Do you develop mobile apps? The CNIL guides you to respect the RGPD


Do you develop mobile apps? The CNIL guides you to respect the RGPD

  • Home page
  • Tech
  • You develop mobile apps? The CNIL guides you to respect the RGPD


On January 28, the CNIL publishes a practical guide on RGPD for developers. It contains sixteen fact sheets in order to move towards applications and websites that “respect the privacy of users”.

A coincidence of timing or finely calculated timing, it is on Data Protection Day, this Tuesday, January 28, that the National Commission for Information Technology and Civil Liberties (CNIL) announces the publication of a guide specially designed for developers to help them to be in the nails of the General Data Protection Regulations (RGPD).

Whether you’re designing applications for iOS and Android or you’re more of a web-based person, the guide is meant to be as universal as possible: are you working alone or in a team? Are you in a small structure or a large organization? Are you the leader of a project or a simple cog in complex machinery? It doesn’t matter: the guide remains general enough to address as many people as possible.

Do you develop mobile apps? The CNIL guides you to respect the RGPD

Developers need to consider good practices in DPM // Source: Jonathan Cutrer

Sixteen educational sheets

In all, the guide includes sixteen sheets (such as “identifying personal data”, “making an informed choice of its architecture”, “minimising the data collected”, “informing people” or “measuring the use of websites and applications”), accessible in a dedicated section of the CNIL website. It is also available on GitHub, to suggest modifications.

However, be careful not to rely exclusively on this guide: the CNIL warns that it is not “intended to meet all the requirements” in terms of regulations. Rather, it should be seen as a “first approach to the main principles of the RGPD“, a summary of “the various points of attention to be taken into account when deploying applications that respect the privacy of its users“.

Do you develop mobile apps? The CNIL guides you to respect the RGPD

The guide contains sixteen practical sheets, which may evolve over time thanks to feedback from computer specialists. // Source: Eric Bailey

A guide as a basis for work

The publication of this guide is welcome at a time when applications are being accused of not doing enough to protect mobile users. As an example, the Exodus Privacy association proposes an Android application that allows to visualize all the trackers that are embedded in the applications installed on the smartphone, and of which the individual is not necessarily aware.

In relatively large structures, however, the guide will be only a support, insofar as other obligations may come into play, in particular in relation to employers, such as the Data Protection Officer or the need to carry out an impact assessment where data processing operations are likely to place individuals at high risk.

  • Read : RGPD: CNIL warns that it will be less conciliatory from now on

The editors recommend