Cyber-attacks are on the rise, and they are becoming more sophisticated. Our current business model is globally interconnected; commercial transactions and even social life transcend national borders. Consequently, our vulnerability to cyber-attacks has been increased, however, the competences of the cyber security and police authorities, as well as political responses, are predominantly national.
This situation has made European authorities aware of the need to deal with these threats in an effective and coordinated way, relying their actions on policies dealing specifically with cybersecurity within the European Union. By means, the aim is thus to improve cooperation, exchange of information and coordination between the Member States and the institutions, bodies, offices and agencies of the Union.
The European Commission, as part of the Digital Single Market Strategy, has approved Regulation No. (EU) 2019/881, on ENISA (the European Union Agency for Cybersecurity) and on certification of information and communications technology cybersecurity, which came into force on June 27, 2019.
This new regulation has two main objectives. On the one hand, to give ENISA (the European Agency for Cybersecurity, now named the European Union Agency for Cybersecurity) a greater role in the field of cybersecurity, establishing a series of objectives and tasks. On the other hand, the creation of a common certification framework at European level, with the aim of guaranteeing an adequate level of cybersecurity of ICT products, services and processes in the EU, avoiding the fragmentation of the internal market.
Concerning the first objective, the first substantive point of the Regulation is to give more powers to the European Union Agency for Cybersecurity (ENISA). It will now have a permanent mandate facilitating the exercise of the new functions assumed, one of which is to increase cooperation on cybersecurity within the Union, for example in cases of large-scale cyberattacks or cross-border crises. This strengthening is also reflected in the economic resources for ENISA, increasing from 11 to 23 million euros over a period of five years.
It is noteworthy that European regulation focuses on users by addressing concepts such as users’ awareness, and the application of good practices online. Both public bodies and private stakeholders will receive recommendations on safe configurations and maintenance of their devices, and the availability and duration of updates, as well as the perceived risks.
With regard to the second objective, the regulation creates a framework for European Cybersecurity Certificates for products, processes and services that will be valid throughout the EU. It is the first EU legislation on the internal market to take up the challenge of enhancing the security of connected products, Internet of Things devices and critical infrastructure through such certificates.
The creation of the cybersecurity certification framework incorporates security features in the early stages of their technical design and development (security by design). It also enables their users to ascertain the level of security assurance, and ensures that these security features are independently verified.
As to the second objective of the regulation, the certification framework will provide EU-wide certification schemes as a comprehensive set of rules, technical requirements, standards and procedures. This will be based on agreement at EU level for the evaluation of the security properties of a specific ICT-based product or service, for instance, smart cards. This will certify that ICT products and services which have been certified in accordance with such a scheme comply with specified requirements. In particular, each European scheme should specify: a) the categories of products and services covered, b) the cybersecurity requirements, for example by reference to standards or technical specifications, c) the type of evaluation such as self-assessment or third party evaluation, and d) the intended level of assurance for instance, basic, substantial and/or high.
ENISA’s mandate is immediate from the entry into force of the Regulation, whereas the cybersecurity certification framework will have to be developed. In this respect, the Commission’s agenda has already included the submission of proposals to ENISA for the preparation of certification projects, as well as the creation of expert groups on cybersecurity.
Finally, this European regulation not only seeks to increase users’ confidence in the use of connected devices, but also to strengthen the European cybersecurity industry and the European Single Market, positioning it as a global benchmark, in line with other markets such as the United States or China.
With significant expertise in protecting innovative products and designs, and in defending intellectual property rights on the Internet, Dreyfus is well positioned to assist you in enhancing your assets on the web.
In this respect, a great deal has been written by the Directive 2019/790 (EU), adopted on 26 March 2019 by the European Parliament. Among its 30 articles, we count in particular the establishment of a related right for press publishers (Article 15) and an obligation for platforms to control hosted content (Article 17). These provisions have been fiercely debated, and have led to multiple lobbying campaigns by authors and performers, newspaper publishers, and web giants (Google, Facebook and YouTube). In the present article, we will examine the changes made by the Directive.
New exceptions to copyright
There are currently many exceptions to copyright. In that respect, the Directive introduces three new exceptions to author rights and related rights in the digital environment. These exceptions and limitations are:
– Text and data mining for the purpose of scientific research when carried out by research organisations and cultural heritage institutions. However, rightholders are allowed to put in place technical measures aimed at ensuring the security and integrity of the networks and databases where their works are hosted. They may also expressly reserve their rights “in an appropriate manner”, for instance by machine-readable means, such as a digital watermark (Articles 3 and 4);
– The use of works in digital learning activitiesincluding distance learning. States may, however, provide a fair compensation for rightholders (Article 5);
– The copying by cultural institutions, for conservation purposes, of works which are part of their permanent collections (Article 6).
Under both French law and the Directive, these exceptions must be strictly interpreted and require that the work has been lawfullypublished.. All the conditions required by law must be met in order to benefit from these exceptions without having to obtain the author’s prior consent..
Furthermore, these new dispositions do not modify existing limitations and exceptions, such as parody or short quotation, which areretained (Article 17 (7) of the Directive). However, Member States will now have to specify that reproductions of visual works of art in the public domain cannot be protected by copyright unless the reproduction itself is original enough to be protected (Article 14). In France, this clarification is a mere application of copyright: a work in the public domain is no longer protected by author rights. Consequently, it can be freely reproduced without authorization. By contrast, if the production is original, it becomes a work on its own right and, as such, can be protected.
Licenses: out-of-commerce works, audiovisual video-on-demand works and collective management
The article 8 of the Directive authorizes collective management organisations to conclude non-exclusive licenses for non-commercial purposes with cultural heritage institutions for exploiting (reproducing, distributing, etc.) out-of-commerce work which are in their permanent collections.
According to Article 8 (5) of the Directive, a work is out-of-commerce: “(…) when it can be presumed in good faith that the whole work or other subject matter is not available to the public through customary channels of commerce, after a reasonable effort has been made to determine whether it is available to the public.”
Such licenses do not require prior mandate from the rightholder, but the collective management organization must be sufficiently representative of rightholders. The owner may, however, exclude at any time his works from this licensing mechanism, whether this exclusion is general or specific. In addition, the moral right to authorship of the work must be respected by indicating the author’s name, “unless this turns out to be impossible” (Article 8(2)).
Therefore, there is a switch from a prior authorization regime to an implied consent regime, and this will require greater vigilance on the part of authors and rightholders.
Article 12 of the Directive provides that States may authorize collective management organizations to extend collective licenses to rightholders who have not authorized the organization to represent them.
Here again, the organization must be sufficiently representative of rightholders, and they in turn may exclude their works at any time from this licensing mechanism.
