On 4 July 2019, the French Data Protection (CNIL) published its Guidelines on Cookies and Other Tracking Technologies (the Guidelines, available in French here). The Guidelines further detailed the nature of the interplay between the General Data Protection Regulation (GDPR) which reinforced expectations towards obtaining consent to data processing operations when such consent is required), and the ePrivacy Directive which more specifically addresses the privacy requirements on cookies and other tracking technologies. Indeed, while the ePrivacy Directive was expected to be updated through an ePrivacy Regulation (latest draft proposal available here), on or before GDPR entered into force, it remains under discussion at the European level to this day, and subject to intense lobbying by all stakeholders.

Further to the publication of the Guidelines, several French professional associations in the online marketing, distance selling and online media activities initiated legal action against the CNIL, before the French Administrative Supreme Court (the Conseil d’État), on the grounds that the CNIL acted above and beyond its authority in adopting the Guidelines, notably by (i) generally prohibiting “cookie walls”, (ii) recognizing a right of data subjects to refuse cookies, (iii) requiring the identification of the data controller for the cookies, (iv) mandating an exhaustive and up-to-date information of the data subjects on the cookies, regardless of their involvement in data processing operations, (v) requiring that the users’ agreement must be expressed by a separate action for each of the distinct purposes brought to their knowledge with a view to the storage of information or access to information already stored in their terminal equipment, and (vi) imposing maximum data retention periods for cookies.


Practice head(s):Claude-Etienne Armingaud


‘The team is well versed and up to date on the current standards and practices. Team members are all very flexible in their availability and very responsive’.           

‘The team provides sharp advices and has great sector industry knowledge’.

‘The team has in-depth expertise and great ability to anticipate future legislation’

‘Claude Etienne Armingaud is more than a lawyer; he is a trusted partner who knows his own limits and is very friendly’.


K&L Gates ranked “Recommended” with Claude-Etienne Armingaud.

Source: Leaders League

K&L Gates ranked “Recommended – Band 2” with Claude-Etienne Armingaud.

Source: Leaders League

The new generic top-level domain (gTLD) .africa, a regional domain for users located in and out of the continent, has been officially validated by ICANN.

More than a decade after its other regional counterparts, such as .eu or .asia, the .africa gTLD has been the subject matter of a legal conundrum for years.
The new generic top-level domain (gTLD) .africa, a regional domain for users located in and out of the continent, has been officially validated by ICANN.

More than a decade after its other regional counterparts, such as .eu or .asia, the .africa gTLD has been the subject matter of a legal conundrum for years.

The French Act No. 2016-1321 of 7 Oct. 2016 for a Digital Republic (the “Digital Republic Act”) amends the existing framework for online intermediation platform created under Article L.111-5-1 of the French Consumer code by the Act No. 2015-990 of 6 August 2015.

The Digital Republic Act creates a general, autonomous and impersonal status of online platform operator (“OPO”) and completes the existing legal framework relating to consumer protection through the consumers’ prior information.

On November 10, 2016, the French Government issued a decree against the financing of terrorism which contains various measures addressing anonymous electronic money [source in French]. This new regulatory measure applies to electronic money issuers as well as their distributors, credit institutions, finance companies, consumers, and to any person who physically transfers money from a certain amount.

K&L Gates is ranked in the Industry focus: IT, telecoms and the internet ranking as Band 3

Headed by Etienne Drouard, K&L Gates LLP’s six-lawyer team assists major companies with digital transformation, outsourcing matters and IT systems integration. It also advises on cutting-edge data protection matters. Altarea-Cogedim Group and Voyages-SNCF.com are clients, as are a number of luxury goods manufacturers and advertising groups. Senior associate Claude-Etienne Armingaud is another name to note.”

Source: Legal 500 EMEA

The earlier is the owner of the French and Community semi-figurative trademark “vente-privee.com”, underlined with a pink line drawn in diagonal, enriched by two pink butterflies.

The latter is the owner of the French trademark “showroomprive.com” and expected the registration of a community semi-figurative trademark “showroomprive.com” enhanced with some stylized and coloured elements.

However, on August 1, 2012, the Office for the Harmonisation of the Internal Market (herein, “OHIM“) refused such application for “SHOWROOMPRIVE.COM” on the ground that the trademark was not distinctive enough and, much to the contrary, was descriptive for the targeted goods and services.

At the same time, on September 5, 2012, Showroomprive.com assigned before the Paris first instance Court, its competitor, Vente-privee.com, in order to invalidate the “vente-privee.com” trademark for lack of distinctiveness. This trademark had been registered since October 14, 2004 without any complains from ShowroomPrive.com or any other third party.

The first instance Court welcomed Showroomprive.com’s request and decided that “the terms ‘venteprivee.com’ was, at the time of the application date, descriptive of the company’s business activity for every consumer wishing to buy online discounted products; and thus such use was necessary to designate its private sales activity.” In addition, the Paris Court highlighted that the trademark had not acquired any “distinctiveness through its use, thus enabling the term to take ownership of generic names, when such names must remain available for all the economic actors from a given sector.

