Following the massive cyberattack suffered by ANTS, an association contacted the CNIL and sent two preliminary requests for compensation to the State, claiming 150,000 euros in compensation for the damage suffered.
The National Agency for Secure Titles (ANTS), responsible for issuing national identity cards, passports and even driving licenses for French people, experienced a major cyberattack. In total, tens of thousands of sensitive data were stolen in order to resell them on the dark web. For the association La Ligue des Libertés, the State is responsible and must compensate the people concerned.
One complaint and two prior requests for compensation
The association The League of Liberties filed this Thursday a complaint against the State with the National Commission for Information Technology and Liberties (CNIL), the Internet policeman. This young association which, according to its statements, campaigns for “ the general interest » also requests the State to paycompensation. The newspaper La Tribune was able to consult this complaint which mentions a “ compromise of users’ personal data ».
The association has more precisely filed two “ prior requests for compensation ” of ” 150,000 euros in compensation for damages “. The first is aimed at ANTS, a public administrative establishment (EPA) independent of the State, designated here “ in his capacity as data controller “. The second request targets the Ministry of the Interior, which oversees the ANTS, “ in its capacity as co-controller within the meaning of Article 26 of the Regulation (EU) and due to its failure to comply with Article 9 of the same regulation ».
Failure to comply with GDPR obligations
For Guilhem Carayon, founder of the League of Liberties and lawyer: “ The State’s failure to protect data and the breach of the GDPR (General Data Protection Regulation) are obvious. This is one of the largest data leaks within a State service on sovereign titles (passport, license, identity card) “. To justify these requests for compensation, Guilhem Carayon therefore mentions a state failure French which was unable to protect its citizens and relies on the GDPR, which provides that any material or moral damage linked to a data leak can give rise to compensation.
In the space of a few months, France has experienced a real wave of cyberattacks affecting organizations, businesses and public services. Among the victims, we include Parcoursup, National Education, Service-public.gouv.fr, the Services and Payment Agency (ASP), ANTS, as well as around ten sports federations. Furthermore, some of the perpetrators of these cyberattacks turn out to be very young people attracted by money and notoriety. For its part, France revealed a counterattack plan to deal with the situation. It now remains to be seen whether the demands for compensation from the association La Ligue des Libertés will be successful.
👉🏻 Follow tech news in real time: add 01net to your sources on Google, and subscribe to our WhatsApp channel.
Source :
The Tribune
