The French Data Protection Authority CNIL has issued a new framework to enhance and coordinate global data protection.

The strategy clarifies the regulator’s position to stakeholders globally. It says it wants to strengthen its role in joint operations as a lead or concerning authority by playing “an active role ensuring the protection of personal data in France, Europe and the rest of the world.” It also provides guidance to key issues at both European and international level.

The new strategy, called European and international strategy 2025-2028, sits outside the authority’s strategic plan 2025-2028, and has taken direction from the European Data Protection Board when setting out its key pillars of priorities. During the upcoming three years, CNIL will focus on:

• streamlining European cooperation;
• promoting high international standards of data protection while still supporting innovation and data flow; and
• consolidating the authority’s European and international influence to support a model which both embraces innovation as well as protecting individuals.

CNIL says it wants to “spread the European personal data protection model through the international fora and bodies in which it participates,” and that its values could therefore  “inspire the personal data protection international standards.”

The authority is already collaborating with other international intergovernmental bodies, and is a member of international data protection authorities’ networks including the Global Privacy Assembly, the French-speaking Association of Personal Data Protection Authorities, and the Group of 7 round table of data protection authorities.

It says it must continue this work yet also look into engaging with other bodies such as the Global CrossBorder Privacy Rules Forum, the Association of Southeast Asian Nations, the Asia-Pacific Economic Cooperation, and the Ibero-American Data Protection Network.