2018 marked a turning point in Europe for personal data, as the GDPR came into effect. For the CNIL, this has resulted in an increase in the workload. But both its staff and its budget are reinforced each year. For 2022, the authority will still have reinforcements.
The staff of the National Commission for Informatics and Freedoms (Cnil) will grow again next year. In a message posted on September 28 on Twitter and dedicated to the government’s data protection policy, the Minister of Transformation and Public Service, Amélie de Montchalin, announces the arrival of reinforcements for the independent administrative authority.
” Data protection is an essential issue of our sovereignty but also of trust. The Government will not make any concessions. Our strategy: develop digital transformation by protecting our sovereignty and the data of the French at all costs She says. In addition to the CNIL, the minister cites the sums committed to securing the IT of the administration and the cloud strategy of the State.
Amélie de Montchalin does not specify the number of positions that will be open. It is in fact in the presentation of the 2022 finance bill that the answer is given: there will be 25 hires at the Cnil by next year, ” in view of the growing importance of its missions relating to the protection of personal data “. This is a number comparable to previous staff increases.
Indeed, the CNIL benefited from 15 additional jobs for 2019, 10 for 2020 and 20 for 2021. These increases are not new: the workforce of the CNIL was already progressing before 2018 – they were for example 192 in 2015, 195 in 2016 and 198 in 2017 and 2018. But the fact is that the increases in power are more consequence since 2018, date of entry into application of the GDPR.
Keeping pace with GDPR
The General Data Protection Regulation (GDPR) is an important tipping point in Europe, as it is a completely new framework for organizing the collection and use of personal data. It confers new obligations on companies, and new rights on individuals, such as consent before any data collection, data portability or the protection of minors.
These 25 new positions will not be too many given the significant increase in its activities since the arrival of the GDPR. ” In 2020, as in 2019, the CNIL received around 14,000 complaints, an increase of 62.5% since the implementation of the GDPR “, We read in its activity report for 2020. The CNIL must also manage the increase in legal texts” due to digitization growing society “.
Today, the CNIL has a staff of 225 people from different specialties, including lawyers, sociologists and technical experts. It is also based on a budget of 21.5 million euros for 2021. This has grown since 2018, with the arrival of the GDPR. It was thus “only” 17.4 million euros that year.
It also has to manage unexpected events such as hacks (by nature unpredictable), but also the covid-19 pandemic which has had effects on public freedoms, with the arrival of new files (to identify people vaccinated, for example. example), applications (like TousAntiCovid) and procedures (like reminder notebooks, where you mark your contact details).
The year was also marked by the controversy over police drones (which a law will legalize), the condemnations noted by Google and Amazon on the way they manage cookies, the deployment of the health pass and certain developments in terms of facial recognition. And these are just a few examples. The year 2021, moreover, is far from over.