France's data protection authority, the Commission nationale de l'informatique et des libertés, opened a public consultation for ensuring multifactor authentication solutions comply with the EU General Data Protection Regulation. The CNIL's draft recommendation includes information for data controllers to understand the conditions under which MFA is necessary for either legal or security purposes and the underlying GDPR compliance principles for MFA. The consultation ends 31 May.
28 March 2024
CNIL opens public consultation for MFA under GDPR
Related stories
A view from DC: Double toil and trouble in Connecticut’s privacy amendment
Notes from the IAPP Canada: Taking meaningful steps to protect children online
US lawmakers find bipartisanship in opposition to UK's order on Apple encryption back door
A view from Brussels: Where does Brussels stand on sovereignty?
DAA's Self-Regulatory Principles undergoing review with eye toward leveraging IBA data with AI