Pierre-Emmanuel Froge

Pierre Emmanuel Froge
  1. People /

Pierre-Emmanuel Froge

Pierre-Emmanuel Froge

Counsel


Paris
Pierre Emmanuel Froge
  1. People /

Pierre-Emmanuel Froge

Pierre-Emmanuel Froge

Counsel


Paris

Pierre-Emmanuel Froge

Counsel

Paris

T: +33 (0) 1 44 17 76 21

VcardVcard
Download PDFDownload PDF
Print
Share
English

Biography

Pierre-Emmanuel is a counsel in BCLP’s Paris office. He has developed strong skills in intellectual property valuation (trademark and copyright management), IT/technology transactions and data protection. He advises French and foreign companies in the negotiation and implementation of complex IT contracts. Pierre-Emmanuel also assists international groups in the implementation of data protection compliance programs, including cross-border data transfers, breach management and relations with supervisory authorities. He is involved in the compliance of digital platforms, particularly in the field of e-commerce, online gaming, entertainment and fintech. In addition, he assists clients in both advisory and litigation matters thanks to his experience in proceedings before regulatory authorities (e.g. CNIL, ANJ, DGCCRF, AMF) or jurisdictions.

He started his career in French firms dedicated to supporting innovators and start-ups. Prior to joining BCLP, he then practiced for several years in Paris in a top ranked English law firm’s TMT department advising international IT developers and marketplaces on strategic and complex technology transactions and data protection issues.

Professional Affiliations

  • Member of Paris Bar Incubator

Spoken Languages

  • English
  • French

Admissions

  • Paris

Education

Master’s degree, audiovisual law, 2008

EM Lyon Business School, Diploma, 2007

UCL in London, LLB, 2006

Related Capabilities

  • Intellectual Property & Technology Disputes

  • Fintech

  • Corporate

  • Finance

  • Investigations

  • Litigation & Dispute Resolution

  • Regulation, Compliance & Advisory

  • Data Privacy & Security

  • Healthcare & Life Sciences

Experience

IT

  • Negotiation, drafting and monitoring of complex IT contracts: integration, outsourcing, software license, data hosting contract, Online Travel Agencies contracts with hotels (OTA), Application Programming Interface license (API), smart contracts.
  • Accompaniment of the commercial activity of digital platforms (BtoC and BtoB): Drafting of contractual documentation (Terms and Conditions) and compliance of the activity of online platforms (protection of online consumers, respect of the particular obligations of online operators, respect of the obligations of the fight against fraud and money laundering, fight against online hate, etc.)
  • Assistance in obtaining approval from the ANJ for online sports betting sites operating in France.
  • Supporting digital platforms in obtaining approvals from the ACPR or the AMF (PSAN).
  • Supporting platforms providing for delivery solutions.
  • Supporting platforms providing for NFTs and implementing solutions built on the blockchain.

Privacy & Data Protection

  • Data protection and exploitation: drafting (realization of DPIA (Data Protection Impact Analysis), drafting of DPA (Data Protection Agreement), realization of Transfer Risk Assessment (TRA), drafting of Binding Corporate Rules (BCR)). Drafting of Privacy notices for digital platforms and online advertising agencies.
  • Cybersecurity: data breach management. Fight against online fraud on digital platforms.
  • Follow-up of technical data recovery operations with the support of judicial and police authorities. Support in the management of the breach with the control authorities and the individuals concerned.

IP

  • Entertainment: Consulting in the distribution of works of art, musical, literary and audio-visual content online. Drafting of licensing agreements for exploitation rights.
  • Due diligence in the context of mergers and acquisitions of innovative companies.
  • Management of trademark portfolios and advice in trademark and copyright infringement litigation.

