Privacy & Information Security Law Blog

On November 6, 2009, the French Senate proposed a new draft law to reinforce the right to privacy in the digital age (“Proposition de loi visant à garantir le droit à la vie privée à l’heure du numérique”) (the “Draft Law”).  Following a Report on the same topic issued last spring, the Senate made concrete proposals with this Draft Law to amend the Data Protection Act.

The Draft Law requires that data controllers provide information on their data processing activities to their data subjects in a clear, specific and easily accessible manner.  The data subjects would be able to exercise their right of access more easily, including by email.  The Draft Law also distinguishes between the data subject’s right to object to the use of his/her personal data for commercial purposes and his/her right to delete his personal data after it has been processed.

The Draft Law also proposes an increase in the obligations of data controllers.  Organizations with more than fifty employees that either access or process the personal data are required to appoint a data protection officer.  In addition to his obligation to inform the data subjects about a data processing activity, a data controller would have to obtain a data subject’s consent to process data (including for the use of cookies), except if a legal exception applies.  Data controllers would also have to implement stronger security measures to preserve the security and confidentiality of personal data.  In particular, in case of a data security breach, a data controller would have to notify the French data protection authority (“CNIL”), which would then decide whether to inform the data subjects concerned by this breach.

Finally, passage of the law would increase the CNIL’s enforcement authority.  Fines imposed by the CNIL for violations of the law would be increased to a maximum €600,000 (instead of the current €300,000).  The CNIL’s decisions to sanction data controllers would be published more frequently.  The CNIL would further gain the right to produce written observations or to be heard in any civil, criminal or administrative court hearing.

This Draft Law will now be examined by a Committee of the Senate before it is discussed and submitted for a general vote.  Olivier Proust, an attorney in Hunton & Williams’ Brussels office and a member of the Paris Bar, was among the legal experts who were consulted by the Senate in the course of drafting the new law.  View the Draft Law in French.