Tag Archives for " CNIL "

CNIL Publishes DPIA Guidelines and List of Processing Operations Subject To DPIA

On November 6, 2018, the French Data Protection Authority (the “CNIL”) published its own guidelines on data protection impact assessments (the “Guidelines”) and a list of processing operations that require a data protection impact assessment (“DPIA”).

Source: CNIL Publishes DPIA Guidelines and List of Processing Operations Subject To DPIA

CNIL issues guidaince on Blockchain and the GDPR

When a blockchain contains personal data, the GDPR is applicable. The architecture and characteristics specific to blockchains will, however, have consequences on how personal data is stored and processed. To address this matters, French data protection authority CNIL recently published guidelines “Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data“.

Source: Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data | CNIL

CNIL Details Rules On Audience and Traffic Measuring In Publicly Accessible Areas

On October 17, 2018, the French data protection authority (the “CNIL”) published a press release detailing the rules applicable to devices that compile aggregated and anonymous statistics from personal data—for example, mobile phone identifiers ( i.e. , media access control or “MAC” address) —for purposes such as measuring advertising audience in a given space and analyzing flow in shopping malls and other public areas.

Full article: CNIL Details Rules On Audience and Traffic Measuring In Publicly Accessible Areas

CNIL Publishes Statistical Review of Data Breaches Since GDPR

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application.

Between May 25 and October 1, 2018, the CNIL received 742 notifications of personal data breaches that affected 33,727,384 individuals located in France or elsewhere. Of those, 695 notifications were related to confidentiality breaches.

Source: CNIL Publishes Statistical Review of Data Breaches Since Entry into Application of GDPR

French DPA publishes updates on GDPR

The French Data Protection Authority (CNIL) has been actively providing lots of guidance to companies, both before and after the entry into force of the General Data Protection Regulation (GDPR). Below is a summary of the recent updates that were published on the CNIL’s website on various issues relating to the GDPR.

Full article: CNIL publishes updates on GDPR

CNIL Adopts Referentials on DPO Certification

On October 11, 2018, the French data protection authority (the “CNIL”) announced that it adopted two referentials (i.e. , guidelines) on the certification of the data protection officer (“DPO”). Both referentials are intended to apply to DPOs located in France. They include a certification referential that sets forth the conditions regarding the admissibility of DPO applications, and lists 17 qualifications that the DPO must have in order to be certified as a DPO by a certification body approved by the CNIL; and
an accreditation referential that outlines the criteria organizations must satisfy in order to be accredited by the CNIL as certification bodies.

Source: CNIL Adopts Referentials on DPO Certification

CNIL publishes initial analysis on Blockchain and GDPR

Many questions surround the Blockchain’s compatibility with EU General Data Protection Regulation (GDPR). The French Data Protection Supervisory Authority (the CNIL) has recently published its initial thoughts on this topic, providing some responses and practical recommendations on how the usage of a blockchain may be compatible with GDPR and more generally Data Protection Law, taking into account the “constraints” imposed by such technology.

Full article: FRANCE: CNIL publishes initial analysis on Blockchain and GDPR

French Data Protection Authority’s Latest Newsletter Includes Assessment of First Four Months of GDPR & Several Guidelines

The French Data Protection Authority (the CNIL) published its assessment of the first four months of GDPR and several guidelines, including one on how to make a GDPR compliant blockchain.

Full article: French Data Protection Authority’s Latest Newsletter Includes Assessment of First Four Months of GDPR & Several Guidelines

GDPR complaints stack up across the EU as regulators prepare to issue fines

It’s almost five months since Europe’s General Data Protection Regulation (GDPR) went into effect. Meanwhile, EU member states start to tally up GDPR complaints. Numbers have started rolling in from data protection authorities across Europe. As one of the first companies to be warned by a DPA, French startup Teemo might prove that regulators are more interested in keeping companies in line than collecting fees – once Teemo brought itself into compliance, the CNIL considered the issue closed.

Full article: GDPR complaints stack up across the EU as regulators prepare to issue fines – MarTech Today

1 2 3 5
>