CNIL

CNIL’s Recommendations on GDPR Compliance for AI Systems

CNIL’s Recommendations on GDPR Compliance for AI Systems

AI, CNIL, DPA guidance, EU law, GDPR |

On 7 June 2024 CNIL released the English translation of its recommendations for applying GDPR to AI system development (published in April), addressing the misconception that GDPR hinders AI innovation. These guidelines – “AI how-to Sheets” 1 to 7 – emphasize responsible handling of personal data, essential for model training. Key aspects include defining a clear objective for AI systems, determining responsibilities, establishing a legal basis for data processing, ensuring lawful data reuse, minimizing data usage, setting data retention periods, and conducting Data Protection Impact Assessments (DPIAs).

CNIL’s Recommendations on GDPR Compliance for AI Systems Read More »

CNIL Updates Its Practice Guide for the Security of Personal Data

CNIL, cybersecurity |

🚀 CNIL’s 2024 update to the Guide on Security of Personal Data is out and here are some key points:

🎓 Aimed at DPOs, CISOs, computer scientists, and privacy lawyers, the guide provides actionable advice for implementing effective security measures in compliance with GDPR Article 32.
🛠️ It offers a structured approach across five key areas: users, IT and equipment, data control, incident preparedness, and and specialized topics, simplifying navigation and understanding of complex security requirements.
🔄 New factsheets on cloud computing, mobile apps, AI, APIs, and data management have been added, reflecting the latest advancements in technology and data security challenges, aiming to provide a comprehensive resource for implementing effective data security measures.

💡Deeper dive in the article! 🔐

CNIL Updates Its Practice Guide for the Security of Personal Data Read More »

Scroll to Top