On December 14, 2023, the European Parliament and the European Council reached a provisional deal on the Corporate Sustainability Due Diligence Directive (CS3D). Initially proposed by the European Commission in February of 2022, the CS3D requires certain companies to account for and mitigate adverse human rights and environmental impacts throughout their supply chains, including both their own operations as well as upstream and downstream activities. In November 2022, the European Council adopted the general approach proposed by the European Commission. Since then, the Council and the European Parliament have negotiated the parameters of the CS3D to reach a provisional agreement. While press releases from the Council, the Parliament, and the Commission all confirm an agreement has been reached, the text of the agreed upon CS3D is not yet publicly available. It is likely to be released in early 2024.Continue Reading EU Corporate Sustainability Due Diligence Directive Nearly Final

On November 26, 2020, the French Data Protection Authority announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation and Article 82 of the French Data Protection Act governing the use of cookies.
Continue Reading CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

As reported on the Privacy & Information Security Law Blog on February 8, 2019, the European Commission has issued an EU-wide recall of the Safe-KID-One children’s smartwatch marketed by ENOX Group over concerns that the device leaves data such as location history, phone and serial numbers vulnerable to hacking and alteration.
Continue Reading EU Recalls Children’s Smartwatch Over Security Concerns