Accueil ANSSI & CNIL

ANSSI & CNIL

ANSSI

 

The National Agency for the Security of Information Systems (ANSSI) is the national authority charged with supporting and securing the development of digital technology. Under the authority of the Prime Minister’s office, its mission is threefold: to provide expertise and technical assistance in the protection of state systems, to assist Operators of Vital Importance (OVI), and, more broadly, to help raise French companies’ awareness of cyber security, while providing their expertise through numerous publications (references, methods, analysis, etc.)

 

By 2016 ANSSI had 500 agents and anticipated an ambitious recruitment plan. It handled more than 3000 reports, provided 14 500 hours of training and signed 43 publications.

 

ANSSI has been consulted or has been involved in the development of the cyber defense component of all major national texts, from the Military Programming Act to the National Digital Security Strategy of 2015, as well as the white papers on defense and national security in 2008 and 2013.

How ANSSI helps French companies

 

  • Expertise: For companies declared “Opérateurs d’Importance Vitale (OIV)”, Operators of Vital Importance, ANSSI offers its expertise and its support, both in prevention and in case of attack.

 

  • Information: For French companies, excluding Operators of Vital Importance, ANSSI is a privileged source of information which, through its numerous publications, offers a solid base of methods and references.

 

  • Connection: In 2017, ANSSI’s focus was on measures of assistance to victims of malicious cyber acts (Cybermalveillance.gouv.fr). It is a government led program devoted to awareness, prevention and support in the field of digital security, which French companies can solicit in order to declare malicious acts and be put into contact with service providers close to them having signed a morality commitment.

 

Contact

National Agency for the Security of Information Systems

General Secretariat for Defense and National Security
51, boulevard de La Tour-Maubourg
75700 Paris 07 SP

Tel: +33 (0) 1 71 75 84 05

+33 (0) 1 71 75 84 06

Web : http://www.ssi.gouv.fr/

https://www.cybermalveillance.gouv.fr/

Mail : communication@ssi.gouv.fr

 

__________________________

 

CNIL

 

The National Commission of Information Technology and Liberties (CNIL) is the national authority in charge of the protection of personal data. It was created in 1978 by the Information Technology and Freedom act with the status of independent administrative authority.

 

While its perimeter is not limited to Information Technology, Digital naturally occupies a prominent place in its activity.

 

Its action is twofold: on one hand, it accompanies companies to help them comply with legislation relating to the protection of personal data, and on the other, helps individuals to control their personal data and to exercise their rights.

 

Finally, as a regulator, it is required to investigate and sanction companies that do not comply with the regulations on the protection of personal data.

 

In the field of digital technology, the CNIL focuses particularly on lists and personal files (clients, prospects) and the nature of the information that it contains (in particular, contact details, comments, religious, political or sexual preferences). It ensures compliance with the regulations concerning the collection of this information (consent of the subject), the purpose of the processing and the preservation (or destruction …) of the files.

 

At the dawn of the entry into force of the European regulations on the protection of personal data (RGPD), the CNIL is particularly active on the action and awareness front, helping companies to better understand the new obligations introduced by the Regulations.

How CNIL helps French companies

 

  • Information and advice: The CNIL offers a large number of publications intended for companies, to help them comply with the legislation on the protection of personal data. Also, the CNIL provides a dedicated support hotline for companies.

 

  • Tools: The CNIL provides tools, awareness packs or self-assessment forms designed to help the company to structure its personal data protections operations (Data Protection Officer job descriptions, various forms …)

 

  • Labeling: The CNIL has the authority to label products or services (“procedures”) designed to protect personal data. A label of this type can be used as sales argument.

 

 

Contact

COMMISSION NATIONALE DE L’INFORMATIQUE ET DES LIBERTÉS

3 Place de Fontenoy – TSA 80715
75334 PARIS CEDEX 07

Tél : 01 53 73 22 22