Related Insights

Insights
Sep 08, 2025

The EU-US Data Privacy Framework Survives an Annulment Challenge

On 3 September 2025, the European Court of Justice (“CJEU”) dismissed the action of a Member of the French Parliament, Mr. Philippe Latombe, who had sought annulment of the EU-U.S. Data Privacy Framework (“DPF”).  Had he been successful, data transfers between the EU and US would have, yet again, faced challenges and uncertainty, as was the case following the 2020 Schrems II decision. This decision confirms that the European Commission is empowered to continue to review whether the DPF is sufficiently protective of EU data subjects’ rights, as the US legal landscape evolves. However, at this time, the safeguards offered in the US for EU personal data have been deemed sufficient to ensure the DPF has weathered this annulment challenge.   
Insights
Aug 19, 2025

What is the European Accessibility Act and what impact will it have on your business?

The European Accessibility Act (EAA) came into force on 28 June 2025. It requires that all in-scope products and services placed on the market or provided after that date in the EU must meet specified accessibility requirements.  These are requirements to help people with disabilities make use of certain products and services and will require businesses who offer these products or services to ensure they are accessible to all users.    
Insights
Jul 25, 2025

EMEA - Data Privacy, Digital and AI Round Up

As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to implementation of its AI Act, the CNIL’s recent regulatory focus (AI, transfer impact assessments and connected vehicles) and the approach in the Middle East to tech innovation, particularly AI.   
Insights
Feb 17, 2025

Mobile apps: What does the CNIL recommend from a privacy perspective?

While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process. Last September the Commission Nationale de l'Informatique et des Libertés (CNIL) published a set of recommendations to improve compliance of mobile apps with data protection rules. These clarify the obligations of the various stakeholders and set out best practices in the mobile app ecosystem. The recommendations are structured to distinguish between requirements which are mandatory and those which are best practice and are arranged by category of the entity involved in the mobile app value chain, with practical checklists for assessing and documenting compliance.  We unpack the key recommendations by the five main categories:   publishers; developers; software development kit (SDK) providers; operating system (OS) providers; and app stores.
Insights
Feb 06, 2025

Information Commissioner's open letter to the UK Prime Minister - Key Takeaways

On 16 January 2025, in an open statement and letter, the UK Information Commissioner, John Edwards, responded to the December 2024 letter from the UK Prime Minister, the Chancellor, and the Business Secretary. He set out the ICO25 strategic plan and highlighted a few interesting points. The plan confirms that responsible innovation and sustainable economic growth are core strategic objectives for the data protection regulator. Additionally, the importance of data protection and information rights are noted as essential building blocks for the ICO’s strategic plans, as they ensure public trust and consumer confidence alongside offering businesses security and certainty upon which to build for the future.
Insights
Jan 21, 2025

CNIL Strategic Plan 2025

Insights
Jan 14, 2025

EMEA- Data Privacy, Digital and AI Round Up 2024/2025

As expected in the data privacy and digital space, 2024 shaped up to be a year full of guidance, consultations, regulatory focus areas and legislative updates. Artificial Intelligence (AI) remained a hot topic with advertising technology (AdTech) closely following its heels. With the blizzard of global data protection developments continuing unabated in 2024 with no doubt more to come in 2025, it is a good moment to look back at what 2024 held for businesses as well as to consider what 2025 may hold in the EMEA region.
Insights
Dec 23, 2024

European Data Protection Board's Opinion on AI Models

On 17 December 2024, the European Data Protection Board (EDPB) adopted its opinion on certain data protection aspects related to the processing of personal data in the context of AI models (Opinion). The Opinion comes as a response to the Irish supervisory authority’s (Irish SA) request. The Irish SA’s request made to the EDPB was prompted due to the current lack of harmonisation amongst supervisory authorities when it comes to assessing AI models and addresses key components of an AI model such as training, updating, developing and the operation of AI models where personal data is part of the dataset. The Irish SA posed four specific questions as part of the request which covers: Anonymity in AI models where personal data has been used to train the model; The appropriateness of relying on legitimate interest as a lawful basis and how this can be demonstrated; and The continued use of an AI where unlawfully processed data sets have been used to create, update or develop an AI model. We cover each of these themes in turn below.

