France: Closed consultation on draft technical recommendation on the use of application programming interfaces (APIs)

On 1 November 2022, the Commission Nationale de l'Informatique et des Libertés (CNIL), the French Data Protection Authority, closed the public consultation on its draft guide with technical recommendations on the use of Application Programming Interfaces (APIs) for personal data sharing. The draft guide aims to identify the cases where the use of an API for the secure sharing of personal data or anonymised information is recommended and to disseminate some best practices for its implementation. In particular, the guide provides recommendations on the reasons and risks regarding the use of API for data sharing, as well as specific recommendations for data holders, API operators, and data re-users.