AI: ensuring GDPR compliance

21 September 2022

Artificial intelligence raises crucial and new questions, especially with regard to data protection. Here, the CNIL provides a reminder of the main principles of the French Data Protection Act and the GDPR to be followed, along with its position on certain more specific aspects.

Defining a purpose


Establishing a legal base


Compiling a database


Minimising data


Defining a retention period


Supervising continuous improvement


Safeguarding against the risks involved with AI models


Providing information and explicability


Implementing the exercise of rights


Supervising automated decisions


Assessing the system


Avoiding algorithmic discrimination


Interested in contributing?

Write to ia[@]cnil.fr