France: Data Protection Authority adopted recommendations on legitimate interest for Artificial Intelligence system development

Data Protection Authority adopted recommendations on legitimate interest for Artificial Intelligence system development

On 19 June 2025, the French Data Protection Authority (CNIL) adopted guidance on using legitimate interest as a legal basis for developing Artificial Intelligence (AI) systems under the General Data Protection Regulation. The guidance applies to pri…

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

ML and AI development

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2025-06-19

adopted

On 19 June 2025, the French Data Protection Authority (CNIL) adopted guidance on using legitimate i…

Description

Data Protection Authority adopted recommendations on legitimate interest for Artificial Intelligence system development

Scope

Complete timeline of this policy change