Key Benefits:
National Computer and Liberties Commission,
Entering the Ministry of Economy and Finance of a Request for Advice Relating to a draft decree authorising automatic processing of personal data known as ' Access control and biometric system " ;
In view of Convention 108 of the Council of Europe for the protection of persons with regard to the automatic processing of personal data;
In view of Directive 95 /46/EC of the European Parliament and of the Council of 24 October 1995 on The protection of natural persons with regard to the processing of personal data and the free movement of such data;
Given the Defence, including articles R. 1143-1 to R. 1143-8;
Seen Criminal Code, including articles 413-7 and R. 413-1 to R. 413-5;
Seen Law No. 78-17 of 6 January 1978 amended relating to computers, files and freedoms, including articles 27-I (2 °);
Seen Order No. 2005-1309 of October 20, 2005 , as amended Assumed for application of Law n ° 78-17 of 6 January 1978 relating to computers, files and freedoms;
In view of the decree of 30 November 2011 approving the general instruction 1300 on the protection of the secrecy of national defence;
After hearing Mr Emmanuel de GIVRY, Commissioner, in his report, and Mr Jean-Alexandre SILVY, Commissioner of the Government, in his observations,
Emet the opinion Following:
The National Commission on Information Technology (CNIL) has been seized for an opinion by the Ministry of Economy and Finance of a draft decree authorising automatic processing of personal data known as " Access control and biometric system ".
This automated data processing is intended to control access to the premises of the Ministry of Economy and Finance's High Defence and Security Officer (HFDS) by authentication of the 60 Persons authorised to enter the service, through the recognition of two of their fingerprints.
In accordance with Article 27-1 (2 °) of the law of 6 January 1978 amended, this treatment is authorised by decree in the Council of State, taken after Reasoned and published opinion of the CNIL.
On the purpose of processing:
The HFDS office of the Ministry of Economy and Finance is home to many documents benefiting from the protection of national defence secrets. They are a " Protected area " For the purposes ofArticle 413-7 of the Penal Code.
The purpose of controlling access to the premises of HFDS identified in Article 1 The draft order effectively responds to a " Need for protection [...] determined by the Minister who is responsible for the facilities, equipment or research, studies, secret fabrications he or she designates." (Article R. 413-2 of the Penal Code).
The purpose identified in Article 1 of the draft decree does not call for any Observation of the committee. However, paragraph 2 could usefully clarify that the treatment implemented consists of one " Access control [...] by authentication of authorised agents ".
The Commission considers that the purpose thus defined is determined, explicit and legitimate.
On the nature of the data processed:
As regards Article 2 of the draft The Commission notes that an electronic component does not constitute a category of data. That is why it recommends that the draft decree only mention " The fingerprint of a finger on each hand ".
The Committee notes that there are no provisions on the existence of a backup device (used in the event of a biometric or system drive failure). And, on the other hand, the processing of visitor information.
It recommends that sections 2 and 3 of the proposed Order be completed on these points.
On the Data retention period:
With regard to Article 3 of the draft decree, the committee proposes that the department should delete the word " "And information", which is redundant with the reference " Data ".
It requires that" At the end of agent functions " Be replaced by " The permanent or temporary cessation of the duties of the agent ". In fact, the resignation, dismissal or retirement of the agents is not the only possible situation. These could also concern secondments or long-term sick leave of the staff, by definition.
It notes that there is no specific provision for the duration of retention of the elements relating to the movements of the People. It recalls that the traditionally recommended shelf life is less than three months.
On the information of persons:
Paragraph 4 of Article 73 of the inter-ministerial general education No 1300 on the protection of Secret of national defence approved by the Prime Minister's decree of 30 November 2011 states: " Prohibition of access measures are taken by the responsible authority. All access must be continuously monitored so that any penetration within a protected area cannot be carried out by ignorance. To this end, signs are arranged in sufficient numbers at appropriate places. "
The Commission therefore considers that there is a general duty to inform the public about the ban on access to the premises of HFDS
That, in accordance with Section 32 of the amended Act of January 6, 1978, information will be given to each officer at the time of enrolment in the processing of personal data implemented by the
. The absence of a provision on the information of the agents concerned in the Draft decree, it advocates the insertion of an article on the right to information of persons on the qualification of the premises of HFDS in a protected area and on the rights of the agents authorised to access it through the use of a device Biometric.
On the rights of access, rectification and opposition of persons:
Article 6 of the draft decree, taken pursuant to Articles 39 and 40 of the amended Act of 6 January 1978, and Article 7, taken pursuant to Article 38, paragraph 3, of the aforementioned Law, does not call for any observations of the
. On data security and the traceability of stocks:
As regards the provisions of Article 1, the Committee notes that the HFDS service does not have any elements concerning the reliability of the biometric device. However, the reliability of this device is ensured by the factory adjustments made by the manufacturer and can be modified by the device installer.
In addition, the biometric device does not incorporate anti-fraud measures. However, the operation of this device shall take place simultaneously with the video surveillance device set up. Thus, these two independent devices may be considered complementary.
As regards the provisions of Article 2, the fingerprint templates will be encrypted and stored only on the agent's access badge. No data will be extracted from the treatment or used by the HFDS service. In the event of loss or destruction of the access badge, a new access card will be issued to the agent and a new enrolment will be made.
With regard to the provisions of Article 4, the implementation of the device will be carried out by the official Service Informatics and the Internal Security Officer. These people will be trained by the installer in the management of enrolment, data processing and their erasure. Only these two people will be able to take fingerprints during enrolment and access control processing.
The Commission notes that access logging will be in place. The traceability of the input movements will be kept in memory for a three-month rolling period. This data will be stored on a computer dedicated to this use.
As regards the provisions of Article 5, the Committee notes that there is no logging of the administrative tasks of the device. This absence is nevertheless acceptable in so far as only the IT manager of the service and the internal security officer can carry out these tasks.
Accordingly, in the light of all these elements, the Committee considers that The measures adopted by the controller are such as to ensure the safety of the treatment and the protection of the fundamental rights of persons.
However, the treatment could usefully provide for:
-Contractual information for change by the appliance reliability installer;
-administrative task logging.
The President,
I. Falque-Pierrotin
