Thesaurus : 03. Conseil d'Etat

June 15, 2021

Thesaurus : 05. CJCE - CJUE

Full reference: CJEU, Grand chamber, Judgment Facebook Ireland e.a. v. Gegevensbeschermingsautoriteit, C-645-19, June 15, 2021

Read the judgment

Read the abstract of the judgment done by the Court

Read the press release

 

 

Jan. 11, 2021

Interviews

Full reference: Frison-Roche, M.-A., "Let's Use the Power of GAFAMs in the Service of General Interest!" ("Utilisons la puissance des GAFAMs au service de l'intérêt général!"), interview done by Olivia Dufour, Actu-juridiques Lextenso, 11st of January 2021

Read the interview (in French)

To read the article translated in English by us, read the working paper on which this interview is based

 

Summary of the interview by Olivia Dufour:

Marie-Anne Frison-Roche, Professor of Regulation and Compliance Law, reported to the government in 2019 about Internet governance. For this expert, giving a disciplinary power to GAFAMs is the only effective solution. And the suppression of Donald Trump's account is not likely to call this analysis into question.

 

The three questions (translated in English here by ourselves) asked by Olivia Dufour are: 

  • The deletion of Donald Trump's Twitter account arouses strong emotions on social networks, and not only among his supporters. What do you think about this ?
  • However, this incident does raise concern. Are we not giving too much power to these private companies? This raises the question in France of the relevance of the Avia system ...
  • Should we therefore resolve by default to give our freedoms to private and opaque mastodons?

 

Read the answers to these three questions (in French)

 

To go further, especially about the logics that guide the Avia system, see:

Dec. 31, 2020

Thesaurus : Doctrine

Full reference: Zittrain, J. L., "Gaining Power, Losing Control", Clare Hall Tanner Lecture 2020, 2020

See the intervention

Read the intervention's report

 

This intervention is divided in two parts: 

  • Between Abdication and Suffocation: Three Eras of Governing Digital Platforms 
  • With Great Power Comes Great Ignorance: What’s Wrong When Machine Learning Gets It Right 

Dec. 7, 2020

Thesaurus : Doctrine

Full reference: Vergnolle, S., L'effectivité de la protection des personnes par le droit des données à caractère personnel (The effectiveness of the protection of people by personal data Law (our translation)), Passa, J. (dir.), thesis, Law, Panthéon-Assas University (Paris II), 2020, 531 p.

 

Read the thesis (in French)

Read directly and only the table of contents (in French)

 

 

To go further about regulation of personal data, read: 

Nov. 23, 2020

Interviews

Full reference: Frison-Roche, M.-A., Facebook: Quand le Droit de la Compliance démontre sa capacité à protéger les personnes (Facebook: When Compliance Law proves its ability to protect people), interview with Olivia Dufour, Actu-juridiques Lextenso, 23rd of November 2020

Read the interview (in French)

Read the news of the Newsletter MAFR - Law, Compliance, Regulation about this question

Nov. 1, 2020

Publications

Oct. 22, 2020

Interviews

Full reference: Frison-Roche, M.-A., "Health Data Hub est un coup de maître du Conseil d'Etat", interview realized by Olivia Dufour for Actu-juridiques, Lextenso, 22nd of October 2020

Read the news of 19th of October 2020 of the Newsletter MAFR - Law, Compliance, Regulation on which relies this interview: Conditions for the legality of a platform managed by an American company hosting European health data​: French Conseil d'Etat decision 

To go further, on the question of Compliance Law concerning Health Data Protection, read the news of 25th of August 2020: The always in expansion "Right to be Forgotten"​: a legitimate Oxymore in Compliance Law built on Information. Example of​ Cancer Survivors Protection 

Oct. 1, 2020

Thesaurus : Soft Law

Full reference of the guidelines: Commission Nationale de l'Informatique et des Libertés (CNIL), Délibération n°2020-091 du 17 septembre 2020 portant adoption de lignes directrices relatives à l'application de l'article 82 de la loi du 6 janvier 1978 modifiée aux opérations de lecture et écriture dans le terminal d'un utilisateur (notamment aux "cookies et autres traceurs") et abrogeant la délibération n°2019-093 du 4 juillet 2019 

Full reference of the recommendation: Commission Nationale de l'Informatique et des Libertés (CNIL), Délibération n°2020-092 du 17 septembre 2020 portant adoption d'une recommandation proposant des modalités pratiques de mise en conformité en cas de recours aux "cookies et autres traceurs". 

