Four years after the entry into force of the GDPR, the CNIL publishes its strategic plan for 2022-2024. With this roadmap, the National Commission for Computing and Liberties intends to work on three axes: “promote respect for rights, promote the GDPR as an asset and target regulation on high-stakes subjects”.
Growing digitization of economic and social life
With this new strategic plan, the CNIL’s mission is to build a trusted digital society and to be “up to the new challenges brought about by the increasing digitization of society”. To introduce this new roadmap, the Commission returns to the implementation of the GDPR in 2018. The regulator considers that “most companies and public services have mobilized to meet the challenges of data protection in the face of a public that is increasingly familiar with the new regulatory framework and, above all, its rights”.
Ericsson CEO acknowledges that “bribes may have been paid to Daesh”
The CNIL makes the obvious observation of an increasing digitization of economic and social life. At the same time, there is the Covid-19 pandemic and the massive development of teleworking. In a few years, these elements have increased the risks for the privacy of French citizens. In this context, the CNIL considers that “Personal data is, more than ever, the leitmotif of our digital daily lives”. The Commission is convinced that the General Data Protection Regulation (GDPR) is essential for enforcing the rights of individuals and ensuring competitive equality between economic players.
In 2022, all technologies are based on the collection and intensive processing of data
To meet these challenges, the CNIL has adapted its strategic plan for 2022-2024. According to Marie-Laure Denis, president of the CNIL, “the implementation of this action plan should allow the CNIL to act in an agile way, alongside citizens, companies, associations and administrations, to build a digital society of trust”. The Commission’s roadmap revolves around three main axes:
- Promote control and respect for the rights of people in the field.
- Promote GDPR as a trusted asset for organizations.
- Prioritize targeted regulatory actions on subjects with high stakes for privacy.
The real challenge for the French regulator obviously concerns the collection and use of personal data. All of the technologies used are based on the collection and intensive processing of data. To meet this major challenge, and ensure that the privacy of French Internet users is protected, the CNIL will implement a global action plan on three priority themes. The Commission also plans to strengthen its support offer by facilitating understanding of the legal framework and “by developing compliance tools and helping to guard against cyber risks”.