Furthermore, article 13 of the Directive provides for a negotiation mechanism in which “an impartial body or of mediators” will be in charge, in order to assist in the conclusion of licensing agreements “making available audiovisual works on video-on-demand services”.
The related right of press publishers
Article 15 of the Directive creates a related right for newspaper publishers established in a Member State. They can now be remunerated for use of their content by information service providers, in particular news aggregators. This right is subject to strict conditions of application and does not apply to :
– Private and non-commercial uses;
– Hyperlinks;
– Use of isolated words or very short extracts of a press publication;
– Works published for the first time before the Directive’s entry into force.
Moreover, this right is onlygranted for two years from January 1st of the year following the date on which that press publication is published.
This related right is a right of its own, and thus publishers no longer have to demonstrate they indeed own the economic rights transferred to them by the author of the work.
Part of the remuneration paid by service providers to newspaper publishers must be paid to the authors. However, the Directive does not specify how this payment must be carried out. In addition, authors can exploit their works independently of press publication.
Online content-sharing service are fully responsible (Article 17)
liable if they “promptly” remove the content at stake.
Platforms will now be liable if they communicate to the public without authorization works protected by copyright. However, they will be exemptfrom liability if they have:
– “Made best efforts to obtain an authorization” from rightholders;
– “Made best efforts” to ensure the unavailability of the work and
– Acted “expeditiously” to disable access to the work or remove it from their websites after receiving a « sufficiently substantiated notice” of the rightholders.
Compliance with these requirements will be examined with regard to the type, audience, and size of the service, as well as the type of works downloaded. Article 17 (8) specifies that platforms are not subject to any general monitoring obligation, but its paragraph 4 (b) requires that they provide their “best efforts”, “in accordance with high industry standards of professional diligence”, to ensure the unavailability of protected works, which seems to be a sneaky way to require automatic content filtering.
Platforms that have been in service for less than three years, and which have an annual turnover of less than €10 million, will benefit from a less restrictive liability regime, as they will only have to make their best efforts to obtain an authorization and will have to act promptly upon receipt of a “sufficiently substantiated notice” from a right holder.
Furthermore, all platforms will be required to put in place an “effective and expeditious complaint and redress mechanism” so that users can challenge blocking or removal of a work posted online. States must also provide for alternative dispute resolution procedures.
Finally, it should be noted that authors and performers will now have to be remunerated in an “appropriate and proportionate” manner (Article 18). They must receive, at least once a year, information on the exploitation of their works (transparency obligation provided for in article 19). Contracts which are already concluded should be adapted to provide for an “additional, appropriate and fair remuneration” (article 20). Article 22 of the Directive also gives authors a right to revoke a license or a transfer of rights. These measures already exist in French law, but the Directive will harmonize European law.
The integration of third-party social plugins on professional websites has become a standard feature of digital strategies. Sharing buttons, advertising pixels, and analytics tools are widely perceived as levers for audience growth and commercial performance. However, these technical choices now entail legal responsibility for economic operators, particularly under European personal data protection law.
This solution, grounded in a functional and pragmatic approach, nevertheless continues to give rise to doctrinal and practical debate as to its actual scope and its operational implications.
The Fashion ID decision : a landmark in European data protection law
In the Fashion ID case, the company operating an online retail website had integrated Facebook’s “Like” button. This plugin triggered, as soon as the page loaded, the automatic transmission of visitors’ personal data (IP address, browsing data), regardless of any voluntary interaction with the social network.
The central question concerned Fashion ID’s legal qualification : could it be regarded as a controller even though it neither had access to the transmitted data nor exercised control over their subsequent use by Facebook ?
The Court adopted a resolutely concrete approach. It held that the voluntary integration of the social plugin, for purposes of visibility and commercial promotion, was sufficient to characterise participation in determining the purposes and means of processing, at least for the data-collection phase.
Fashion ID was therefore classified as a joint controller, alongside Facebook, for that specific phase of processing.
The concept of joint controllership applied to social plugins
The Court confirms that joint controllership does not require equality of roles or identical access to data. It is based on a functional analysis, taking into account the effective involvement of each actor in the processing chain.
Accordingly, a website may be deemed a joint controller where it :
• deliberately chooses to integrate a third-party tool ;
• derives an economic or marketing benefit from that integration ;
• facilitates, even indirectly, the collection of personal data.
This analysis aligns with the positions adopted by European data protection authorities, in particular the recommendations issued by the CNIL regarding trackers and third-party tools.
The Court is careful to specify that joint responsibility is neither global nor unlimited. It is strictly confined to the operations over which the website publisher exercises real influence, namely the initial collection and transmission of data.
The limits set by the Court : a strictly circumscribed responsibility
One of the key contributions of the Fashion ID decision lies in the clear delineation of responsibility. The website publisher is not held responsible for subsequent processing carried out by Facebook, insofar as it does not determine either the purposes or the modalities thereof.
This clarification is essential to preserving a balance between data protection and legal certainty for economic operators.
The decision does not establish a principle of automatic responsibility for any integration of a third-party module. Each situation must be assessed on a case-by-case basis, taking into account the reality of data flows, the intended purpose, and the degree of involvement of the website publisher.
Practical takeaways for companies and trademarks
Website publishers must clearly inform users of data collection through third-party modules, identifying joint controllers and the purposes pursued.
Where the data collected are not strictly necessary for the operation of the website, prior consent is required. Such consent must be effective, specific, and technically enforced, which often entails revisiting the default settings of social plugins.
Best practices and risk-management strategies
To limit legal exposure, companies may usefully implement the following measures :
• regular audits of integrated tools and plugins ;
• removal of non-essential modules ;
• use of deferred loading solutions (lazy loading) ;
• contractual framing of relationships with third-party providers ;
• documentation of technical and legal choices made.
Conclusion
The Fashion ID case clearly illustrates how the law now addresses digital architectures. Joint responsibility is no longer a theoretical construct, but a concrete operational risk for companies, particularly those whose reputation relies on their digital presence.
Dreyfus & Associés law firm assists assists its clients in managing complex intellectual property cases, ensuring GDPR compliance, and providing legal protection for their digital strategies.
Nathalie Dreyfus, with the support of the entire Dreyfus firm team.
Q&A
1. Can joint responsibility be established in the absence of a contractual relationship with Facebook ?
Yes. The existence or absence of a formal contract with Facebook is not decisive. The Court reasons outside any contractual logic, relying exclusively on the facts and the reality of data flows. A website may therefore be classified as a joint controller even if it has entered into no specific agreement with the provider of the social plugin.