Read the guidelines (in French)

Read the recommendation (in French)

Read the presentation of these guilines and of this recommendation by the CNIL (in French) 

Read Marie-Anne Frison-Roche's comment about this in the Newsletter MAFR - Law, Regulation & Compliance of 1st of October 2020

Sept. 16, 2020

Publications

Full reference: Frison-Roche, M.-A., Se tenir bien dans l'espace numérique, in Penser le droit de la pensée. Mélanges en l'honneur de Michel Vivant, Lexis Nexis and Dalloz, 2020, pp. 155-168

Read Marie-Anne Frison-Roche's article (in French)

Read the working paper, written in English, on which this article is based, enriched with additional developments, technical references and hyperlinks

 

Summary of the article: 

The digital space is one of the scarce spaces not framed by a specific branch of Law, Freedom also offering opportunity to its actors to not "behave well", that is to express and diffuse broadly and immediately hateful thoughts through Hate speechs, which remained before in private or limited circles. The intimacy of Law and of the legal notion of Person is broken: Digital permits to individuals or organizations to act as demultiplied and anonymous characters, digital depersonalized actors who carry behaviors that are hurtful to other's dignity. 

Against that, Compliance Law offers an appropriate solution: internalizing in digital crucial operators the mission to disciplinary and substantially hold the digital space. The digital space has been structured by powerful firms able to maintain order. Because Law must not reduce digital space to be only a neutral market of digital prestations, these crucial operators, like social networks or search engines, must be forced to substantially control behaviors. It could be about an obligation of internet users to act with their face uncover, "real identity" policy controlled by firms, and to respect others' rights, privacy rights, dignity, intellectual property rights. In their Regulatory function, digital crucial firms must be supervised by public authorities. 

Thus, Compliance law substantially defined is the protector of the person as "subject of law" in the digital space, by the respect that others must have, this space passing from the status of free space to the one of civilized space, in which everyone is obliged to behave well. 

______

 

Read to go further: 

Sept. 10, 2020

Newsletter MAFR - Law, Compliance, Regulation

Full reference: Frison-Roche, M.-A., Responding to an email with "serious anomalies"​,transferring personal data, blocks reimbursement by the bank: French Cour de cassation, July 1st 2020Newsletter MAFR - Law, Compliance, Regulation, 10th of September 2020

Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation

 

Summary of the news

"Phishing" is a kind of cyber criminality aiming to obtain, by sending fraudulent emails which look like to those sent by legitimate organisms, recipient's personal information in order to impersonate or steal him or her. As it is difficult to find the authors of "phishing" and to prove their intentionality in order to punish them directly, on mean to fight against "phishing" could be to entitle banks to secure their information network and, to accompany this obligation with a strong incentive, to convict them to reimburse the victims in case of robbery of their personal data.  

In 2015, a client victime of this kind of fraud asked to his bank, the Crédit Mutuel, to reimburse him the amount stole, what the bank refused to do on the grounds that the client committed a fault, transferring its confidential information without checking the email, however grossly counterfeit. The Court of first instance gave reason to the client because although he committed this fault, he was in good faith. This judgment was broken by the Chambre commerciale de la Cour de cassation (French Judicial Supreme Court) by a decision of 1st of July 2020 which states that this serious negligence, exclusive of any consideration of good faith, justifies the absence of reimbursement by the bank.

