CNIL Publication, May 11, 2026
The rise of connected glasses marks a new step in the spread of so-called “wearable computing” technologies. These devices involve a near-permanent interaction between the user, their environment, and artificial intelligence systems capable of analyzing sound, images, and video in real time.
In early 2026, the French Data Protection Authority (the “CNIL”) conducted a survey of a representative sample of the French population. The results highlight marked distrust toward these devices: 67% of respondents consider that connected glasses pose a risk to privacy.
Against this backdrop, the authority is raising the alarm on the privacy issues raised by these technologies and is announcing the launch of a dedicated action plan.
What concerns the CNIL
The CNIL emphasizes a key feature of these devices: their ability to capture personal data discreetly, even almost invisibly to bystanders. Unlike a smartphone, whose use for filming or recording remains relatively identifiable, connected glasses can record continuously what their wearer is looking at without the people nearby necessarily being aware of it.
In this regard, the authority notes that the mechanisms intended to inform bystanders that the sensors are active — such as indicator lights — remain imperfect or are missing altogether depending on the use case.
More broadly, it considers that the large-scale deployment of connected glasses could lead to a profound transformation of social equilibria by generalizing a form of mobile, omnipresent surveillance. This shift could gradually create a sense of permanent observation among those affected, with a risk of self-censorship and indirect interference with certain fundamental freedoms, notably the freedoms of expression, assembly, and protest.
The CNIL also flags the specific risks tied to the use of these devices in spaces where a high level of privacy is expected, such as medical offices, locker rooms, or private homes.
According to the CNIL, these devices therefore raise particularly sensitive issues with regard to the right to privacy, the right to one’s image, and more broadly the protection of personal data. In this communication, however, the authority does not take a position on whether the GDPR effectively applies to personal use of connected glasses, recalling that these rules do not apply to processing carried out “by a natural person in the course of a purely personal or household activity” (GDPR, Article 2, § 2, c).
The CNIL’s Action Plan
Acknowledging the scale of the legal, ethical, and societal issues raised by these devices, the CNIL is announcing the launch of dedicated work on the compliance of connected glasses with personal data protection rules.
This work will first have a legal and technical dimension. The authority indicates that the questions raised by these devices call for in-depth analysis, particularly regarding how they operate, the data they capture, the uses they enable, and their integration of artificial intelligence systems.
The CNIL also intends to anchor this work in a European framework. Because connected glasses are developed and marketed internationally, the French authority plans to engage with its European counterparts within the European Data Protection Board.
Lastly, the CNIL notes that the issues at stake go beyond the field of personal data protection alone. It therefore plans to engage with other competent public authorities and to address this topic at upcoming events, notably for awareness-raising purposes.
Initial Best Practices Recommended
While waiting for this work to take shape, the CNIL is already publishing several best practices for users of connected glasses. It recommends in particular informing nearby individuals when these devices are being used, disabling capture functions when they are no longer needed, and switching off the glasses in places where users are asked to turn off their mobile phones.
The authority also urges users to avoid using these devices in places where people do not expect to be filmed or recorded. Finally, it recalls the need to obtain the consent of the individuals concerned before using or publishing photos or videos in which they appear, for example on social media.
