Ministry of the Interior – Violation Found (France, 2021)

The FAED (‘ficher automatisé des empreintes digitales') is a database managed by the French police. It consists of digital copies of fingerprints belonging to people against whom criminal cases were brought and ‘traces’ of fingerprints collected at crime scenes. It allows law enforcement officers to link a person to several identities or aliases and to link that person to previous proceedings in which his or her prints have been taken. In December 2018 the CNIL launched a monitoring procedure against the Ministry of the Interior with the view of assessing its compliance with national data protection legislation in regards to the management of the FAED. At the time, the database contained nearly 6,300,000 digital fingerprints belonging to identified persons suspected or convicted of having committed an offence, as well as 240,000 unidentified traces. In April 2021, the CNIL concluded its investigation and sent the Ministry of the Interior a report detailing various breaches. The CNIL issued an injunction against the Ministry of the Interior, ordering it to bring the processing operations in question into line with the obligations resulting from Articles 4, 89, 97, 99 and 104 of the Loi Informatique et Liberté. In particular, it identified five key breaches to remedy: On the failure to identify the lawfulness of the processing - article 89 The Ministry of the Interior unlawfully processed certain categories of data, such as the names of victims and the license plate number of vehicles. It also kept a physical file containing over 7,000,000 'signage sheets' without a legal basis. On the failure to comply with the data retention period - article 4 The law provided for a 15 year limit on retaining the information in the database. Over 2 million files were kept beyond this retention period. This data should have been progressively deleted from the entry into force of relevant national law in 2017. On the failure to provide accurate data - article 97 The Ministry of