Tag Archives for " CNIL "

French DPA Publishes New Security Guidelines

On January 23, 2018, the French data protection authority (the CNIL) published new guidelines on the security of personal data (updating its previous security guide published in 2010 available in English ), providing practical recommendations in the form of “Do’s and Dont’s” to help businesses implement appropriate measures to protect personal data in compliance with the General Data Protection Regulation (“GDPR”).

Source: FRANCE: CNIL New Security Guidelines

Report on the ethical matters raised by algorithms and artificial intelligence

Public awareness around the role of algorithms and artificial intelligence in our everyday lives has been rising subsequently in the past few months: the role of social media in the U.S. presidential election is an example of such an interest.

Source: How can humans keep the upper hand? Report on the ethical matters raised by algorithms and artificial intelligence

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

On October 17, 2017, the French Data Protection Authority (“CNIL”), after a consultation with multiple industry participants that was launched on March 23, 2016, published its compliance pack on connected vehicles (the “Pack”) in line with its report of October 3, 2016 .

Source: French DPA Publishes a Compliance Pack Regarding Connected Vehicles

CNIL publishes guidance for data processors

On 29 September 2017, the French Data Protection Authority (the CNIL) released a guide for data processors on implementing the obligations laid down in the GDPR. Unlike the draft guidance recently published by the UK Data Protection Authority (the ICO), ‘Contracts and liabilities between controllers and processors‘, the CNIL’s guidance focuses just on processor obligations and is structured around FAQs.

Source: CNIL publishes guidance for data processors

Controller and Processor standard clauses

The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données: un guide pour accompagner les sous-traitants” and “ Directrices para contratos responsable – encargado” respectively.

Source: Controller and Processor standard clauses

CNIL Publishes GDPR Guidance for Data Processors

On September 29, 2017 the French Data Protection Authority (CNIL) published a guide for data processors to implement the new obligations set by the EU General Data Protection Regulation (“GDPR”). The guidance addresses the extended scope of the GDPR and the new and direct obligations data processors will have when the GDPR comes into force on May 25, 2018.

Source: CNIL Publishes GDPR Guidance for Data Processors

French DPA adopts new single authorisation on fraud prevention systems

The French data protection authority (CNIL) has just adopted Single Authorization No. AU-054 (the “AU-054”) on July 13, 2017 in order to cover the processing of personal data implemented in relation to these fraud prevention/detection systems. The new AU-054 provides a blanket authorization for entities processing personal data for purposes related to the prevention/detection of external fraud in the banking and financial sector assuming they adhere to a strict set of conditions set forth by the CNIL, the most significant of which are summarized below.

Source: FRANCE: CNIL ADOPTS NEW SINGLE AUTHORIZATION ON FRAUD PREVENTION SYSTEMS | Privacy Matters

CNIL Updates Privacy Seals on Governance Procedures and Training Programs to Comply with GDPR

On September 20, 2017, the French Data Protection Authority (CNIL) announced that it has updated two standards on privacy seals in order to take into account the requirements of the EU General Data Protection Regulation (“GDPR”).

Source: CNIL Updates Privacy Seals on Governance Procedures and Training Programs to Comply with GDPR

>