French CNIL Imposes €1M GDPR Fine on Israeli Ad Tech Firm

By Dan Cooper, Kristof Van Quathem & Anna Sophia Oberschelp de Meneses on December 21, 2025

Posted in Advertising, EU Law and Regulatory, GDPR, Privacy

On December 11, 2025, the CNIL fined an Israeli company €1 million for failing to comply with its GDPR obligations after providing personalized advertising services to an EU music-streaming platform. The service helped the platform to personalize and optimize marketing campaigns to promote its streaming services.

The CNIL held that the GDPR applied to the non-EU processor under Article 3(2), on the basis that it had monitored the behavior of EU users by creating audience segments based on demographics and listening habits, on behalf of the controller.Continue Reading French CNIL Imposes €1M GDPR Fine on Israeli Ad Tech Firm

CJEU Clarifies Responsibilities Of Online Marketplace Operators

By Dan Cooper, Kristof Van Quathem & Alix Bertrand on December 16, 2025

Posted in Data Protection, EU Law and Regulatory, GDPR, Litigation

On December 2, 2025, the Court of Justice of the European Union (“CJEU”) issued a decision clarifying the obligations of online marketplace operators with regard to content posted on their platform, where such content includes personal data. This blogpost provides an overview of the decision and its key takeaways.Continue Reading CJEU Clarifies Responsibilities Of Online Marketplace Operators