Related Insights

Insights
Sep 08, 2025
The EU-US Data Privacy Framework Survives an Annulment Challenge
On 3 September 2025, the European Court of Justice (“CJEU”) dismissed the action of a Member of the French Parliament, Mr. Philippe Latombe, who had sought annulment of the EU-U.S. Data Privacy Framework (“DPF”).  Had he been successful, data transfers between the EU and US would have, yet again, faced challenges and uncertainty, as was the case following the 2020 Schrems II decision. This decision confirms that the European Commission is empowered to continue to review whether the DPF is sufficiently protective of EU data subjects’ rights, as the US legal landscape evolves. However, at this time, the safeguards offered in the US for EU personal data have been deemed sufficient to ensure the DPF has weathered this annulment challenge.   
Insights
Aug 19, 2025
What is the European Accessibility Act and what impact will it have on your business?
The European Accessibility Act (EAA) came into force on 28 June 2025. It requires that all in-scope products and services placed on the market or provided after that date in the EU must meet specified accessibility requirements.  These are requirements to help people with disabilities make use of certain products and services and will require businesses who offer these products or services to ensure they are accessible to all users.    
Insights
Jul 25, 2025
EMEA - Data Privacy, Digital and AI Round Up
As we pass the mid-point of 2025, it’s a good time to review the important developments we have seen in the first 6 months of this year, particularly reforms to the UK’s data protection laws, the EU’s pathway to implementation of its AI Act, the CNIL’s recent regulatory focus (AI, transfer impact assessments and connected vehicles) and the approach in the Middle East to tech innovation, particularly AI.   
News
Jun 12, 2025
The Best Lawyers in France 2026
Insights
Feb 17, 2025
Mobile apps: What does the CNIL recommend from a privacy perspective?
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process. Last September the Commission Nationale de l'Informatique et des Libertés (CNIL) published a set of recommendations to improve compliance of mobile apps with data protection rules. These clarify the obligations of the various stakeholders and set out best practices in the mobile app ecosystem. The recommendations are structured to distinguish between requirements which are mandatory and those which are best practice and are arranged by category of the entity involved in the mobile app value chain, with practical checklists for assessing and documenting compliance.  We unpack the key recommendations by the five main categories:   publishers; developers; software development kit (SDK) providers; operating system (OS) providers; and app stores.
Insights
Feb 06, 2025
Information Commissioner's open letter to the UK Prime Minister - Key Takeaways
On 16 January 2025, in an open statement and letter, the UK Information Commissioner, John Edwards, responded to the December 2024 letter from the UK Prime Minister, the Chancellor, and the Business Secretary. He set out the ICO25 strategic plan and highlighted a few interesting points. The plan confirms that responsible innovation and sustainable economic growth are core strategic objectives for the data protection regulator. Additionally, the importance of data protection and information rights are noted as essential building blocks for the ICO’s strategic plans, as they ensure public trust and consumer confidence alongside offering businesses security and certainty upon which to build for the future.
Insights
Jan 21, 2025
CNIL Strategic Plan 2025
Insights
Jan 14, 2025
EMEA- Data Privacy, Digital and AI Round Up 2024/2025
As expected in the data privacy and digital space, 2024 shaped up to be a year full of guidance, consultations, regulatory focus areas and legislative updates. Artificial Intelligence (AI) remained a hot topic with advertising technology (AdTech) closely following its heels. With the blizzard of global data protection developments continuing unabated in 2024 with no doubt more to come in 2025, it is a good moment to look back at what 2024 held for businesses as well as to consider what 2025 may hold in the EMEA region.
Insights
Dec 23, 2024
European Data Protection Board's Opinion on AI Models
On 17 December 2024, the European Data Protection Board (EDPB) adopted its opinion on certain data protection aspects related to the processing of personal data in the context of AI models (Opinion). The Opinion comes as a response to the Irish supervisory authority’s (Irish SA) request. The Irish SA’s request made to the EDPB was prompted due to the current lack of harmonisation amongst supervisory authorities when it comes to assessing AI models and addresses key components of an AI model such as training, updating, developing and the operation of AI models where personal data is part of the dataset. The Irish SA posed four specific questions as part of the request which covers: Anonymity in AI models where personal data has been used to train the model; The appropriateness of relying on legitimate interest as a lawful basis and how this can be demonstrated; and The continued use of an AI where unlawfully processed data sets have been used to create, update or develop an AI model. We cover each of these themes in turn below.