___

 

From this particular case, we can draw three lessons

  1. The Cour de Cassation states that good faith is not a salient criterion and that, as the bank must react when a banking account is objectively abnormal, the client must react face to an obviously abnormal email. 
  2. The Cour de Cassation describes the repartition of proof burden. Proof obligations are alternatively distributed between the bank and its client. First, the bank must secure its information network but, secondly, the client must take every reasonable measure to preserve its safety. It results from this that, if the email seems normal, phishing damages must be supported by the bank, and more generally of by the firm, while if the email is obviously abnormal, they must be supported by the client, but the burden to prove the abnormality of the email must be supported by the firm and not by the client. 
  3. Such a proof system shows that Compliance Law includes a pedagogic mission by educating each client in order to he or she would be able to distinguish among his or her emails, those which are normal and those which are obviously suspect. This pedagogic dimension, with the legal consequences associated to it, will not stop to spread. 

 

______

Sept. 2, 2020

Newsletter MAFR - Law, Compliance, Regulation

Full reference: Frison-Roche, M.-A., For regulating or supervising, technical competence is required: example of the French creation of the "Pôle d'expertise de la régulation numérique"​Newsletter MAFR - Law, Regulation, Compliance, 2nd of September 2020

Lire par abonnement gratuit d'autres news de la Newsletter MAFR - Law, Regulation, Compliance

 

Summary of the news

Through a decree of 31st of August 2020, the government created a national service, the "Pôle d'expertise de la régulation numérique" (digital regulation expertise pole). It has to furnish to State services a technical expertise in computer science, data science and algorithm processes in order to assist them in their role of control, investigation and study. The aim is to favor information sharing between researchers and State services in charge of regulating digital space. 

As its acronym indicates, this pole of expertise aims to represents constance in a changing world. Moreover, more than being a national service, this organism must adopt a transversal dimension, its creation decree being signed by the Prime Minister, Minister of Economy, Minister of Culture and Minister of Digital Transition. The creation of such a pole shows the awareness of the government of the importance of technical competency in the regulation of digital space and of the necessity to centralize these expertises in one organ. 

However, as the decree indicates, this pole of expertise could be consulted only by "State services", that excludes regulators which are independent from the State and which could put the pole in conflict of interest, and courts even if they are supposed to play a central role in the regulation of digital space and even if they are allowed to ask the advice of the regulator about some cases. But if regulators cannot size the pole, to whom does it benefit except the legislator and a few officials? 

It would therefore have been better for this pole of expertise to be placed under the direction of regulatory and supervisory bodies, which would have enabled it to be able to be consulted both by regulators and by judges, both of whom are key players in digital regulation.

Aug. 31, 2020

Newsletter MAFR - Law, Compliance, Regulation

Full reference: Frison-Roche, M.-A., Compliance by Design, a new weapon? Opinion of Facebook about Apple new technical dispositions on Personal Data protectionNewsletter MAFR - Law, Compliance, Regulation, 31st of August 2020

Read by freely subscribing other news of the Newsletter MAFR - Law, Compliance, Regulation

 

Summary of the news:

Personal Data, as they are information, are Compliance Tools. They represent a precious resource for firms which must implement a vigilance plan in order to prevent corruption, money laundering or terrorism financing, for examples. It is the reason why personal data are the angular stone of "Compliance by design" systems. However, the use of these data cannot clear the firm of its simultaneous obligation to protect these same personal data, that is also a "monumental goal" of Compliance Law. 

In order to be able to exploit these data in an objective of Compliance and protecting them in the same time, the digital firm Apple adopted for example new dispositions in order to the exploitation of the Identifier For Advertisers (IDFA) integrated in the iPad and in the iPhone and broadly used by targeted advertising firms, is conditioned to the consumer's consent.

Facebook reacted to this new disposition explaining that such measures will restrict the access to data for advertisers who will suffer from that. Facebook suspects Apple to block the access to advertisers in order to develop its own advertising tool. Facebook guaranteed to advertisers who work with it that it will not take similar measures and that it will always favor consultation before decision making in order to concile sometimes divergent interests. 

