A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 22 junio 2017
On 28 March 2017, the French Data Protection Authority (“the CNIL”) published its annual activity report for 2016 (the “Report”) presenting its main accomplishments during the year and describing its objectives for the year to come. The Report lists the major highlights of the year 2016 including the adoption of the Digital Republic Bill dated 7 October 2016; the adoption of the (“GDPR”); and the entry into force of the Privacy Shield.
According to the Report 7,703 complaints have been received by the CNIL in 2016 (an amount similar to the year 2015 with 7,900 complaints) amongst which:
According to the Report the CNIL received more than 400 complaints from individuals who have been refused a request for de-listing made to a search engine.
The complaints have also enabled the CNIL to identify new trends related to the Internet of Things, WIFI tracking or the increased use of video surveillance at work.
During 2016, the CNIL has performed 430 controls, among which 100 online controls including 94 controls to ensure the compliance of CCTV devices. The controls were carried out on various areas including contactless payment, psychosocial risks in companies, the national driving licensing system, the national inter-insurance system of health insurance and data brokers.
As to the repressive actions, the CNIL has issued 82 formal notices, amongst which with respect to breaches related to cookies, online sales, job listings and charity associations.
According to the CNIL, the majority of the formal notices issued have been followed by data controller’s compliance, however 13 sanctions have been pronounced by the CNIL in 2016. Four monetary sanctions have been pronounced by the CNIL including a fine of €100 000 against Google for the failure to de-list the global extensions of the domain name of its search engine.
The CNIL’s main priority for the year 2017 will be preparing for the GDPR, the development of the necessary compliance tools, and the work on a new data protection law.
The CNIL announces that the controls of the year 2017 will focus in particular on the confidentiality of health data processed by the actors of insurance sector, information files relating to State Security and connected televisions (Smart TV).
Finally, the Report outlines some of the topics that the CNIL will further consider in the future years as the ethics of algorithms and artificial intelligence and the place of citizens in smart cities.
The Report can be found here (French).
Submitted by Thierry Dor, Partner and Dane Rimsevica, Associate of Gide Loyrette Nouel – Paris, France
London - Walbrook
+44 (0)20 7894 6577
Vladimir Rostan d’ Ancezune
Sally Roff, Stefan Desbordes
David Williams, Peter Allchorne, Barrie Hall
Clare Hughes-Williams, Catrin Davies, Naomi Park, Sophie Ruffles
Emma Fuller, Jade Batstone, Daniel Miller
Sally Roff, Chris Baranowski
Charlotte Le Maire
Andrés Amunátegui Echeverría, Sascha Stullenberg
Peter Allchorne, David Williams
Richard Highley, Julian Bubb Humfryes
Mark Roach, Rebecca Austin
David Williams, David Johnson