French Association of Data Protection Officers
« Association Française des Correspondants à la Protection des Données à Caractère Personnel (AFCDP) »
Creation
The AFCDP was created in 2004, following passage of the French Data Protection Act of 6 August 2004 which created the position of Data Protection Correspondent (“CIL”) for public and private sector organizations.
“APPOINTING DATA PROTECTION OFFICER WAS THE RIGHT DECISION FOR US”
When it comes to personal data protection, the law alone is not enough. Greater added value, a differentiating factor, optimisation, compliance, corporate social responsibility, transparency, trust, ethics… there are many reasons behind the decision to appoint a Data Protection Officer with the CNIL. In this time of regulatory change and as risks connected with data processing grow, many french company leaders have chosen to appoint a Privacy Officer : ten of them share their story here.
Objectives
The main objectives of the AFCDP are to :
- promote discussion of DPO status and tasks, encourage dialogue between business and the public sector concerning any issue relevant to DPO status and tasks,
- participate in all initiatives at national, European and international levels, relevant to CIL status and tasks, and equivalent positions as defined in foreign regulations (AFCDP did established Sister Relationship with IAPP beginning of 2009),
- implement a service to alert members to technological, legal and managerial developments relevant to DPO status and tasks,
- inform citizens and organizations about the existence of the DPO and to raise their awareness of DPO status and tasks
- develop relationships with the French National Data Protection Commission (CNIL) and other European and French authorities that oversee the protection of personal data,
- draft documents relating to the purpose of the Association and to make recommendations and/or provide opinions to public authorities and data protection stakeholders,
- promote and develop relationships with universities and schools,
- encourage exchange among members in order to identify and promote best professional practices,
- defend the interests of the profession and function to the public sector.
The Association seeks to achieve its objectives through :
- conferences, seminars and other events,
- publications,
- drafting and disseminating template documents, memos, analysis…
- organizing discussion committees and work groups
- a website providing information on the Association’s activities and work, its approach, viewpoint and guidance
Organization
The Association is administered by a 15-member board of directors, elected from the membership at the Annual General Assembly.
All Board members serve four-year terms.
"The Evolving Data Privacy Officer Role in Europe : A More Harmonized Approach Is Emerging" - Paul-Olivier Gibert’s interview (Nymity, July 2011)
Membership
Number of members : over 2.500 (Dec 2017)
2018 membership fees are as follows :
- individuals : 100€
- organizations : 450€ (for five representatives)
- group : 1.200 € (for fifteen representatives)
Organizational members include : SFR (mobile phone operator), La Halde (antidiscrimination authority), IBM France, SNCF (French Railroad company), RATP (Paris Metro) FEVAD (remote selling association), AGF, AXA, Swisslife and MMA (insurance companies), numerous Chambers of Commerce and Industry, Compuware, French National Post, Randstad and Adecco (recruitment), BP France, BT France, Accor, Areva, Legrand, Bristol Myers Squibb, Paris City Council, Lyon City Council, Marseille Harbor, Olympique de Marseille, American Hospital of Paris, Bordeaux Hospital, Bull, Microsoft France, Michelin, General Electric, Groupe Casino, Carrefour, Alcatel-Lucent Bell Labs, CNRS, Euronext, Totota France Financement, EDF, Lilly France, Renault Trucks, Sanofi-Aventis, Technip, INRA, Curie Institute, etc.
Activities
Monthly meeting/lunches (by geographical region) : Paris, North, Lyon, Marseille, Strasbourg, Bordeaux, Rennes …
Once a year :
- A “University day” taking place in Paris
- A one day Conference “Assises des Correspondants Informatique et Libertés”
- A General Assembly
Working groups are currently dedicated to the following topics :
- Mission and role of the DPO
- Training
- Cybersurveillance
- The DPO Charter
- Referentials and Labels
- Investigation procedure of the French National Data Protection Commission
- DPO for groups of companies
- Annual report of the CIL
- CRM
- International topics
- Health and Social Issues
- Insurance
- Data Breach Notification
- Social Network compliance
Regular Newsletter (primarily French focus)
Website.
Our website aims to provide membership with practical information about DPO and data protection law
- summary of court cases
- list of theses
- list of publications
- useful linksA “University day” taking place in Paris
- A one day Conference “Assises des Correspondants Informatique et Libertés”
- A General Assembly
Partnership
AFCDP is one of the co-founder of CEDPO (Confederation of European Data Protection Organisations), with GDD (Germany), NGFG (Netherlands) and APEP (Spain).
Purposes of CEDPO
Initiating and maintaining communications with European institutions in order to
- promote the role of data protection officers , with the objective of speaking with one voice
- promote reasonable, practicable, balanced and effective data protection
- Exchange information between national associations on the general operations of a data protection associations
- Exchange of views between national associations on the role, status and resources of data protection officials
- Facilitate interaction between members of the national associations
AFCDP has strong partnership with
- ADPO (The Association of Data Protection Officers) of Ireland
- ARGE DATEN (Austrian Association of Privacy Professionals)
- SABI (Polish Association of Privacy Professionals)
- ASSO DPO (Italian Association of Privacy Professionals)
- GDD (German association of Privacy Professionnals)
- APEP ( Spanish association of Data Protection Officer)
- NGFG (Netherlands association of Data Protection Officer)
Relationship with CNIL (National Data Protection Authority)
- regular meetings between the Presidents of CNIL and AFCDP
- regular meetings between the CNIL Correspondants’ Office and AFCDP representatives
- CNIL President as keynote speaker at each AFCDP Annual Conference “Assises des Correspondants Informatique et Libertés“ or "Université des Correspondants Informatique et Libertés" (picture :Paul-Olivier Gibert, AFCDP President, and Isabelle Falque-Pierrotin, CNIL President, during 2012 Université AFCDP des Correspondants Informatique et Libertés").
Thanks to Pascale GELLY and Susan VAILLANT for this text.