Florence Raynal

Head of International and European Services
Commission Nationale de l’Informatique et des Libertés (CNIL)

Florence Raynal has a master’s degree in private law from Paris Assas Pantheon Sorbonne University and a post-graduate diploma in IT law.

Raynal began her career in the law firm Donahue& Partners LLP in New York for three years, participating in international projects on privacy and labour laws. She then returned to France within the Ernst & Young law firm for four years, where she advised on privacy as a senior manager both at a national and a European level. She was internally appointed data protection officer (correspondant informatique et libertés) of Ernst & Young France and coordinated privacy compliance within the 26 countries of the continental western European area of Ernst & Young.

Raynal started at the CNIL in late 2007 and was appointed head of the International and European Affairs Department in 2008. She assisted President Alex Türk in his presidency of the WP29 until 2010, dealing with the EU Commission and the management of the WP29’s plenary and external representation. She has also been assisting the CNIL’s commissioner in charge of international affairs in participating in all the work developed at the WP29.

Making binding corporate rules successful was one of the challenges assigned to Raynal. She then developed European referential adopted by the WP29, promoted them to the business (e.g.  the “BCR Club”), instructed BCR cases and coordinated the work of the European data protection authorities at the WP29 level on that subject.

More generally, the international department also ensures that the CNIL is well represented in all international fora dealing with privacy, is aware of international key privacy activities and collaborates with its counterparts globally.

Finally, in leading the international department, Raynal naturally deals with all reforms on international regulations including the on-going revision of the EU directive, and the modernisation of the Convention 108 and the OECD privacy guidelines, and she also follows the development of new approaches, such as the APEC cross-border privacy rules and the work of the International Conference of Privacy Commissioners.