CNIL goes after smaller firms on GDPR compliance

>