We can sleep and already make some remarks:

  • GDPR imposing to companies that they guarantee a minimal level of protection for personal data does not apply in the United-States. It is then possible that Apple acted through Corporate Social Responsibility (CSR), more than through legal obligation. 
  • The mode of regulation used here is the "conversational regulation" theorized by Julia Black. Indeed, regulators let the forces in presence discuss. 
  • This "conversational regulation" does not seem to be very efficient in this case and an intervention of administrative authorities or of judges could be justified via Competition Law, Regulation Law or Compliance Law, knowing that Competition Law will favor access right to information and Regulation or Compliance Law private life right. 

The whole paradox of Compliance Law rests in the equilibrium between circulation of information and secret. 

Aug. 27, 2020

Newsletter MAFR - Law, Compliance, Regulation

Full reference: Frison-Roche, M.-A., "Interregulation"​ between Payments System and Personal Data Protection: how to organize this "interplay"​?Newsletter MAFR - Law, Compliance, Regulation, 27th of August 2020

Read by freely subscribing the other news of the Newsletter MAFR - Law, Compliance, Regulation

 

Summary of the news

Regulation Law, in order to recognize and draw the consequences from the specificities of some objects, has been build, at the start, around the notion of "technical sector" although their delimitation is partially related to a political choice. But, in facts, there are multiple points of contacts between sectors, actors moving from one to another as objects. The regulatory solution is so to climb over some technical borders through the methodology of interregulation which is by the way the only one to enable the regulation of some phenomena going beyond the notion of sector and related to Compliance Law. 

This news takes the exemple of companies furnishing new payment services. In order to they can provide these services, these firms needs to access to banking accounts of concerned people and so to very sensitive personal data. Regulation of such a configuration needs a cooperation between the banking regulator and the personal data regulator. Legislation being not sufficient to organize in Ex Ante this interregulation, the European Data Protection Board has published some guidelines on 17th of July 2020 about the way it conceives the articulation between the PSD2 (European directive about payment services) and GDPR and has announced that it intended to expand the circle of its interlocutors to do this interregulation. Such an initiative from EDPB can be justified by the uncertainty  about how interpreting both texts and articulating them.   

Aug. 14, 2020

Newsletter MAFR - Law, Compliance, Regulation

Full reference: Frison-Roche, M.-A., Is Regulating Hate and Infox a legal obligation imposed to the Digital Enterprises or the expression of their free will to contribute to Democracy?Newsletter MAFR - Law, Compliance, Regulation, 14th of August 2020

Read, by freely subscribing, other news in the Newsletter MAFR - Law, Compliance, Regulation

 

Summary of the news

Internet permits to access to expanded knowledge but also make easier the broadcasting of fake news and hate speeches. Unfortunately, public powers cannot know who broadcast these fake news and hate speeches and are so not able to fight efficiently against this. A solution would be to expect from digital firms that they find a way to contain these fake news and hate speeches that they structurally contribute to diffuse. 

Digital firms already do that and especially Facebook which plans to sensibilize its American users to 2020 presidential elections. However, digital firms explain that if they fight against fake news and hate speeches, it is only because of its Corporate Social Responsibility (CSR). But, even if it is a calculus to get a better reputation and avoid boycott actions, this remains a willingness of the firm which is therefore neither forced to succeed, nor even to act. 

The solution proposed by Compliance Law is to make of this effort a legal obligation by internalizing in crucial operators (digital firms) the "monumental goal" to fight against fake news and hate speeches so that digital companies are required to act and that they are supervised by public authorities in this task. The forthcoming law about digital services will impose to digital firms Ex Ante obligations while the law of 22 of December 2018 related to the fight against information manipulation already forces platforms operators a legal obligation to "cooperate" in the fight against fake news. 

 

To go further, read : 

July 15, 2020

Thesaurus : Soft Law

Reference complète : Conseil Supérieur de l'Audiovisuel (CSA), Bilan Infox, 2019.

Lire le rapport. 

Ce rapport sera bientôt aussi disponible en anglais. 

