France's data protection authority, the Commission nationale de l'informatique et des libertés, opened a public consultation for ensuring multifactor authentication solutions comply with the EU General Data Protection Regulation. The CNIL's draft recommendation includes information for data controllers to understand the conditions under which MFA is necessary for either legal or security purposes and the underlying GDPR compliance principles for MFA. The consultation ends 31 May.
28 March 2024
CNIL opens public consultation for MFA under GDPR
Related stories
Notes from the Asia-Pacific region: OPC's biometric processing code is a major step
India's CCPA guidelines on dark patterns: Welcome signal, but law is still soft
Reforming the GDPR for tomorrow's technologies: Why Europe needs targeted GDPR reform
Notes from the IAPP Europe: EU digital rule book guidance, implementation support, data flow developments
Proportionality in personal data use and right to avoid unsolicited communications in Peru
