CNIL inquiry into contact tracing app closed

In June 2020, the French data protection authority, CNIL undertook a review of the StopCovid app to establish whether the app is in accordance with data processing and privacy regulations. CNIL noted several breaches of the provisions of the GDPR and of the French Data Protection Act, such as lack of information provided to users on the recipients of their data, the right to refuse data processing operations, as well as incomplete data protection analysis on processing of data collected by the app. Breaches were corrected by the French Ministry of Solidarity and Health and the StopCovid app was declared compliant with French data protection regulations.