June 24, 2020

Thesaurus : Soft Law

Full reference: Faure-Muntian, Valeria and Fasquelle, Daniel, Information Report of the Commission des Affaires économiques (committee on economic affairs) on digital platforms, Assemblée National (National Assembly), June 2020, 104p.

Read the Report

June 10, 2020

Thesaurus : Doctrine

Full reference : Quéméner, M., Dalle, F. and Wierre, Cl., Quels droits face aux innovations numériques ? Législations, jurisprudences et bonnes pratiques du cyberespecac. Défis et protections face aux dérives du numérique, preface by Agathe Lepage, Gualino-Lextenso, 223 pages, 2020.

 

Read the back cover.

 

Read the table of contents.

 

Read the preface.

March 23, 2020

Publications

Without any request, on his or her newsfeed, those who surfs on the social network built by Facebook, has found on 23 of March 2020, in the morning, the following message :

« X (prénom de l'internaute), agissez maintenant pour ralentir la propagation du coronavirus (COVID-19) Retrouvez les actualités des autorités sanitaires et institutions publiques, des conseils pour ralentir la propagation du coronavirus et des ressources pour vous et vos proches dans le Centre d’information sur le coronavirus (COVID-19)" ("X (user's name), act now to slow down the spread of the Coronavirus (COVID-19). Find the health authorities and public institutions' news, advices to slow down the spread of the Coronavirus for you and your entourage in the Information Center about Coronavirus (COVID-19) »).

This corresponds to the more general declaration done the same day by Kang-Xing Jin, director of Health at Facebook, who declares : "In response to the coronavirus outbreak, Facebook is supporting the global public health community’s work to keep people safe and informed. Since the World Health Organization declared the coronavirus a public health emergency in January, we’ve taken steps to make sure everyone has access to accurate information, stop misinformation and harmful content, and support global health experts, local governments, businesses and communities.".

Thanks, Facebook to indicate how to do ; by the way, thanks to having invited me to do it. By the way, is it really an « invitation » ? Since the expression is « act now ». Just miss the exclamation point, and the pointed finger of Uncle Sam for « war effort »!footnote-1770.

If in Law, we can consider « invitation », it would be not to the "invitation" that in the past Bank of France did to shareholders banks to refinance a bank which risks to be soon into difficulties that we could consider, invitation from which the invited cannot really escape. No, obviously no, it is just the same message that you and me can write on our Facebook pages to tell similar things about the same purpose ! But, Facebook would be, like you and me, editor of contents ?

Questions and difficulties which encourage to proceed to the legal analysis to know under which title Facebook posted such a message.

The first hypothesis is that this firm has acted spontaneously, following its « Corporate Social Responsibility » (I) If it is the right qualification, with regards to the content of the message, legal consequences are important because this firm, without generalizing to others, by the expression of its care of common good, shows, by transitivity, that it is an editor.

The second hypothesis starts from the observation that Facebook is a « crucial digital operator ». In this perspective, the firm is constraint to Compliance Law (II). It is the reason why, it is constraint by specific obligations, that excludes the spontaneous message emission qualification. If it is the right qualification, with regards to the content of the message, legal consequences are also important and of a totally different nature. Indeed, the qualification leads to develop the relation between the obligation to fight against fake news and malicious websites towards those of redirecting towards public websites, benefiting for the operator of a reliability presumption.

Read the developments below.

Jan. 15, 2020

Interviews

Référence complète : Frison-Roche, M.-A., Haine sur Internet : il faut responsabiliser les opérateurs numériques, entretien avec Olivia Dufour, Actu-juridique Lextenso, 15 janvier 2020. 

Les questions posées étaient : 

 

  • Pour lutter efficacement contre la haine sur Internet, la proposition Avia demande aux plateformes d'intervenir sous le contrôle du CSA. Ce système, inspiré de l'économie, est-il transposable dans un domaine aussi sensible que la liberté d'expression ?

 

  • Comprenez-vous la crainte du Syndicat de la magistrature que les plateformes ne se transforment en organe de censure ? N'est-ce pas un défaut de conception du texte ?

