On March 19, 2013, the French Data Protection Authority (Commission nationale de l’informatique et des libertés) (CNIL) disclosed its annual inspection program, providing an overview of its inspections on data controllers in 2012, and a list of inspections it plans to execute in 2013. Some of the inspections from 2012 led to warnings, formal notices or sanctions.

The overview noted that the CNIL will intensify international cooperation by increasing its inspection and investigative powers in 2013.

Specifically, the CNIL announced it will perform approximately 400 on-site inspections. Among these, the CNIL intends to perform:

  • Approximately 100 inspections concerning video surveillance and video protection (CCTV);
  • Approximately 300 inspections concerning:
    • processing of personal data by market research institutes;
    • processing of personal data in the context of free Internet access services;
    • processing of personal data by French local authorities concerning individuals’ social difficulties;
    • processing of personal data concerning prisoners; and
    • data processing activity performed by the French police services.
  • Details contained in the overview from the 2012 CNIL investigative program included:
    • 173 inspections concerning CCTV, and
    • 285 inspections concerning other data processing.