France: Adopted CNIL guidelines on development of AI systems and the creation of datasets involving personal data

On 7 June 2024, the National Commission on Informatics and Liberty (CNIL) adopted guidelines on the development of ai systems and the creation of datasets involving personal data. The guidelines aim to offer information and recommendations for the development of AI systems and the creation of datasets involving personal data, focusing specifically on the development phase and not the deployment phase. These guidelines are intended for professionals with legal and technical backgrounds, such as data protection officers and AI practitioners, and are limited to data processing under the General Data Protection Regulation (GDPR). The guidelines outline GDPR obligations, provide recommendations to ensure compliance, and suggest best practices.