The mission of the CCIN is to safeguard the fundamental rights and freedom of all persons in a particular domain: The use of personal data.

The commission shall ensure that any data processing operations that are accomplished do not infringe upon a person’s privacy, freedom of movement, freedom of conscience, and so on.

In this context, the commission functions:

A mission of registration and examination of cases

As such, the commission:

• Receives the declaration of processing by natural or legal persons governed by private law;
• Investigates and advises where automated processing of personal data is to be carried out by data controllers, legal persons governed by public law, public authorities, entities governed by private law with a duty of general public interest or public service concession holders included on a list established by Ministerial Order;
• Expresses a reasoned opinion concerning the automated processing of personal data for the purposes of research in the field of health;
• Authorises the implementation of data processing relating to suspected unlawful activities, offences or security measures; or including biometric data required to check a person's identity, or for the purpose of surveillance and who pursue legitimate interests;
• Authorises the transfer of personal data to a country or organisations that does not have an adequate level of data protection;
• Monitors and examines complaints and petitions addressed to the commission to which they were entrusted.

A mission of council and proposal

• Proposes to the competent authorities general measures to ensure the control and the protection of data processing;
• Proposes to the competent authorities measures strictly applicable to exceptional circumstances, including those related to the destruction of data-carrying media;
• Makes recommendations;
• Informs the data subjects of their rights and obligations by responding to their questions about data protection;
• Establishes and publishes public reports;
• Publishes an annual report of its activities.

The CCIN is consulted by the Minister of State during the elaboration of legislative and statutory regulations related to the protection of personal data.

A mission of control and investigation

As such, the commission:

• Issues warnings;
• Addresses formal notices (summons);
• Denounces to the Attorney General facts establishing an offence;
• Verifies on site or verifies the documents that describe the automated data processing;
• Carries out remote monitoring from an online public communication service;
• Refers to the Minister of State when irregularities (illegalities) are observed against natural or legal entities governed by public law;
• In the event that the formal notices were unsuccessful, refers to the President of the court of the first instance of the jurisdiction.

As well as these legal missions, the CCIN must, in application of the Convention 108, cooperate with the controlling authorities of data protection of States belonging to these authorities.