 

  • Pensez-vous que l'on puisse se passer de la protection du juge judiciaire en matière de liberté d'expression ? Précisément dans cette loi, estimez-vous qu'il a sa juste place ou que celle-ci devrait être renforcée ?

 

Lire les trois réponses données dans l'interview.

 

______

Dec. 19, 2019

Interviews

Reference Frison-Roche, M.-A., Le droit de la compliance pour réguler l'internet  (Compliance Law to Regulate the Internet), Interview given in French to Sylvie Rozenfeld, Expertises, December 2019, p.385-390.

 

Summary. Law seems increasingly powerless to stem the social disorder generated by the Internet. For Marie-Anne Frison-Roche, Law professor and specialist in Regulatory Law, the solution is to be found in Law, and more particularly in Compliance Law. This specific Law is already applied in the banking and finance sector, or in the area of ​​personal data. As it has done for green finance and through the GDPR, Europe could impose a compliance system which internalizes concern for the individual in large digital operators. It is up to them to put in place the means and bear the cost, such as the right to be forgotten erected by the CJEU. Marie-Anne Frison-Roche does not offer anything revolutionary, she is content to take elements of positive law that already exist and to correlate them.

 

Read the interview (in French)

 

Read the presentation of the official Report for the French Government about which this interview is given:: The contribution of Compliance Law to the Governance of Internet

Dec. 4, 2019

MAFR TV : MAFR TV - case

Regarder le film de 5 minutes sur le contenu, le sens et la portée de l'arrêt rendu par la première chambre civile de la Cour de cassation du 27 novembre 2019, M.X.A. c/ Google.

 

 

Cet arrêt casse l'arrêt de la Cour d'appel de Paris qui valide le non-déférencement, après que la CNIL a demandé l'interprétation des textes, notamment du RGPD, parce que le droit à l'oubli doit limiter l'exception ici invoquée, à savoir le droit à l'information, même s'il s'agit d'une décision pénale concernant un commissaire-aux-comptes, car il s'agit d'une affaire privée et non pas ce qui concerne l'exercice de sa profession réglementée coeur du système financier. 

 

 

Lire la décision de la Première Chambre civile de la Cour de cassation du 27 novembre 2019, M.X.A. c/ Google

Nov. 16, 2019

Publications

The Finance Bill has proposed to the Parliament to vote an article 57 whose title is: Possibilité pour les administrations fiscales et douanières de collecter et exploiter les données rendues publiques sur les sites internet des réseaux sociaux et des opérateurs de plateformes (translation: Possibility for the tax and customs administrations to collect and exploit the data made public on the websites of social networks and platform operators).

Its content is as is in the text voted on in the National Assembly as follows:

"(1) I. - On an experimental basis and for a period of three years, for the purposes of investigating the offenses mentioned in b and c of 1 of article 1728, in articles 1729, 1791, 1791 ter, in 3 °, 8 ° and 10 ° of article 1810 of the general tax code, as well as articles 411, 412, 414, 414-2 and 415 of the customs code, the tax administration and the customs administration and indirect rights may, each as far as it is concerned, collect and exploit by means of computerized and automated processing using no facial recognition system, freely accessible content published on the internet by the users of the online platform operators mentioned in 2 ° of I of article L. 111-7 of the consumer code.

(2) The processing operations mentioned in the first paragraph are carried out by agents specially authorized for this purpose by the tax and customs authorities.

 

(3) When they are likely to contribute to the detection of the offenses mentioned in the first paragraph, the data collected are kept for a maximum period of one year from their collection and are destroyed at the end of this period. However, when used within the framework of criminal, tax or customs proceedings, this data may be kept until the end of the proceedings.

(4) The other data are destroyed within a maximum period of thirty days from their collection.

(5) The right of access to the information collected is exercised with the assignment service of the agents authorized to carry out the processing mentioned in the second paragraph under the conditions provided for by article 42 of law n ° 78-17 of January 6, 1978 relating to data processing, the files and freedoms.

