Commission nationale de l'informatique et des libertés
The Commission nationale de l'informatique et des libertés (CNIL, French pronunciation:
History
The CNIL was created partially in response to public outrage against the
At the beginning of 1980, when the CNIL began its main activities, news anchorman Patrick Poivre d'Arvor announced that the CNIL had registered 125,000 files.[1] By the end of 1980, Poivre d'Arvor counted 250,000 files (public and private).[1]
Composition and independence
The CNIL is composed of seventeen members from various government entities, four of whom are members of the French parliament (
The CNIL's status as an administrative regulatory body gives it total independence to choose its course of action. However, its power is limited and defined by law. The CNIL is financed by the budget of the French Republic.
Presidents of the CNIL | Began | Ended |
---|---|---|
Pierre Bellet | 5 December 1978 | 27 November 1979 |
Jacques Thyraud | 1979 | 1983 |
Jean Rosenwald | 1983 | June 1984 |
Jacques Fauvet | 14 June 1984 | 1999 |
Michel Gentot | 3 February 1999 | 7 January 2004 |
Alex Türk | 3 February 2004 | 21 September 2011 |
Isabelle Falque-Pierrotin | 21 September 2011 | 2 February 2019 |
Marie-Laure Denis | 2 February 2019 |
Power
The CNIL registers the setup of information systems that process personal data on French territories. By September 2004, more than 800,000 declarations of such systems had been made. Additionally, CNIL checks the law to be applied in this domain as well as in about 50 annual 'control missions'. CNIL can warn organisations or people who are found to be non-compliant with the law, and also report them to the Parquet.
- 300 nominal information systems registered daily.
- 8,000 phone calls handled each month.
- 4,000 claims or requests for information received each year.
Regulation
The main principles for regulation of personal data processing are as follows (non-exhaustive list):
- all illegal means of data collection are forbidden;
- the purpose of the data files must be explicitly stated;
- people registered in files must be informed of their rights, for example, for rectification and deletion of data on demand;
- finally, no decision about an individual can be decided by a computer.
The archival of sensitive information can result in a five-year prison term and a €300,000 fine.
European and international contexts
Germany in 1971, Sweden in 1973, and France in 1978 were the first three States to vote for a "Computers and Liberty" law; these work with an independent control authority.
International, economic, and political structures have been created or assigned to apply CNIL directives. Amongst these are the
Criticisms
The CNIL is the target of various criticisms, alleging its lack of action and tendency to support governmental legislation, forgetting its original aims of protecting data privacy and citizens' rights.
The CNIL has been criticized for attempting to enforce right to be forgotten rulings on search results globally. In 2016, Google appealed a CNIL right to be forgotten ruling on the grounds that it could set a precedent for abuse by "less open and democratic" governments.[4]
See also
- French national identity card
- General Data Protection Regulation
- Regulatory Authority for Audiovisual and Digital Communication
Notes and references
- ^ Rue 89, 6 January 2008 (in French)
- ^ Thiébaut Devergranne, L'invariable bienséance de la CNIL
- Rue 89, 17 September 2007 (in French)
- ^ "Google fights French 'right to be forgotten' order". BBC News. 19 May 2016. Archived from the original on 21 May 2016. Retrieved 22 May 2016.
External links
- Official website
- La CNIL Detailed analysis of each of the CNIL's powers (in French)