2. What concrete risks arise in the event of an inspection by the CNIL or a European authority ?
The risks are multiple and cumulative: formal notice, injunctions to comply, administrative fines, as well as potential compensation claims by users. Beyond the financial aspect, reputational risk is often decisive, particularly for exposed trademarks or those operating in sensitive sectors.
3. Does removing the social plugin eliminate all legal risk ?
Not necessarily. Removal puts an end to future risk, but it does not erase past processing. Authorities may examine previous practices, especially where data were collected without proper information or valid consent. Hence the importance of documenting audits carried out and corrective measures implemented.
4. Can this case law extend to tools other than social networks ?
Yes, and this is a central point. The Fashion ID reasoning goes far beyond “Like” buttons alone. It is transposable to other technologies such as advertising pixels, audience-measurement tools, chat services, video players, or interactive maps, insofar as they entail the transmission of personal data to third parties.
5. How should joint controllership be distinguished from processing on behalf of a controller under the GDPR ?
The distinction is fundamental. A processor acts on behalf of the controller and in accordance with its instructions, which was not the case in Fashion ID. Where a third party pursues its own purposes, qualification as a processor is excluded.
6. Can a publisher rely on technical complexity to escape responsibility ?
No. The Court adopts a clear position : technical complexity does not constitute grounds for exemption. Companies are required to understand, at least in broad terms, the legal effects of the tools they integrate. This requirement reinforces the need for legal support upstream of technical decisions.
This publication is intended to provide general guidance and to highlight certain issues. It is not intended to apply to specific circumstances or to constitute legal advice.
Social media and online reviews now constitute a decisive factor in consumers’ purchasing decisions and in shaping a company’s overall reputation. While this increased visibility represents a strategic opportunity, it also exposes economic operators to practices of unfair competition online, the effects of which may be immediate and particularly damaging. It is no longer uncommon to observe organized denigration campaigns, the publication of fraudulent reviews, or strategies aimed at artificially undermining a competitor’s reputation.
In this context, it is essential for any business to understand the applicable legal mechanisms and to implement an effective strategy to defend against harm to its online reputation.
Understanding unfair competition on social media
Unfair competition cannot be reduced to any wrongful conduct causing harm to a competitor. It falls within the general framework of civil liability and requires proof of fault, loss, and a causal link between them. It serves to sanction conduct that is contrary to fair commercial practice where such conduct infringes the interests of an economic operator.
When applied to the digital environment, this legal classification takes on increased significance due to the rapid dissemination of information and its direct impact on corporate reputation. Social media platforms are no longer merely communication tools: they constitute a competitive environment in which commercial practices may be diverted for unlawful purposes.
One of the main challenges lies in the often fragmented and anonymous nature of such conduct. A series of negative reviews, seemingly isolated, may in fact result from a coordinated strategy. This dispersion of responsibility complicates the identification of the perpetrators, but does not preclude the legal characterization of the conduct where fault and damage can be established.
Identifying unlawful practices related to online reviews
One of the most common forms of misconduct is commercial disparagement, namely the dissemination of information likely to cast discredit on a product or service marketed by another undertaking, regardless of the absence of direct and actual competition between the parties, where that information does not concern a matter of public interest, lacks a sufficient factual basis, and is not expressed in measured terms. This analysis is consistently confirmed by the courts (French Supreme Court, Commercial Chamber, January 9, 2019, No. 17-18.350 ; French Supreme Court, Commercial Chamber, March 4, 2020, No. 18-15.651).
On digital platforms, this often takes the form of misleading or exaggerated reviews intended to divert customers. Case law holds that “the disclosure of information likely to discredit a competitor constitutes disparagement, regardless of whether such information is accurate” (French Supreme Court, Commercial Chamber, September 24, 2013, No. 12-19.790).
Fake consumer reviews represent another widespread form of unfair competition. Where a review does not reflect a genuine customer experience or is manipulated for commercial purposes, it may qualify as a misleading commercial practice. French authorities have strengthened their scrutiny in this area, recognizing that such conduct undermines market fairness and consumer trust. The directorate general for competition, consumer affairs and fraud control (DGCCRF) has notably reported that 74% of internet users have already refrained from purchasing a product due to negative comments or reviews.
Legal grounds for effective action
Article 1240 of the French Civil Code constitutes the primary legal basis for an action against unfair competition, allowing civil liability to be established for any fault causing damage. Its flexibility enables it to encompass a wide range of situations, including those arising from digital technologies.
Article 29 of the French Law of July 29, 1881 on freedom of the press may also apply where statements harm the honor or reputation of a company. The legal classification of the facts is crucial, as it determines both the applicable procedure and the relevant limitation periods.
In this respect, it is essential to distinguish between disparagement and defamation. Disparagement targets a competitor’s products or services, whereas defamation concerns damage to the reputation of a legal or natural person. The French Supreme Court has further clarified the circumstances in which freedom of expression may preclude a finding of defamation. Where the statements form part of a debate of general interest and are based on a sufficient factual foundation, the courts assess their scope with a degree of flexibility and may accordingly recognize the author’s good faith (French Supreme Court, Criminal Chamber, January 7, 2020, No. 18-85.159).
This distinction, although technical, is strategically important in litigation.
New sanctions for fake online reviews
While commercial disparagement and misleading commercial practices have traditionally served as legal grounds to address excessively negative or false reviews, the French legislature has enacted specific provisions to regulate fake online reviews.
In this context, three implementing decrees of the French Law for a Digital Republic entered into force on January 1, 2018. Now codified, in particular, in Article L111-7-2 of the French Consumer Code, these provisions require operators engaged in the collection, moderation, or publication of online consumer reviews to provide fair, clear, and transparent information regarding the processing and publication of such reviews.
In particular, platforms must indicate, in proximity to the reviews, the date of publication, the date of the relevant consumer experience, and whether or not a review verification process is in place. These provisions replace the former voluntary adherence to the AFNOR standard, which was intended to ensure the reliability of online reviews.
Under French law, the publication or purchase of fake reviews is generally classified as a misleading commercial practice.
Pursuant to Article L132-2 of the French Consumer Code, offenders face up to two years’ imprisonment and a €300,000 fine. These penalties may be increased depending on the benefits gained, reaching up to 10% of the average annual turnover or 50% of the advertising expenditure linked to the practice. When the offence is committed online, penalties are aggravated and may rise to five years’ imprisonment and a €750,000 fine, along with additional sanctions such as bans on conducting business or managing a company.
In parallel, platforms hosting reviews must comply with specific transparency obligations regarding how reviews are collected, processed and displayed. Failure to do so may result in administrative measures, including injunctions and fines imposed by the French authority (DGCCRF).