(6) The right to object, provided for in article 38 of the same law, does not apply to the processing operations mentioned in the second paragraph.

(7) The terms of application of this I are set by decree of the Council of State.

(8) II. - The experiment provided for in I is the subject of an evaluation, the results of which are forwarded to Parliament as well as to the National Commission for Data Protection at the latest six months before its end. "

 

This initiative provoked many comments, rather reserved, even after the explanations given by the Minister of Budget to the National Assembly.

What to think of it legally?

Because the situation is quite simple, that is why it is difficult: on the one hand, the State will collect personal information without the authorization of the persons concerned, which is contrary to the very object of the law of 1978 , which results in full disapproval; on the other hand, the administration obtains the information to prosecute tax and customs offenses, which materializes the general interest itself.

So what about it?

Read below.

Oct. 10, 2019

Thesaurus : Soft Law

Full reference: Alexandre Neyret, La cybercriminalité boursière. Définition, cas et perspectives (Stock market cybercriminality. Définition, cases and perspectives), Report to l'AMF, 10th of October 2019, 70p.

Read the report (in French)

Sept. 8, 2019

Blog

Experience shows that in the digital the legal technique of consent is not protective enough.
 
If only because a simplest technology neutralizes the link that should exist between the "consent" of the user and the "free will" of the latter: the consent of the user only protects the latter to the extent that this one can in Law and in fact to say "no.
 
 
I. THE EXPERIENCE 
 
For example I found on my Facebook New an access to an unknown web site which puts online an article on "the rights of trees" ...
I go. In accordance with the European Regulation (GDPR) transposed into French legal system, the site informs that there is possibility for the user to accept or refuse the use of their personal data for the benefit of "partners".
If they continue reading, the user is supposed to accept everything, but they can click to "customize".
I click: there I find two options: "accept everything" or "reject everything". But the "reject all" option is disabled. It is only possible to click on the "accept all" option.
 
It is also possible, because the law obliges, to consult the list of the partners of this website: I click and find a list of unknown companies, with foreign denominations, which without doubt once will collect my personal data (and those of my contacts) , having their own head office outside the European Union.
It is stated in a text, which can not be copied, that these "partners" can use my data without my consent and for purposes that they do not have to inform me. But, again, these things I can "refuse everything". Here again the "reject all" mention exists but the fonctionality is not active, while the mention "accept all" is an active fonctionality.
 
As I can not refuse (since it's disabled), and as 99% of Internet users have never clicked on the first two buttons, all their data has been fed into the data market that allows the targeting of products that spill out in the digital space, to their detriment and that of their contact.
While believing to read a free article on the "right of the trees".
At the end, I do not read this article, since I did not click on the only active buttons: "accept everything".
 
In more than 50% of cases, the "reject all" or "customize" options are only images but are not active. And data absorption is also about contacts.
In exchange for a whimsical article about trees and their rights, or creams to be always young, or celebrities who change spouses, or about so-called tests to find what king or queen you should be if the all recognized all your merits, etc.
Proposed on the digital news feed by unknown sites; in partnership with foreign companies that you will never reach.
And mass-viewed by Internet users who are also told that "consent" is the proven solution for effective protection ....
While these are just panels hastily built by new Potemkins ...
 
II. WHAT TO DO ? 
 
1. Not be satisfied with "consent" from the moment that it is a mechanism that may not be the expression of a free will: how could it be if the option "to refuse" is not active?
 
2. The link between will and consent must therefore be "presumed" only in a simple presumption and in a non-irrefutable way, because we must refuse to live in a dehumanized society, operating on "mechanical consents", to which the digital does not lead necessarily.
 
3. Entrust by the Compliance Law to the "crucial digital operators" (in the case of Facebook thanks to which these proposals for free reading are made on the thread of news of the Net surfers) the care to verify in Ex Ante the effectiveness of the link between Will and Consent: Here and concretely the possibility for the user to read while refusing the capture of all its data (for the benefit of operators who do not even have the concrete obligation to give the information of the use that will be made of these personal data).
 
_____