The National Commission for Informatics and Liberties (CNIL) continues its fight to enforce the general data protection regulation (GDPR). On December 28, the personal data gendarme fined the operator Free Mobile 300,000 euros, she said. in a press release published on Tuesday, January 4.
The CNIL had been alerted by several people to the lack of consideration by the company of Xavier Niel (individual shareholder of the World) their requests for rights of access to their personal data, as well as their requests for the right to object to receiving commercial prospecting messages.
Publicity of the decision
“An on-site check and an off-site check made it possible to identify shortcomings [à ces] rights, the obligation to protect data by design as well as data security (transmission of passwords in clear by e-mail) “, declares the CNIL in its press release.
In addition to the fine, the sanction also includes an additional dissuasive component, namely the publicity of this sanction – all CNIL sanctions are not public. This is justified by “The need to recall the importance of dealing with human rights requests and the security of user data”, recalled the gendarme of personal data in his press release. Free, for its part, considered that such an advertisement “Would be disproportionate in view of the shortcomings retained and the low number of complaints referred to [sept en tout], (…) [considérant] also that[’elle] would irreversibly damage its reputation “, can we read in the deliberation of the CNIL.