Finally, affected businesses may bring civil actions under Article 1240 of the French Civil Code to obtain compensation for financial and reputational harm.
These new obligations reflect a strengthened regulatory framework in this area. They demonstrate that, while unfair competition law has long provided a useful legal basis, the widespread nature of fake reviews has led to the adoption of specific rules aimed at better protecting both businesses and consumers.
Practical strategies for prevention and defense
Protection against unfair competition online primarily requires a proactive approach. Implementing ongoing monitoring allows for the rapid identification of harmful content and timely action before lasting damage occurs.
A public response may be considered in order to reassure clients and preserve the company’s image; however, it must be carefully crafted to avoid exacerbating the situation. At the same time, legal steps may be taken, including issuing a formal notice or notifying platforms in order to obtain the removal of unlawful content.
In more serious cases, judicial proceedings may be necessary. Summary proceedings (référé) allow for the swift removal of harmful content, while proceedings on the merits enable the recovery of damages. The effectiveness of such actions depends on thorough preparation and a detailed analysis of the available evidence.
Evidence and procedures: securing your claim
The establishment of a robust evidentiary record is central to any litigation strategy. It is essential to preserve accurate records of the disputed content, notably through a bailiff’s report (constat d’huissier), which ensures the legal validity of the evidence collected and enhances its reliability (Paris Court of Appeal, July 2, 2010, RG No. 09/12757). While screenshots may be useful, they should be supplemented by technical evidence capable of establishing the origin and dissemination of the content.
Timeliness is also a critical factor. In certain cases, limitation periods are particularly short, requiring immediate action upon discovery of the facts. Delayed action may not only aggravate the damage but also compromise the prospects of success.
Conclusion
Social media and online reviews constitute a fully-fledged competitive arena in which traditional legal rules are applied in a renewed context. The proliferation of unfair competition practices online requires businesses to adopt a proactive and structured approach, combining monitoring, legal analysis, and targeted action.
The protection of online reputation cannot be addressed through isolated responses but must form part of a comprehensive risk management strategy. In this context, the involvement of legal professionals ensures the effectiveness of the measures taken and the long-term protection of the company’s market position.
Dreyfus & Associés assists its clients in managing complex intellectual property matters by providing tailored advice and comprehensive operational support for the full protection of intellectual property rights.
1. Can a customer review give rise to liability even if posted on social media? Yes. Where a review goes beyond a mere opinion and becomes excessive or misleading, it may engage the civil liability of its author, even when published on a third-party platform.
2. Can a company be held liable for reviews posted by its employees? Liability may arise where a connection with the company is established, particularly in cases involving internal instructions or coordinated strategies aimed at harming a competitor.
3. What are the risks for a company posting fake reviews? In addition to civil liability, such practices may lead to administrative and criminal penalties, as well as significant reputational damage if publicly exposed.
4. Is it possible to take action against a competitor established abroad? Yes, subject to certain conditions, particularly where the damage is suffered in France. International cooperation mechanisms may be used to initiate proceedings.
5. Do platforms have an obligation to verify the authenticity of reviews? No. They are not required to verify reviews or to generally monitor user-generated content. Their liability may arise if they fail to act after being notified of manifestly unlawful content.
This publication is intended for general public guidance and to highlight issues. It is not intended to apply to specific circumstances or to constitute legal advice.
The decision rendered in the case between Caudalie and 1001Pharmacies marks a significant milestone in French selective distribution law. By holding that Caudalie was entitled to prohibit the platform 1001Pharmacies from marketing its products, the French Supreme Court and, on remand, the Paris Court of Appeal clarified the conditions under which a trademark owner may exercise strict control over the online distribution of its products.
This case, at the crossroads of trademark law, competition law, and distribution law, remains a key reference for companies seeking to control their digital strategy.
Selective distribution and trademark image: a structured legal balance
From an economic perspective, a trademark serves as a rallying sign for consumers. A consumer purchasing a product under a specific trademark expects a certain level of quality, consistency, and trademark universe. This dimension is particularly significant for products positioned in the premium segment or comparable to luxury goods.
To preserve this coherence, companies frequently rely on selective distribution networks, a contractual mechanism permitted under competition law provided that reseller selection is based on objective, qualitative criteria applied uniformly and proportionately, as clearly reaffirmed by the Paris Court of Appeal in its July 13, 2018 decision.
Selective distribution thus enables control over sales conditions, advice provided to customers, and product presentation, including online.
This network was based on two distinct types of agreements: one governing in-store distribution within pharmacies, and another authorizing distance selling via the Internet, but exclusively through the approved pharmacist’s own website. Sales via third-party platforms or marketplaces were expressly excluded under the contractual terms.
The emergence of the platform 1001Pharmacies.com, operated by eNova Santé and offering pharmacists a shared space to sell their products, led Caudalie to challenge the presence of its products on the site on the grounds that it undermined the integrity of its selective distribution network.
As early as 2014, Caudalie initiated summary proceedings against eNova Santé for a manifestly unlawful disturbance resulting from the breach of its network, which led to an initial order requiring the removal of the products.
However, the Paris Court of Appeal subsequently held that a general prohibition on the use of non-approved platforms could constitute a restriction of competition. This decision was overturned by the French Supreme Court on September 13, 2017, which recognized Caudalie’s right to prohibit the sale of its products on 1001Pharmacies.com, thereby referring the matter back to the Paris Court of Appeal.
The French Supreme Court’s position: recognition of a manifestly unlawful disturbance
In its decision of September 13, 2017, the French Supreme Court held that the Court of Appeal had deprived its decision of a legal basis by failing to justify how administrative decisions or other references could exclude the existence of a manifestly unlawful disturbance resulting from the infringement of Caudalie’s selective distribution network.
The Court therefore acknowledged that Caudalie was entitled to prohibit the sale of its products on a non-approved online platform on the grounds that such sales undermined the effectiveness of its selective network, which had previously been validated by the Competition Authority.
This decision firmly reiterated that, where a selective distribution network is lawful, the trademark owner’s contractual freedom prevails over a superficial assessment of a potential restriction of competition, provided that the selective criteria are implemented consistently with the intended objective.
The prohibition confirmed by the Paris Court of Appeal
Following the remand, the Paris Court of Appeal, in its July 13, 2018 decision, applied the principles established by European case law, notably the Coty judgment (CJEU, December 6, 2017, C-230/16). This decision states that the establishment of a selective distribution network for luxury goods may be justified by the need to preserve their image and sense of luxury, which enable consumers to distinguish them from other comparable products and therefore contribute to the very quality of these products.
