France's data protection authority, the Commission nationale de l'informatique et des libertés, addressed EU General Data Protection Regulation economic impact studies conducted five years after its implementation, noting they insufficiently capture benefits for businesses and "welfare gains for individuals." The CNIL said the studies confirm regulator's advice strategy and affirm the importance of privacy as a public good.