Is the CNIL actually starting to do its job? Since the early 2000's they were doing literally nothing against the many crimes against users committed by big tech. In the past few years though they started to distribute fines when the law was obviously and willingly broken (eg. Google)... did they suddenly start to care for users? or do they care that they can fill the pockets of the government (who doesn't dare to tax those evil multinationals) while making it look like they care for users?
I mean CNIL does not exactly have a reputation of helping/protecting users... they more have a reputation of being a watchdog who sees no problem with government surveillance programs and does not react when you send them reports of illegal activities surrounding personal data. For their defense, their budgets and prerogatives have been cut so many times they probably couldn't investigate/fine anyone if they wanted to.
> I mean CNIL does not exactly have a reputation of helping/protecting users... they more have a reputation of being a watchdog who sees no problem with government surveillance programs and does not react when you send them reports of illegal activities surrounding personal data
> Every time I hear about them, they're either giving GDPR fines or signalling illegal government activity
Yes, now think about all the times we don't hear from/about them. It seems that they are doing more as time goes, but they have done little to stop dragnet surveillance, racial/religious/political profiling by the authorities, the deployment of CCTV all across France, (il)legal ⁽⁰⁾ obligations for ISPs to track their users, school restaurants requiring fingerprints to get a meal (yes that's a thing), public services using Google Analytics / Zoom / Microsoft / Doctolib, stingrays operated by police for political repression, and the list goes on and on...
In "digital freedom" (LQDN, FFDN, April, Framasoft, etc) the CNIL is (or at least used to be) rightly regarded as a joke when it comes to human/user freedom, despite having very noble goals. The fact that the press only talks about them when they're doing their job doesn't change that they've clearly failed their mission to protect civil rights in the computer era, despite very good and reasonable legal guidelines dating from 1978.
⁽⁰⁾ French data retention laws are illegal by european standards.
Not sure why you're being downvoted. People from such non-profits were key to european institutions developing a proper understanding of the problem space, which directly led to GDPR legislation.
If you're rich enough, be sure to donate some money to LQDN/EFF and others to protect human rights in the digital realm.
I mean CNIL does not exactly have a reputation of helping/protecting users... they more have a reputation of being a watchdog who sees no problem with government surveillance programs and does not react when you send them reports of illegal activities surrounding personal data. For their defense, their budgets and prerogatives have been cut so many times they probably couldn't investigate/fine anyone if they wanted to.