Thus, in order to validate the prohibition’s compliance with European Union law, the Paris Court of Appeal held that:
– Caudalie products fall within categories comparable to luxury goods, whose perceived quality depends not only on their intrinsic characteristics but also on their presentation, commercial environment, and associated image.
– The agreements concluded with pharmacists set out objective, uniform, and non-discriminatory criteria, particularly regarding online sales, which were strictly reserved for the pharmacist’s own website meeting specific conditions.
– The prohibition imposed on approved pharmacists against the visible use of third-party platforms for online sales was proportionate to the objective of preserving trademark image and did not go beyond what was necessary to achieve that objective.
The Court noted, for example, that 1001Pharmacies.com offered Caudalie products alongside goods unrelated to the dermocosmetic universe (such as fire alarms or video surveillance cameras), which was likely to undermine the prestige image sought by the trademark.
Scope of the decision
While this decision confirms established case law according to which only an objective justification may legitimize a sales prohibition within a selective distribution network, an important nuance must be emphasized.
The decision demonstrates that a case-by-case analysis is required, particularly where a company restricts its distribution network for image-related reasons. The assessment of what may or may not harm trademark image inevitably involves a degree of subjectivity.
Conclusion
The Caudalie case is a structuring decision for companies operating under selective distribution networks. It demonstrates that French law, in alignment with EU law, provides trademark owners with effective tools to preserve the integrity of their trademark image and the consistency of their online commercial strategy.
Dreyfus & Associés assists clients in managing complex intellectual property matters, providing tailored advice and comprehensive operational support for the full protection of intellectual property rights.
What is a selective distribution network?
A selective distribution network is a system whereby a trademark selects its distributors based on specific criteria (quality of the point of sale, staff training, product presentation, compliance with trademark image) and prohibits them from reselling to non-approved distributors. This mechanism is lawful under EU law provided that the criteria are objective, applied uniformly, and proportionate. It enables the trademark to preserve its image and ensure quality standards in the marketing of its products, including online.
Would the solution be different for non-premium products?
Potentially, yes. The Coty case law emphasized the need to preserve the image of luxury or luxury-like goods. Where a product does not have a qualitative dimension linked to its image or sales environment, the justification for prohibiting marketplaces becomes more difficult.
For mass-market products, the proportionality of such a prohibition would be examined more strictly.
What practical advice can be given to trademark owners?
To secure a selective distribution network legally, it is advisable to formalize precise and measurable qualitative criteria, include specific clauses relating to online sales, ensure uniform and documented application, actively monitor platforms, and anticipate European regulatory developments (VBER, DSA). A rigorous contractual strategy remains the cornerstone of protection.
What is the difference between “visible” and “invisible” sales via a marketplace?
European case law distinguishes between visible presence on a marketplace (where the consumer clearly identifies the platform) and technical solutions where the marketplace is not identifiable to the end customer. In the Coty judgment, the CJEU considered that the prohibition concerned the “visible” use of third-party platforms. This distinction may be decisive: if the consumer is unaware of a third party’s involvement, harm to trademark image may be more difficult to establish.
What strategic lessons can companies learn from this case law?
This case highlights the importance of a consistent legal strategy. Companies wishing to control the distribution of their products must structure their network with clear criteria, formalize specific rules for online sales, and actively monitor compliance with these obligations. A rigorous contractual policy and constant monitoring of platforms help limit the risk of circumvention and preserve brand value.
The decision rendered by the French Supreme Court on March 28, 2018 (n°16-20.018) constitutes a significant milestone in assessing victim liability in cases of banking fraud. While the legal framework had traditionally favored strong customer protection, this ruling introduces a rebalancing by placing the concept of gross negligence at the forefront, now interpreted more rigorously.
Under Article L.133-18 of the French Monetary and Financial Code, the principle remains that unauthorized transactions must be reimbursed immediately to the customer. However, the bank may avoid reimbursement if it can demonstrate fraud attributable to the customer or, more commonly, a serious breach of the customer’s duty of care. The central challenge therefore lies in identifying such negligence, the scope of which has been significantly broadened by recent case law.
A structured analysis of fraud scenarios to determine liability
Assessing the respective liability of the bank and the account holder requires a precise qualification of the factual circumstances. Traditionally, fraud cases fall into three distinct categories, each governed by a specific legal regime.
The first scenario concerns the interception of a bank card during delivery. In such cases, liability lies with the bank. Under Article L.133-15 of the French Monetary and Financial Code, payment service providers must ensure the confidentiality of security data associated with payment instruments. This obligation is reinforced by data protection law, particularly the GDPR, which requires appropriate technical and organizational safeguards. Where fraud results from deficiencies in these systems, the bank bears full responsibility, without any fault attributable to the customer.
The second scenario involves the loss or theft of a bank card. Here, the legislator has adopted a balanced mechanism. Under Article L.133-19 of the French Monetary and Financial Code, the customer may bear a limited loss capped at €50 at most, provided no gross negligence is established. However, this cap does not apply in certain situations provided for by the statute, and the payer shall bear the full amount of the losses in the event of fraudulent conduct or where the losses result from intentional misconduct or gross negligence in complying with their obligations. In practice, when the customer acts diligently, particularly by promptly reporting the incident, the bank remains liable for nearly the entire loss.
The third and most frequent scenario involves the misappropriation of banking data while the card remains in the customer’s possession. This includes various techniques such as card cloning, system intrusions, and, most commonly, phishing (fraudulent practice whereby an individual is deceived into disclosing sensitive information (such as login credentials, passwords, or banking details) by an impersonator posing as a trusted entity, such as a bank, public authority, or legitimate business). It is within this category that legal disputes are most complex, as the line between victimhood and fault becomes particularly blurred.
Phishing: a progressive reclassification of customer liability in case law
Phishing-related litigation clearly illustrates the evolution of judicial reasoning. Initially, the French Supreme Court adopted a protective stance, holding that the mere fact of being deceived by a fraudulent scheme was insufficient to establish gross negligence. The decision of January 18, 2017 (No. 15-18102) reflected this approach, requiring banks to prove manifestly imprudent behavior on the part of the customer.
However, the French Supreme Court decision of March 28, 2018 (No. 16-20.018) decision marks a turning point. The Court now accepts that gross negligence may arise from a failure to detect obvious signs of fraud, such as inconsistencies in website addresses, spelling errors, or unusual requests.
This shift introduces a heightened standard of vigilance, requiring customers to exercise critical judgment when confronted with suspicious communications. The assessment is now conducted in concreto, taking into account factors such as the apparent credibility of the fraudulent message, the context in which it was received, and the profile of the victim.
