The CNIL’s Missions
Information & Rights protection
The CNIL responds to requests from individuals and professionals. It carries out actions of communication with the general public and professionals, whether through its networks, the press, its website, its presence on social networks or by providing educational tools.
Any person may contact the CNIL in the event of difficulty in exercising their rights.
requests by electronic means
million visits on CNIL's websites
Compliance support & Guidance
In order to help private and public organizations to comply with the RGPD, the CNIL offers a complete toolbox adapted to their size and needs.
The CNIL ensures that they find solutions that allow them to pursue their legitimate objectives in strict compliance with the rights and freedoms of individuals.
organisms appointed a DPO
health authorisation requests examined
Anticipation & Innovation
In order to detect and analyze technologies or new uses that could have a significant on impact on privacy, the CNIL maintains a dedicated watch.
It contributes to the development of technological solutions that protect privacy by advising companies as early as possible in the process, with a view to privacy by design.
Investigations & sanctions
The control allows the CNIL to verify the compliance to the law.
It can impose on a data controller to regularize its processing (formal notice) or impose sanctions (fine, etc.).
investigations including 128 online, 143 on site, 43 document-based et 31 on hearings.
The CNIL supports the development of new technologies on a daily basis and takes part in the construction of a digital ethic.
Beyond raising awareness and sharing information on data protection culture, the CNIL has an advisory power, an onsite and offsite investigatory power as well as an administrative sanctioning power.
It has established and coordinates the network of Data Protection Officers.
The CNIL analyses the consequences of new technologies on citizens’ private life.
A bit of History
Back in the seventies, the French Government announced a plan designed to identify each citizen with a specific number and, using that unique identifier, to interconnect all government records.
This plan, known as SAFARI, led to great controversy in the public opinion. It underlined the dangers inherent to certain uses of information technology and aroused fears that the entire French population would soon be recorded in files. This fear led the Government to set up a commission mandated to recommend concrete measures intended to guarantee that any developments in information technology would remain respectful of privacy, individual rights and public liberties.
After broad debates and public consultation, this “Commission on Information Technology and Liberties” recommended that an independent oversight authority be set up. Such was the purpose of the January 6, 1978 Act creating the “Commission Nationale de l’Informatique et des Libertés” (CNIL).
2022 Annual report
Strengthening support for businesses and administrations, public information campaigns and digital education for young people, complaints and law enforcement, future European rules on data: in this new report, the CNIL reviews the highlights of 2022.
2022-2024 strategic plan
The CNIL is structuring its new 2022-2024 strategic plan around three key themes for a trusted digital society: promoting respect for rights, promoting the GDPR as an asset and targeting regulation for high-stake issues.