An NGO has just seized the CNIL in order to conduct an investigation into Doctissimo, accused of collecting and reselling sensitive data from its Internet users without their consent.
The complaint in French at the bottom of this page: https://t.co/7tRgmfMV8k
— Privacy International (@privacyint) July 1, 2020
The NGO has thus filed a complaint with the CNIL, and asked it to investigate the case of Doctissimo, accused of violating the RGPD by recklessly collecting cookies and selling them to nearly “556 partners” sales people every month. According to the NGO, Doctissimo mainly sells them the results of online health tests on its site. As this is a medical site on which data is generally rather sensitive, the case is something to be perplexed, especially since it is perfectly possible to confuse the unique identifier of a user with his identity real. On the side of Doctissimo, a site manager defends himself with AFP by affirming that the site “Does not market personal data relating to health” Internet users. In addition, Doctissimo has already changed the way it alerts users that it collects cookies, going from tacit consent to express consent that requires a click on a window.