Key contribution of the decision: the decisive role of security systems in assessing fault
One of the most significant contributions of the March 28, 2018 ruling lies in the importance given to banking security mechanisms. The Court considers that the use of strong authentication systems, such as 3D Secure, may indicate that confidential data was compromised due to the customer’s conduct.
In practical terms, when a transaction requires the entry of a code sent personally to the account holder, it becomes more difficult for the customer to deny involvement in the fraudulent operation. Although this constitutes a rebuttable presumption, it significantly strengthens the bank’s position by providing technical evidence of insufficient vigilance.
This development reflects a shift in the allocation of responsibility. As security systems become more sophisticated, the level of care expected from customers increases accordingly. Technology, initially designed to protect users, thus becomes a key factor in assessing their potential fault.
Conclusion
The decision of March 28, 2018 marks a significant evolution in the legal treatment of banking fraud in France, introducing a rebalancing between customer protection and the customer’s own duty of vigilance. While the principle of immediate reimbursement of unauthorized transactions remains intact, its effectiveness now depends closely on the absence of gross negligence, which is assessed more rigorously and contextually.
Case law thus promotes a more accountable approach for account holders, particularly in response to modern fraud techniques such as phishing. At the same time, it fully integrates technological developments, especially strong authentication mechanisms, into the evaluation of customer behavior.
Dreyfus Law Firm . assists its clients in managing complex intellectual property matters by providing tailored advice and comprehensive operational support to ensure the full protection of intellectual property rights.
How is the burden of proof allocated in banking fraud cases?
The principle remains favorable to the customer: the bank must demonstrate that the transaction was properly authenticated and executed. However, to avoid reimbursement, it must also prove fraud or gross negligence by the customer, often relying on technical evidence such as strong authentication and transaction traceability.
Does disclosing banking data automatically constitute fault?
No. Case law adopts a nuanced approach. The disclosure of banking data does not automatically amount to gross negligence. Courts assess the specific circumstances, including the sophistication and credibility of the fraud. However, since 2018, a higher level of vigilance is expected when clear warning signs are present.
Does the customer’s reaction time affect liability?
Yes. Prompt action, particularly reporting the fraud without delay, is a key factor. A diligent response may exclude gross negligence and preserve the right to reimbursement. Conversely, delayed action may be interpreted as a failure to exercise due care.
Do banking security systems automatically exempt banks from liability?
No, but they play a crucial role. Strong authentication mechanisms, such as 3D Secure, may indicate that the transaction was validated using the customer’s credentials, creating a presumption of negligence. This presumption can, however, be rebutted in cases of sophisticated fraud.
Do new technologies increase customer responsibility?
Indirectly, yes. As security systems become more advanced, expectations regarding user vigilance rise accordingly. Customers are presumed to understand authentication processes and act cautiously. Technology thus becomes a key factor in assessing customer behavior.
Since November 7, 2017, Thailand has officially become the 99th member of the Madrid Protocol, marking a major milestone in the expansion of the Madrid System, administered by the World Intellectual Property Organization (WIPO). This accession confirms the growing importance of this international mechanism in the global protection of trademarks.
Background and Thailand’s accession
The Madrid Protocol, in force since April 1996, allows applicants to protect a trademark in several countries through a single international application, filed with a member office and accompanied by a single set of fees. This centralized process is attractive due to its simplicity and efficiency.
Thailand deposited its instrument of accession in August 2017 during an official ceremony attended by government representatives. The accession entered into force on November 7, 2017, enabling, as of that date, trademark holders from Thailand or abroad to file an international application covering Thailand.
Advantages and challenges for applicants
Simplification and cost savings
Thanks to the Madrid System, applicants no longer need to file trademark applications country by country. A single procedure suffices to designate multiple jurisdictions, with one application and centralized fees.
Attractiveness for foreign businesses
Thailand’s accession enhances its appeal for foreign companies, which can now include Thailand in their international trademark portfolios through the Madrid System.
Regional strategy
This accession is part of a broader movement within ASEAN. With Thailand, eight of the ten ASEAN member states have joined the system a significant step toward regional harmonization in trademark protection.
Strategic perspectives in Asia
Thailand’s entry into the Madrid System represents a strategic opportunity for businesses targeting the Asian market and seeking to structure an international trademark protection strategy without multiplying individual national procedures.
Conclusion
Thailand’s accession to the Madrid Protocol, effective November 7, 2017, marks an important step in the expansion of the Madrid System. It provides tangible benefits in terms of simplicity, reduced costs, and broader geographic coverage for international applicants. This development also strengthens regional cohesion within ASEAN at a time when intellectual property protection is becoming a key competitive advantage.
Dreyfus Law firm assists its clients in managing complex intellectual property cases, offering personalized advice and comprehensive operational support for the complete protection of intellectual property.
Dreyfus Law firm is partnered with a global network of lawyers specializing in intellectual property.
Nathalie Dreyfus with the assistance of the entire Dreyfus team.
FAQ
1. Since when has Thailand been a member of the Madrid system?
Since November 7, 2017, following its official accession to the Madrid protocol.
2. What does the Madrid system offer in practice?
It allows applicants to file a trademark in multiple member states through a single international application and pay centralized fees.
3. Why is Thailand’s accession strategic?
It facilitates access to the Thai market through a single procedure and strengthens regional coverage within ASEAN.
4. How many members does the Madrid protocol have?
With Thailand’s accession, the system counted 99 member states as of its entry into force.
5. What perspectives does this accession offer?
It opens new opportunities for companies targeting Asian markets, notably by combining protection in Thailand with neighboring countries such as Cambodia, Vietnam, China, and Brunei.
Introduction : impartiality tested by social media
The rise of social media has profoundly transformed human interactions, blurring the lines between private life and professional obligations. In the judicial context, this evolution raises delicate questions about the neutrality and independence of judges. The decision of 5 January 2017 (No. 16-12.394) of the French Court of Cassation illustrates this issue by ruling on the legal qualification of the “friend” link on Facebook. The highest court emphasised that such a virtual link, often created without any significant interaction, cannot automatically be equated with a genuine friendship. This clarification marks an important step in adapting case law to the realities of the digital age.
The distinction between virtual and real friendship
Facebook “friend”: a symbolic link, not presumed to be close
The Court of Cassation held that the term “friend” as used on Facebook reflects the platform’s own terminology rather than a traditional social recognition. In many cases, such a connection results from algorithms, professional contacts, or weak ties, without genuine personal involvement. A virtual connection therefore does not, in itself, indicate emotional closeness or influence. This position ends the automatic conflation of digital and personal relationships. It also reminds us that the law must take into account the specific practices of each digital environment.
