ABSTRACT
With its 1978 legislation, France was one of the first States to introduce provisions protecting individuals against risks caused by computer science to their private life. This chapter introduces the aspects of the sphere of application of the law, which can lead to problems arising in medical research. It then follows a discussion of the general concepts relating to data protection, focusing on some in particular, such as 'personal data', 'anonymization' and the 'purpose principle'. The chapter explores the rights and duties of the processors (data subjects who, for example, have a right to give their consent, or object to the processing), obligations of the controllers (in respect of procedures, the obligation to provide information, and the necessary precautions for the security of data). In French law, the notion of 'physical persons' only concerns living persons. The rights of physical persons cease to exist at the time of their death.
