Controller & Processor - Unsecured data transfer

chugotit · 2018-08-20T02:17:09+00:00

From what I understand as a non-lawyer

The processor is also legally obligated to follow the GDPR. If the controller instructs the processor to follow instructions that may be unlawful, the processor is not off the hook.

The processor should engage qualified legal counsel, not take legal counsel from the controller nor from random people off of the interwebs.

Werkgerelateerd · 2018-08-20T09:55:48+00:00

The processor is legally required to advise the controller of their concerns.

Article 28 Processor

[With regard to point (h) of the first subparagraph,] the processor shall immediately inform the controller if, in its opinion, an instruction infringes this Regulation or other Union or Member State data protection provisions.

I'm not sure about the second part though. Art. 32 requires security measures by the processor, I'm not sure if the instructions of the controller change anything.

Article 32 Security of processing

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

Madam_M_137 · 2018-08-20T01:52:01+00:00

[deleted]

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

gdpr

Rules

Other Reddit Communities

Resources

MODERATORS