On 1 December 2022, the National Commission for Data Protection (Commission nationale pour la protection des données, CNPD) celebrated its 20th anniversary in the Maison du Savoir in Esch-Belval, in the presence of the Prime Minister, Minister of State, Mr Xavier Bettel, Minister for Home Affairs and Minister of Equality between Women and Men, Ms Taina Bofferding, Ms Andrea Jelinek, Chair of the European Data Protection Board (EDPB), and numerous representatives of the public administration.
In her speech, Ms Tine A. Larsen, Chair of the CNPD, recalled the key moments of the Commission, notably its creation by the 2002 Act and the transformation of its role with the entry into force of the General Data Protection Regulation (GDPR) in 2018. Ms Larsen also looked to the future: "Over the next decades, we will undoubtedly change, grow, transform and learn new lessons. But our core mission will remain the same: we will continue to protect your fundamental right to privacy as long as we exist." The speech was accompanied by a video recounting the history of the CNPD, available below. The Chair thanked the people who have endorsed the Commission over the past two decades, the government for its continued support, and the CNPD staff for their hard work.
The Prime Minister then took the floor. Mr Bettel highlighted the omnipresence of technology increasing at an exponential rate, as well as the growing importance of data protection. "The National Commission for Data Protection is the guardian of one of our most fundamental rights: the protection of our privacy," noted Mr Bettel. He referred to the challenges that rapid technological change poses for legislators and the need to combine innovation and data protection.
The Prime Minister's address was followed by a speech by Ms Jelinek. The Chair discussed the role of the EDPB and the supervisory authorities, as well as the impact of the GDPR on privacy and data protection in Europe and internationally. She also commented on the challenges ahead, including the integration of new digital market regulations, the clear division of competences between regulators, and effective cooperation within the European Union.
Prof. Dr. Jacques Folon, professor at ICHEC Brussels and the Rennes School of Business, held the final presentation of the event entitled "The GDPR, risk or opportunity for innovative organisations?” Dr. Folon explained the complexities of the General Data Protection Regulation in the era of "big data", especially for start-ups. He highlighted the challenge that the exponential progress of new technologies such as artificial intelligence or blockchain represents in terms of data protection. His presentation demonstrated why the GDPR, while an asset boosting consumer confidence, should not hamper innovation in Europe. Dr. Folon concluded by stressing the need to reconcile the GDPR with technological progress, and to continue to raise awareness of cybersecurity and personal data protection among entrepreneurs and the general public.
A few key figures
- 262 opinions issued on draft or proposed legislation or regulatory measures (since 2002)
- 7.127 written enquiries received by private and public actors (since 2002)
- 3.804 citizens' complaints received (since 2002)
- 1.471 data breach notifications received by organisations (since 2018)
- More than 42.000 data processing operations declared by companies or public bodies (between 2002 and 2018)
- 49 decisions taken as a result of investigations (in 2021)
- Administrative fines amounting to 746.319.500 € imposed (in 2021)
- 58 staff members in 6 departments: awareness, guidance, compliance, complaints, investigations and administration. In addition, the 4 Commissioners are assisted by the College Secretaries, the Data Protection Officer and the European and International Relations Officer.