CNIL: Updated GDPR Developer Guide

https://github.com/LINCnil/Guide-RGPD-du-developpeur

What are the new features of this second version?
This major revision of the guide incorporates new files as well as snippets of code to illustrate in a practical way certain requirements of the GDPR.

This content relates in particular to the application of rules on the use of cookies and other online tracers and on audience measurement solutions . This second version also draws up a non-exhaustive list of vulnerabilities that have led to data breaches notified to the CNIL and presents examples of measures that would have made it possible to avoid them.

In total, the guide now includes 18 thematic sheets that cover most of the developers’ needs to support them at each stage of their project:

Develop in compliance with the GDPR
Identify personal data
Prepare for your development
Secure your development environment
Manage your source code
Make an informed choice of your architecture
Secure your websites, applications and servers
Minimize the data collected
Manage user profiles
Master your libraries and SDKs
Ensure the quality of your code and its documentation
Test your applications
Inform people
Prepare for the exercise of personal rights
Manage the retention period of data
Take into account the legal bases in the technical implementation
(New sheet) Analyze tracking practices on your sites and applications
Measure website and application traffic
(New file) Guarding against computer attacks

These sheets are not intended to meet all the requirements of the regulations nor to be prescriptive. However, they provide a reflection on the GDPR requirements to keep in mind when developing projects.