CNIL Launches Public Consultation on Transparency and International Data Transfers under the GDPR
Time 2 Minute Read
Categories: European Union, International, Security Breach

On September 19, 2017, the French Data Protection Authority (“CNIL”) launched an online public consultation on two topics identified by the Article 29 Working Party (“Working Party”) in its 2017 action plan for the implementation of the EU General Data Protection Regulation (“GDPR”). These two topics are transparency and international data transfers.

This is the third online public consultation that the CNIL has launched on the GDPR. In June 2016, the CNIL launched a first public consultation on the right to data portability, the data protection officer, data protection impact assessments (“DPIAs”) and certification. In February 2017, the CNIL launched a second public consultation on the topics of consent, profiling and data breach notification.

The CNIL’s purpose for launching these consultations is to collect concrete questions regarding the GDPR, potential difficulties in interpreting the GDPR and examples of best practices. The responses are intended to inform the Working Party’s discussion regarding various GDPR topics. The Working Party will finalize its guidelines on DPIAs and issue new guidelines on the topics of certification, data breach notification, consent and profiling.

The new consultation will be open through October 19, 2017. On September 6, 2017, the Irish Data Protection Commission also launched a public consultation on the topics of transparency and international data transfers that will be running until October 13, 2017. These public consultations will be followed by a third “FabLab” organized by the Working Party in Brussels on October 18, 2017, in which relevant stakeholders will be invited to present their views on these two topics.

Tags: Article 29 Working Party, CNIL, Data Protection Authority, Data Transfer, GDPR, Ireland
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 2 Minute Read
Data Protection Authorities Globally Highlight Privacy Issues in AI Image Generation

On February 23, 2026, a Joint Statement on AI-Generated Imagery was published by 61 data protection authorities. The Joint Statement addresses concerns regarding AI systems capable of generating realistic images and videos depicting identifiable individuals without their knowledge or consent.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
China CAC Issues Guidance on CBDT Security Management

On January 30, 2026, the Cybersecurity Administration of China released a Q&A document on policies and regulations for the security management of cross-border data transfers. 

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 1 Minute Read
Brazil and the European Union Reach Agreement to Recognize Mutual Adequacy in Personal Data Protection

On January 26, 2026, the Brazilian data protection authority (“ANPD”) announced that Brazil and the European Union agreed to mutually recognize the adequacy of each other’s data protection networks.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
UK ICO Issues Updated Guidance on International Transfers

On January 15, 2026, the UK Information Commissioner’s Office published updated guidance on international transfers of personal data under the UK GDPR.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page