The CNIL’s Missions

28 December 2015

Information & Rights protection

The CNIL responds to requests from individuals and professionals. It carries out actions of communication with the general public and professionals, whether through its networks, the press, its website, its presence on social networks or by providing educational tools.

Any person may contact the CNIL in the event of difficulty in exercising their rights.

126 574
calls received
18 462
requests by electronic means
11
million visits on CNIL's websites
12 193
complaints including

 

Compliance support & Guidance

In order to help private and public organizations to comply with the RGPD, the CNIL offers a complete toolbox adapted to their size and needs.

The CNIL ensures that they find solutions that allow them to pursue their legitimate objectives in strict compliance with the rights and freedoms of individuals.

89 841
organisms appointed a DPO
31 757
DPO appointed
17
parliamentary hearings
453
health authorisation requests examined

Anticipation & Innovation

In order to detect and analyze technologies or new uses that could have a significant on impact on privacy, the CNIL maintains a dedicated watch.

It contributes to the development of technological solutions that protect privacy by advising companies as early as possible in the process, with a view to privacy by design.

 

 

Investigations & sanctions

The control allows the CNIL to verify the compliance to the law.

It can impose on a data controller to regularize its processing (formal notice) or impose sanctions (fine, etc.).

345
investigations including 128 online, 143 on site, 43 document-based et 31 on hearings.

The CNIL supports the development of new technologies on a daily basis and takes part in the construction of a digital ethic.

Beyond raising awareness and sharing information on data protection culture, the CNIL has an advisory power, an onsite and offsite investigatory power as well as an administrative sanctioning power.

It has established and coordinates the network of Data Protection Officers.

The CNIL analyses the consequences of new technologies on citizens’ private life.

Finally, it collaborates closely with its European and international counterparts.

A bit of History

Back in the seventies, the French Government announced a plan designed to identify each citizen with a specific number and, using that unique identifier, to interconnect all government records.

This plan, known as SAFARI, led to great controversy in the public opinion. It underlined the dangers inherent to certain uses of information technology and aroused fears that the entire French population would soon be recorded in files. This fear led the Government to set up a commission mandated to recommend concrete measures intended to guarantee that any developments in information technology would remain respectful of privacy, individual rights and public liberties.

After broad debates and public consultation, this “Commission on Information Technology and Liberties” recommended that an independent oversight authority be set up. Such was the purpose of the January 6, 1978 Act creating the “Commission Nationale de l’Informatique et des Libertés” (CNIL).

2022 Annual report

Strengthening support for businesses and administrations, public information campaigns and digital education for young people, complaints and law enforcement, future European rules on data: in this new report, the CNIL reviews the highlights of 2022.

Download the report

2022-2024 strategic plan

The CNIL is structuring its new 2022-2024 strategic plan around three key themes for a trusted digital society: promoting respect for rights, promoting the GDPR as an asset and targeting regulation for high-stake issues.

Download the strategic plan