Free tools and resources for Data Protection Officers!

Tag Archives for " France "

More than 50 nations, but not U.S., sign onto cybersecurity pact

French President Emmanuel Macron released an international agreement on cybersecurity principles Monday as part of the Paris Peace Forum. The original signatories included more than 50 nations, 130 private sector groups and 90 charitable groups and universities, but not the United States, Russia or China.

The Paris Call for Trust and Security in Cyberspace is another step in the disjointed effort to create international norms and laws for cybersecurity and warfare. In most international matters of regulating the internet, there tends to be a wide split between the liberal Western order and authoritarian nations like Russia and China.

Full article: More than 50 nations, but not U.S., sign onto cybersecurity pact – Axios

Facebook to let French regulators investigate on moderation processes

Facebook and the French government are going to cooperate to look at Facebook’s efforts when it comes to moderation. At the start of 2019, French regulators will launch an informal investigation on algorithm-powered and human moderation. Facebook is willing to cooperate and give unprecedented access to its internal processes.

Full article: Facebook to let French regulators investigate on moderation processes

Macron and tech giants launch Paris call to fix web woes

Microsoft was among the US tech giants joining with France to call for more nations and corporates to adhere to new internet regulations and do more in the global fight against cyber crime, online censorship and hateful dialogue online.

At an international convening on cyber security principles in Paris, Emmanuel Macron launched a document called “Paris call for trust and security in cyber-space”. The French President hopes the initiative will reenergise momentum for much-needed internet regulation after negotiations broke down last year.

Full article: Macron and tech giants launch Paris call to fix web woes

CNIL Publishes DPIA Guidelines and List of Processing Operations Subject To DPIA

On November 6, 2018, the French Data Protection Authority (the “CNIL”) published its own guidelines on data protection impact assessments (the “Guidelines”) and a list of processing operations that require a data protection impact assessment (“DPIA”).

Source: CNIL Publishes DPIA Guidelines and List of Processing Operations Subject To DPIA

CNIL issues guidaince on Blockchain and the GDPR

When a blockchain contains personal data, the GDPR is applicable. The architecture and characteristics specific to blockchains will, however, have consequences on how personal data is stored and processed. To address this matters, French data protection authority CNIL recently published guidelines “Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data“.

Source: Blockchain and the GDPR: Solutions for a responsible use of the blockchain in the context of personal data | CNIL

CNIL Details Rules On Audience and Traffic Measuring In Publicly Accessible Areas

On October 17, 2018, the French data protection authority (the “CNIL”) published a press release detailing the rules applicable to devices that compile aggregated and anonymous statistics from personal data—for example, mobile phone identifiers ( i.e. , media access control or “MAC” address) —for purposes such as measuring advertising audience in a given space and analyzing flow in shopping malls and other public areas.

Full article: CNIL Details Rules On Audience and Traffic Measuring In Publicly Accessible Areas

CNIL Publishes Statistical Review of Data Breaches Since GDPR

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application.

Between May 25 and October 1, 2018, the CNIL received 742 notifications of personal data breaches that affected 33,727,384 individuals located in France or elsewhere. Of those, 695 notifications were related to confidentiality breaches.

Source: CNIL Publishes Statistical Review of Data Breaches Since Entry into Application of GDPR

French DPA publishes updates on GDPR

The French Data Protection Authority (CNIL) has been actively providing lots of guidance to companies, both before and after the entry into force of the General Data Protection Regulation (GDPR). Below is a summary of the recent updates that were published on the CNIL’s website on various issues relating to the GDPR.

Full article: CNIL publishes updates on GDPR

CNIL Adopts Referentials on DPO Certification

On October 11, 2018, the French data protection authority (the “CNIL”) announced that it adopted two referentials (i.e. , guidelines) on the certification of the data protection officer (“DPO”). Both referentials are intended to apply to DPOs located in France. They include a certification referential that sets forth the conditions regarding the admissibility of DPO applications, and lists 17 qualifications that the DPO must have in order to be certified as a DPO by a certification body approved by the CNIL; and
an accreditation referential that outlines the criteria organizations must satisfy in order to be accredited by the CNIL as certification bodies.

Source: CNIL Adopts Referentials on DPO Certification

CNIL publishes initial analysis on Blockchain and GDPR

Many questions surround the Blockchain’s compatibility with EU General Data Protection Regulation (GDPR). The French Data Protection Supervisory Authority (the CNIL) has recently published its initial thoughts on this topic, providing some responses and practical recommendations on how the usage of a blockchain may be compatible with GDPR and more generally Data Protection Law, taking into account the “constraints” imposed by such technology.

Full article: FRANCE: CNIL publishes initial analysis on Blockchain and GDPR

>