A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 17 May 2016
On 8 April the French Data Protection Authority (the “CNIL”) published its annual report summarising its 2015 activities and briefly describing the objectives for the years to come ("Annual Report").
CNIL’s major focus areas in 2015
According to the Annual Report, the major focus areas of the CNIL over the past year have been related most notably to:
Increased number of controls carried out by the CNIL
Over the past year 7,908 complaints have been filed by the CNIL - a record number exceeding by 2,000 the number of complaints filed in 2014.
Also the inspections and controls carried out by the CNIL have increased over 2015. Last year, 501 data controllers (of which 70% belong to the private sector) were inspected, representing an increase of controls by 20% compared to 2014. According to the CNIL, this increase is partly due to its extended use of online control tools.
Furthermore 41% of the controls were spontaneously initiated by the CNIL, 35% were carried out in the course of its annual control programme, 15% were carried out further to a complaint and 9% formed a part of existing sanction or formal notice procedures.
Increased number of repressive actions and sanctions
Further to its inspections, the CNIL issued an increased number of formal notices: 93 notices were issued in 2015 compared to 62 in 2014. These notices concerned a variety of organisations and among the main categories of breaches addressed by these notices there were breaches related to cookies as well as:
According to the CNIL the majority of the issued formal notices were followed by data controller’s compliance, however 10 sanctions have been pronounced by the CNIL in 2015:
As for 2016, the CNIL has already imposed a EUR 100,000 fine on Google Inc. on 10 March 2016 and served Facebook Inc. and Facebook Ireland with a formal notice.
The future priorities of the CNIL
The CNIL has engaged an analysis on the privacy related impacts of connected devices. It has also announced that among its future priorities within its three year action plan (2016-2018) there is notably:
Finally, the CNIL welcomes the currently debated French Digital Republic Bill which is about to increase the maximum amount of its fines up to EUR 1,500,000 or even EUR 20,000,000.
The CNIL’s 2015 Annual Report is available here (French).
Submitted by Thierry Dor, Partner and Dane Rimsevica, Associate at Gide Loyrette Nouel – Paris, France
Return to main page >>>
Shehana Cameron Perera, Lorraine Ekong, Jade Kowalski, Rhiannon Webster, Ceri Fuller, Khurram Shamsee, Christopher Air, Sophie Devlin
Shehana Cameron Perera, Michael McMillen, Lorraine Ekong
Jade Kowalski, Shehana Cameron Perera, Rhiannon Webster
Aleksandar Dimitrov, Neal Pal
Rhiannon Webster, Charlie Christie
Michael McMillen, Rhiannon Webster, Ben Savery
Ceri Fuller, Khurram Shamsee, Christopher Air, Jade Kowalski, Sophie Devlin
Hans Allnutt, Patrick Hill, Laura Stewart, Lorraine Ekong
Lorraine Ekong, Hans Allnutt
Hans Allnutt, Camilla Elliot
Hans Allnutt, Patrick Hill
Hans Allnutt, Rhiannon Webster, Patrick Hill
Hans Allnutt, Rhiannon Webster