No automatic presumption of bias
The decision confirms that a “friend” link on a social network is not, on its own, sufficient grounds to recuse a judge. Without factual evidence of a personal relationship or partiality, bias cannot be established. This stance protects the freedom to use social media while maintaining a high evidentiary standard. It thus strikes a balance between safeguarding the image of justice and acknowledging common digital practices. The Court reaffirmed that only concrete evidence can justify challenging a judge’s impartiality.
Concrete elements that may demonstrate bias
Evidence required by case law
For a recusal request to succeed, it is essential to provide tangible evidence. Such evidence may include:
Frequent and personalized exchanges between the judge and the party.
Public expressions of support or positions taken in favor of one party.
Joint participation in events directly related to the case.
Precise, verifiable evidence directly linked to the dispute.
Elements ensuring that recusal is not used as a dilatory or strategic tool without any objective basis.
Probative value and legal requirements
The elements presented must demonstrate an objective appearance of bias, as it would be perceived by a reasonable observer. The criteria include:
Rejection of isolated or anecdotal evidence (for example, a single screenshot or a one-off connection).
The need to establish an overall context and a significant frequency of interactions.
Consideration of consistent indicators demonstrating an objective risk of bias.
A rigorous factual approach, excluding purely subjective interpretations.
Ensuring legal certainty and the stability of rendered decisions.
Scope of the decision on judges’ use of social media
Recognition of digital realities
In ruling this way, the Court acknowledges the widespread use of social media and the connections they generate. Digital relationships can exist without implying a real personal bond, and their mere existence does not inherently threaten impartiality. This recognition marks progress in adapting the law to the digital era.
Freedom of use framed by ethical prudence
However, the decision does not exempt judges from their ethical obligations. Their online presence must remain compatible with the requirements of neutrality and restraint. Any interaction likely to create an appearance of bias should be avoided to maintain public confidence in the judiciary.
Implications for public perception of justice
A reassuring decision for judicial neutrality
By requiring concrete proof of bias, the Court reinforces confidence in the independence of judges. This stance reassures that objective criteria, rather than mere appearances, guide the assessment of impartiality.
Risks of negative public perception
Nevertheless, part of the public, unfamiliar with legal nuances, may view these virtual links as a potential source of conflict of interest. This calls on judges and judicial institutions to educate the public about the real significance of such digital connections.
Conclusion
The decision of 5 January 2017 is a cornerstone in defining judicial impartiality in the digital age. It makes clear that the mere existence of a virtual link cannot undermine a judge’s neutrality, absent tangible proof of closeness or influence. This ruling helps to stabilise case law on recusal while providing a clear framework for legal practitioners.
Dreyfus Law firm is part of a global network of lawyers specialising in Intellectual Property.
Nathalie Dreyfus with the assistance of the entire Dreyfus team.
FAQ
Can a judge be Facebook friends with a party to a case ?
Yes, but this link alone does not justify recusal.
What evidence can prove bias ?
Frequent exchanges, public support, or direct involvement in the case.
Does the private nature of exchanges affect the analysis ?
No, only proof of a concrete relationship matters.
Does this rule apply to LinkedIn or Instagram ?
Yes, it applies to all social networks.
Can a judge be sanctioned for online activities ?
Yes, in cases of breach of neutrality or restraint obligations.
The term “trademark troll” refers to opportunistic actors who exploit trademark law for speculative or coercive purposes. This article examines the definition of trademark trolls, the dangers they represent, the means of protection against them, and the question of their potential strategic value.
Understanding trademark trolls
Definition and essential characteristics
A trademark troll files a mark without any genuine intention of use, with the aim of demanding royalties, blocking market access, or exerting legal pressure.
Origins: from patent trolling to trademark trolling
Inspired by practices in the field of patents, this misuse relies on the “first-to-file” principle. Trolls take advantage of companies’ delays or oversights to pre-empt their filings.
Why trademark trolls are dangerous
Legal and commercial risks
Such practices generate costly litigation, slow down innovation, and force businesses into unjustified financial concessions.
Concrete examples
Snapchat vs. 47/72 Inc.: the filing of “OH SNAP! CHAT” risked diverting Snapchat’s image.
Castel frères in China: fraudulent pre-registration of the name “Ka Si Te” led to penalties and market losses.
Apple-proview: Apple was forced to pay USD 60 million to secure the “iPad” trademark in China.
Opposition proceedings before INPI, EUIPO, or other trademark offices.
Revocation for non-use actions.
Recognition of bad faith, illustrated by the recent EUIPO decision invalidating a fraudulent “TESLA” filing.
In 2022, Tesla filed a cancellation action against the European trademark “TESLA,” registered by Capella Eood, a company associated with an individual known for “trademark trolling” practices. Tesla argued that Capella Eood employed speculative strategies to register trademarks in order to block other companies’ operations and extort financial settlements. The EUIPO’s Cancellation Division held that the mark had been filed in bad faith and declared it invalid.
While trolls act for speculative purposes, some defensive filings may be considered strategic, provided they rest on a genuine intention of use.
Regulatory responses and recent case law
Offices and courts are progressively reinforcing the fight against abusive practices. The Tesla/Capella Eood decision confirms Europe’s determination to sanction speculative filings.
Conclusion
Trademark trolls represent a growing threat for businesses. Only proactive protection strategies and swift legal responses allow companies to safeguard their intangible assets.
Dreyfus Law firm assists its clients in managing complex intellectual property cases, offering personalized advice and comprehensive operational support for the complete protection of intellectual property.
Dreyfus Law firm is partnered with a global network of lawyers specializing in intellectual property.
Nathalie Dreyfus with the assistance of the entire Dreyfus team.
FAQ
What is a trademark troll?
A trademark troll is a filing made without any real intention of use, solely to block or monetize rights.
What are the risks associated with trademark trolls?
They lead to costly litigation, delay market entry, and impose unjustified financial concessions.
How can a fraudulent filing be anticipated?
By filing trademarks early and implementing active monitoring systems.
What remedies are available in France and Europe?
Opposition proceedings, non-use cancellation actions, and claims based on bad faith.
Is revocation for non-use an effective tool?
Yes, it is an effective means of cancelling trademarks held by trolls.
Should start-ups fear trademark trolls as much as large corporations?
Yes, because their financial vulnerability and growing visibility make them particularly exposed.
What is the difference between a defensive filing and a troll filing?
A defensive filing aims to protect legitimate use, while a troll filing relies on abusive speculation.
The French Digital Republic Act of October 7, 2016 laid the foundation for a structured regulatory framework governing online platforms in France. It introduced transparency, fairness and accountability obligations designed to rebalance the relationship between platforms, professionals and users.
