The CNIL released its inspection program for 2016 revealing sectors of focus

May 12, 2016

FPF Staff

In 2016, the CNIL plans to conduct between 400 and 450 inspections.

The total number of inspections will be divided in the following way:

25% of inspections will be related to the three themes set out in the CNIL’s 2016 annual program (detailed below)
20% will be based on complaints received by the CNIL
35% will be undertaken after formal notices or sanctions, at the CNIL’s initiative or related to news topics
The remaining 20% will aim to check video surveillance systems.

The themes for the 2016 annual program cover both public and private sectors and pertain to people’s daily lives in the international context.

The three themes of focus are:

Data brokers: defined as intermediaries between entities that collect personal data and entities that use such data for their economic activity. The CNIL highlights that profiling based on this data is increasingly accurate and relevant, and represents the major concern with respect to protecting privacy in the 21^st In this context, the CNIL will check that data brokers comply with EU privacy law, in particular, data accuracy, information given to people, consent, people right of access and right to object, as well as security principles.
SNIIRAM (Social Security Inter-regimes National Information System). This database comprises dozens of millions of files containing data such as age, gender, diagnosis, death date, city and county of residence, and treatments that were reimbursed. This data is “pseudonymized”. Inspections will aim to check the conformity of this data processing with French privacy law (Act n°78-17 of 6 January 1978 on information technology, data files and civil liberties) and the truthfulness of pseudonymization.
The API-PNR system (Advance Passenger Information-Passenger Name Record System): used notably to fight terrorism.

Additionally, the CNIL will keep on collaborating with its fellow European Data Protection Authorities regarding connected devices upon the fourth Internet Sweep Day.

You can read CNIL’s original post here.

Explore

Issues

authors

dates

Posts by FPF

Privacy Best Practices for Rideshare Drivers Using Dashcams

0125746e e60a 4bcb bc7e 31b33fa50a80 1 201 a

Future of Privacy Forum Launches its Asia-Pacific Office Led by Dr. Clarisse Girot

A New Era for Japanese Data Protection: 2020 Amendments to the APPI

The CNIL released its inspection program for 2016 revealing sectors of focus

Explore

OAIC’s Dual AI Guidelines Set New Standards for Privacy Protection in Australia

Insights from the Second Japan Privacy Symposium: Global Data Protection Authorities Discuss Their 2025 Priorities, from AI, to Cross-Regulatory Collaboration

Five Big Questions (and Zero Predictions) for the U.S. State Privacy Landscape in 2025

In a Landmark Judgment, The Inter-American Court of Human Rights Recognized an Autonomous Right to Informational Self-Determination

Brussels Privacy Symposium Report 2024

Technologist Roundtable: Key Issues in AI and Data Protection Post-Event Summary and Takeaways

FPF Launches New Privacy-Enhancing Technologies Repository

FPF Unveils Report on the Anatomy of State Comprehensive Privacy Law

The African Union’s Continental AI Strategy: Data Protection and Governance Laws Set to Play a Key Role in AI Regulation