Meanwhile, on December 6t, 2013, in another law suit, Vente-privee.com assigned the owner of similar domain names (namely vente-priveee.com, ventprivee.com, venteprives.com) on the basis of its cybersquatting activities. The French first instance Court highlighted that the semi-figurative “vente-privée.com” trademark had to be considered as a well-known trademark. Indeed, in this case, the Court decided that the “vente-privée.com” trademark had a strong reputation due to the fact that a significant part of the relevant public made a connection between the trademark and its associated goods and services.

In conclusion, the decision concerning the semi-figurative trademark should not affect the word trademark “SHOWROOMPRIVE.COM” registered in 2007 by the OHIM. Nevertheless, we can legally wonder about the consequences in case of further contestation regarding a word mark and a close watch should be kept on any follow up evolution.

First published in K&L Gates Trade marks and unfair competition Bulletin no. 1/2014 (PDF) in collaboration with Alexandra Bernard.

Big data.” For nearly a year, marketers and CRM specialists have been more than fond of this new expression to the point of devoting several special editions of their publications to the topic.

If this neologism tends to scare the general public by its phonetic and philosophical proximity with its Orwellian bigger brother, the concept only pursues the developments initiated in the 90s through “data mining.” At that time, groups of data seemingly lacking causal or correlative relationships were subjected to mathematical analysis in the hope of discovering links between aggregated individual behaviors.

While some findings were limited to stating the obvious (such as the increased sales of appetizer upon promoting aperitif drinks), these new mathematical models allowed marketing teams to quantify the actual impact of promotions within the realm of distribution.

Other findings, however, were able to uncover less obvious ties, such as a correlation between the purchase of beer and of diapers for children by male shoppers.

These new steps in consumerism were however limited by the then-existing technology: the power of computers at the time, the introduction of data into the system and the processing time made the analysis relevant solely as a background strategy and for the emergence of certain statistical behavioral typologies, but does not allow any analytical granularity, or a real-time view. In addition, costs associated with material and human resources necessary for such analyzes prevented its access to a large crowd of users.

Nearly twenty years later, while technology has evolved in accordance with Moore’s Law, the consecration of Big Data has mainly be possible thanks to a double behavioral factors from the subjects / objects of the data analysis. Indeed, the raw material of big data remains the individuals. But those individuals have not only moved their habits to a digital world, facilitating the capture of data, but also opened up to the sharing their data in this paperless world.

It would seem that this created a data paradox: people have never advertised so freely their private life and personal data and, at the same time, the proposed revision of the EU regulatory framework for the processing personal data has seen a rarely-encountered level of lobbying. And so, today, a consumer association puts the main players of the social networking sphere on the grill, demanding that they explain their abstract contractual relationships with their users. And at the same time, the same users do not seem ready to give up the online sharing of their individual moments.

In our opinion, this view is not as paradoxical as it seems. It is instead the result of the confidence that these same users in how their lives are used for other purposes than just sharing with a selected group of recipients. After all, if the service is free, the money must be found elsewhere. The aphorism goes on to state that the user should then be the product, but it could also be that the user is consciously aware of its own value in this exchange.

When the exchange appears as too unbalanced, the consumer will not hesitate to revise to the economy of this contract and leave the relationship, bringing along his value.

Trust is therefore the core engine of data analysis.

This statement may seem conclusive. However, looking at the legal and regulatory obligations bearing on those in charge of data processing, it seems clear that such obligations mainly includes good conduct and transparency undertakings, with both individuals and the regulator. For instance, the core requirements set forth by the French Data Protection Authority (CNIL, Commission Nationale de l’Informatique et des Libertés) reside primarily in disclosure requirements for individuals and reporting to a publicly accessible register maintained by the regulator.

And this is probably where the issue lies with regards to Big Data. The data sets have reached extravagant sizes and the service providers and experts are bragging loudly about their ability to assist in the navigation on these oceans of bits. If their capacity to create real value in these dizzying well, it should not be forgotten that their expertise comes from data-hungry mathematical and algorithmic models. The temptation remains to feed these models in order to increase the service providers’ relevance from the data collected on behalf of their client.

When the flow of data becomes less transparent, without the knowledge of individuals or of such service providers’ customers, the implosion of the whole system is to be expected soon.

Without questioning the actual benefits of Big Data for all CRM actors, including the customers themselves (more than happy to receive offers truly relevant to their personal interests), the chain of trust must be maintained all along in order not to break the fragile ecosystem. The best policy must reside in a rational and coordinated approach by the classical actors of a new issue, and ensure that the multiplication of “Chief Data Officers” in multiple actors do not come at the expense of “Chief Privacy Officers”, acting as a legal safeguard against marketing sirens.

Indeed, a point of no return could be reached when Big Data, surpassing Big Brother, will not even need to analyze the present behavior to predict the future. And that point of no return has been reached last year by Target.