On Feb. 23, FR CNIL updated on new processes for data protection.
- Cited imminent entry into force of the European Data Protection Regulation (GDPR).
- Implement new compliance tool, certification, and gradually ending labeling activity.
Background
- European Regulation and draft law currently under discussion invite data protection authorities to develop protection certification mechanisms to assist data controllers.
- Certifications will be issued by certifying bodies approved by the CNIL or (COFRAC).
- CNIL will also be responsible for drafting or approving certification standards, that will then be used by certifiers, as well as, if applicable, the accreditation standards.
- Given this European orientation, and in order to focus efforts and resources on the implementation of this new system, the CNIL will gradually cease labeling activity.
End Current Labels
- To no longer issue new label after May 25, those issued prior remain valid to expiry.
- Will no longer be able to process applications for labeling received as of March 30.