticking the basic “I accept” box and then sending the unticked to “More Options” (in which a pre-ticked box or two may or may not reside), think again! 

3. EU Control:  Here’s a good one for the lamp:  To have your lead DPA recognized as such, it has to have decision-making power over your company’s product and service development relating to the user experience and processing of personal data.  

Latest Thinking

View more Insights
Insights Center
close
Loading...
Knowledge assets are defined in the study as confidential information critical to the development, performance and marketing of a company’s core business, other than personal information that would trigger notice requirements under law. For example,
The new study shows dramatic increases in threats and awareness of threats to these “crown jewels,” as well as dramatic improvements in addressing those threats by the highest performing organizations. Awareness of the risk to knowledge assets increased as more respondents acknowledged that their