In an ecosystem now largely shaped by the GDPR and the Digital Services Act (DSA), these obligations must be reassessed and updated. In this article, we offer a comprehensive analysis of the actual scope of the statutory provisions: first, what the law truly provides for, and then how those provisions fit into a legal landscape that has been profoundly reshaped since 2016.
Core obligations imposed on online platforms
Legal definition of online platforms
The Digital Republic Act introduced a precise definition of online platforms, formerly codified in the old Article L.111-7 I of the French Consumer Code. Services were considered platforms when they professionally offered, whether for remuneration or not, an online communication service to the public based on:
The ranking or referencing of content, goods or services;
The facilitation of interactions between several parties for the purpose of a transaction.
This definition covered a broad range of services: comparison tools, marketplaces, directories, search engines, social networks and intermediation services.
Its purpose was clear: to acknowledge the significant influence of these operators and to establish a protective framework built on three core principles, transparency, fairness and responsibility.
Article L.111-7 I of the Consumer Code was revoked in 2022. The applicable definition is now the one set out in the Digital Services Act, which qualifies an online platform as any intermediary service that stores and makes information accessible to the public at the request of users.
Differentiation between operators
The law distinguishes between:
Online platform operators, subject to general transparency rules;
Influencer platforms or hyperscale operators, now primarily regulated at the EU level by the DSA.
This structure enables obligations to be calibrated according to the platform’s economic influence.
Strengthened transparency and fairness requirements
Enhanced information obligations
Article L.111-7 of the French Consumer Code requires platforms to inform users of the criteria determining the ranking of content or offers. This information must be clear, intelligible and easily accessible.
This obligation, innovative in 2016, anticipated today’s concerns regarding algorithmic manipulation and the transparency of recommendation systems.
Disclosure of contractual relationships
Platforms must also indicate whether the advertiser or seller is acting as a professional, a consumer, or an uncertified reseller.
This enables users to determine whether consumer protection provided by law applies.
Identification of sponsored content
The law requires clearly identifiable disclosures when content has been paid for or promoted.
These provisions foreshadowed today’s standards set by:
The ARPP (French Autorité de régulation professionnelle de la publicité) for influencers,
Platforms must provide a user-friendly mechanism enabling individuals to report illegal content, including: counterfeiting, hate speech, privacy violations, fraud, and other unlawful activities.
When a platform connects professionals, sellers or service providers with consumers, it must provide a space enabling them to communicate the pre-contractual information required under Articles L.221-5 and L.221-6 of the French Consumer Code.
The Act has been largely absorbed by this EU framework while retaining its additional economic transparency requirements.
Complementarity with the Digital Services Act
The DSA, applicable since 2024, has established a comprehensive EU-wide regime for platforms. The DSA notably imposes increased responsibility on platforms regarding the moderation of illegal or harmful content. They must implement mechanisms to detect and remove such content, failing which they may face sanctions.
French Digital Republic Act remains relevant, particularly for:
Economic fairness obligations,
Online review regulation,
Consumer information duties.
Oversight and sanctions
The competent authorities include: the DGCCRF, CNIL, Arcom, and civil and criminal courts.
Sanctions can include fines, corrective measures, and even temporary bans on operations.
Update their terms of use, privacy policies and notices.
Conclusion
The Digital Republic Act remains a fundamental component of the French regulatory framework for online platforms. It establishes an environment based on transparency, responsibility and user protection, now reinforced by the GDPR and the Digital Services Act. Businesses must adopt an integrated approach combining legal compliance, algorithmic governance and consumer protection to secure their digital operations.
Dreyfus & Associés assists its clients in managing complex intellectual property cases, offering personalized advice and comprehensive operational support for the complete protection of intellectual property.
1.Can a platform be held liable for content posted by a user? Yes. A platform becomes liable if it fails to remove manifestly illegal content promptly after being informed of it.
2.Can a user challenge a platform’s decision to remove content? Yes. Platforms must provide an internal complaint mechanism allowing users to contest removal or delisting decisions. Under the DSA, this mechanism must be accessible and include human review.
3.Can French law require a platform to disclose the identity of a user who posted illegal content? Yes, but only under strict conditions. Disclosure can only be ordered by a judicial authority when there is evidence of illegal activity.
4.Must a platform located outside the EU comply with French law when targeting French users? Yes. If it targets the French or EU market, it remains subject to local legislation.
5. What best practices should online platform operators adopt? Platform operators should implement a comprehensive compliance strategy that integrates both national and European legal requirements. This includes documenting ranking criteria, strengthening transparency in commercial practices, structuring content moderation procedures, ensuring the reliability of online reviews, and regularly updating terms of use, privacy policies and mandatory disclosures.
This publication is intended to provide general guidance to the public and highlight certain issues. It is not intended to apply to specific situations or constitute legal advice.
Our site uses cookies to offer you the best service and to produce statistics, and measure the website's audience. You can change your preferences at any time by clicking on the "Customise my choices" section.
When browsing the Website, Internet users leave digital traces. This information is collected by a connection indicator called "cookie".
Dreyfus uses cookies for statistical analysis purposes to offer you the best experience on its Website.
In compliance with the applicable regulations and with your prior consent, Dreyfus may collect information relating to your terminal or the networks from which you access the Website.
The cookies associated with our Website are intended to store only information relating to your navigation on the Website. This information can be directly read or modified during your subsequent visits and searches on the Website.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Dreyfus is concerned about protecting your privacy and the Personal Data ("Data"; "Personal Data") it collects and processes for you.
Hence, Dreyfus complies every day with the European Union legislation regarding Data protection and particularly the European General Data Protection Regulation Number 2016/679 of 27 April 2016 (GDPR).
This Privacy Policy is aimed at informing you clearly and comprehensively about how Dreyfus, as Data Controller, collects and uses your Personal Data. In addition, the purpose of this Policy is to inform you about the means at your disposal to control this use and exercise your rights related to the said processing, collection and use of your Personal Data.
This Privacy Policy describes how Dreyfus collects and processes your Personal Data. The collection happens when you visit our Website, when you exchange with Dreyfus by e-mail or post, when exercising our Intellectual Property Attorney and representative roles, when we interact with our clients and fellow practitioners, or on any other occasion when you provide your Personal Data to Dreyfus, in particular when you register for our professional events.
Written by Dreyfus30/08/2019 
Cyber-attacks are on the rise, and they are becoming more sophisticated. Our current business model is globally interconnected; commercial transactions and even social life transcend national borders. Consequently, our vulnerability to cyber-attacks has been increased, however, the competences of the cyber security and police authorities, as well as political responses, are predominantly national.
Protecting authors’ rights is a necessity in the digital age, as information flows more and more easily. That is why 
