Controls made it possible to note “several breaches”, in particular concerning “requests for access” and “erasure” of the “personal data” of the users explained the CNIL.
MO12345lemonde with AFP
The National Commission for Data Protection (CNIL) sanctioned Thursday 8 December the free telephone operator of a fine of 300,000 euros for not having respected “the rights of people” and “security Data “of its users.
Controls made it possible to note “several breaches”, in particular concerning “requests for access” and “erasure” of the “personal data” of the users explained the CNIL, entry of several complaints.
She quotes examples of “low robustness” of passwords, “storage and clear transmission” of passwords, or even the “return into circulation” of approximately 4,100 freebox “badly reconditioned” boxes. The CNIL enjoins Free to “comply with the management of the right of access to people” under a “period of three months”, under threat of a “500 euros per day of late” penalty.
The announcement of this significant fine of 300,000 euros, which takes into account “the size and financial situation of the company”, is justified by “the need to recall the importance of processing law applications And to secure user data, “insisted the Commission. In January, the subsidiary of the Iliad group had already been sanctioned by the CNIL of a fine of the same amount for similar reasons.