What Are The CNIL Cookie Guidelines?
Commission Nationale Informatique & Libertés is the French data protection agency. What is CNIL? How to deal with it? Learn about it here!
What Is CNIL?
CNIL stands for Commission Nationale de l’informatique et des Libertés, which is the French national data protection authority. CNIL France was created by the French Data Protection Act of 6 January 1978 as an independent administrative authority responsible for ensuring the protection of personal data in computer files and processing operations, both public and private.
They have the power to enforce the data protection laws in France, which means they enforce:
- French Data Protection Act
- ePrivacy Directive
They receive complaints about non-compliance of businesses and may issue fines in the case of violations of the laws.
Aside from that, the CNIL published guidelines regarding certain data protection questions in order to clarify the subject matter and help businesses comply easily. The cookie guidelines are one of those documents.
Why Was CNIL Founded?
CNIL was created as a response to public protests against the SAFARI program which was a plan designed by the French government to identify each French citizen with a specific number and, using that unique identifier, to interconnect all government records. This program created fears on the part of the public that the entire French population would soon be recorded in files. This led to the creation of CNIL in order to ensure that any developments in information technology would remain respectful of privacy, individual rights and public liberties.
To Whom Do CNIL Cookie Guidelines Apply To?
CNIL cookie guidelines apply to you if your business:
- Is based in France and french territories overseas
- Collects and/or processes personal data of citizens and residents of France and french territories overseas
Basically, these are the same applicability principles as in the GDPR.
What’s The CNIL Stance On Cookie Walls?
Similar to the EDPB, CNIL also forbids cookie walls.
Cookie walls are mechanisms denying users access to the website content without accepting the cookies and other tracking technologies. When presented with a cookie wall, the user has the choice between accepting the cookies and leaving the website.
Obtaining consent that way is not free. It is conditional, and therefore, is not valid.
How To Comply With The CNIL Cookie Guidelines?
Using a cookie consent management solution is a good practice that brings peace of mind.
What’s The Commencement Of The Enforcement Of CNIL Cookie Guidelines?
You have to comply with these guidelines starting from March 2021. That’s the end of the transition period allowed by the CNIL.
After that, the agency will start with corrective measures. According to the plans announced, they could issue fines for serious infringements of the guidelines.
How Secure Privacy Helps Businesses Comply With CNIL’s Cookie Guidelines
Secure Privacy comes packed with enterprise-level features that help you fully comply with CNIL’s cookie guidelines and the GDPR overall.
The main features are;
- Advanced ongoing website scanning which allows you to know all types of cookies you have on your website
- highly customizable and stylish cookie consent banners with a universal preference center for users to opt-in and opt-out of the cookies and other tracking technologies
- Unique cross-domain consent capability that allows your users to manage their cookie preferences across different domains in a single step
- Over 70 languages supported
- Logs and consents tracking in real-time to ensure you maintain records of the consent you receive from users in case it is requested by CNIL
- A future-proof GDPR compliance solution that also helps you comply with CCPA in California and LGPD in Brazil.
Alternatively, you can sign up for your free trial of our complete GDPR compliance solution.
Want to try
Get your free cookie banner up and running today!
6 updates You Need to Know about LGPD in 2022
There have been updates regarding the LGPD. Learn what is new on the Brazilian Data Protection Law here.
How to Track Website Visitors Based on Your Legitimate Interests
Legitimate interests are one of the most widely misunderstood concepts in data protection. Many businesses rely on them to process users' data, but often they do it unlawfully and violate the GDPR or another applicable data privacy law.
How to Track Your Website Visitors Without Breaking the Law
Website tracking is not illegal per se. It depends on where you do your business and how tracking is regulated there. Read all about website tracking here.