Comparative study of responsibility of the processing Applicant institution, the controller, and the Processor under gdpr and the Bill “Preservation and protection Personal Data"

Document Type : Original Article

Authors

1 Associate Professor at Tehran University

2 Ph.D. student of Kharazmi University of Tehran

10.29252/jlr.2021.184069.1396

Abstract

comparative study Responsibilities Applicant processing entity, controller and processor Under gdpr and Bill »preservation and protection of personal data«
Abstract
Many times Institutions that actually or potentially hold people's data Attempt to delegate the processing of data to third parties,The question that arises This is that Assignment processing What kind of service provider CanHelp protect data privacy? Vacuum addressing the definition and responsibility of the processing applicant body It is felt in the GDPR and Bill «preservation and protection of personal data». The applicant body must not only be aware of its primary responsibility, its necessary Differences in responsibilities and obligations Between controller and processor usage Also understand. The comparative review of these roles is under the GDPR and the Bill is very applicable, Regarding Assign controller and processor assignments The bill needs reform, But overall under both regulations Assign services to an independent controller It is more effective for protecting the privacy of individuals and reducing the applicant's obligations.
"Applicant Processing Entity", "Controller", "Processor"

Keywords

Main Subjects

References

  1.  

    Articles:

    1.    Esayas, S. The Role of Anonymisation and Pseudonymisation Under the EU Data Privacy Rules: Beyond the ‘All or Nothing”. European Journal of Law and Technology, Vol 6, No 2, 2015.
    2. Greenleaf, G. “International Data Privacy Agreements after the GDPR and Schrems”  ; UNSW Law Research Paper . 139 No. 2016.
    3. Hintze M,” In Defense of the Long Privacy Statement”. Maryland Law Review. 76 .1044. 2017
    4. Rustad. M. L. and Koenig, T. H., “Towards a Global Data Privacy Standard”. Florida Law Review, Volume 71, Forthcoming; Suffolk University Law School Research Paper No. 18-16. 2018.  
    5. Daecher A, Cotteleer M, Holdowsky. J.”The Internet of Things: A technical primer”. 2018  , available at:  https://www2.deloitte.com/insights/us/en/focus/internet-of-things/technical-primer.html?icid=dcom_promo_featured|us;en (last visited on 25/012/ 2018)
    6. Powle J, The G.D.P.R., Europe’s New Privacy Law, and the Future of the Global Data Economy, NEW YORKER  , (May 25, 2018). available at:  https://www.newyorker.com/tech/annals-of-technology/the-gdpr-europes-new-privacy-law-and-the-future-of-the-global-data-economy?verso=true(last visited on 25/2/ 2019)
    7. Layton, R, “How the GDPR Compares to Best Practices for Privacy, Accountability and Trust” (March 31, 2017). Available at SSRN: https://ssrn.com/abstract=2944358 or http://dx.doi.org/10.2139/ssrn.2944358(last visited on 20/12/ 2018)
    1.  Eskens, S,. Profiling the European Citizen in the Internet of Things: How Will the General Data Protection Regulation Apply to this Form of Personal Data Processing, and How Should It? (February 29, 2016). Available at SSRN: https://ssrn.com/abstract=2752010 or http://dx.doi.org/10.2139/ssrn.2752010 (last visited on 15/9/ 2019)  
    1. Satariano A, (2018) G.D.P.R., a New Privacy Law, Makes Europe World’s Leading Tech Watchdog, ،” Available at: https://www.nytimes.com/2018/05/24/technology/europe-GDPR -privacy.html   .  (last visited on 17/08/ 2019)
    2. Stanescu, C. G. and Ievchuk, N, Alexa, Where Is My Private Data? Unanswered Legal and Ethical Questions Regarding Protection and Sharing of Private Data Collected and Stored by Virtual Private Assistants (May 3, 2018). Available at SSRN: https://ssrn.com/abstract=3250669(last visited on 17/08/ 2019)
    3. An official website of the European Union “ Protection of Personal Data European Commission,” EU, accessed August 25, 2017, http://ec.europa.eu/justice/data‐protection/.(last visited on 11/8/ 2019)

     

    Cases:

    1. judgment of 13 May 2014, Google Spain, C 131/12, EU:C:2014:317, Available at : http://curia.europa.eu/juris/document/document_print.jsf?doclang=EN&docid=152065

    (last visited on 05/10/ 2019)

    1. Article 29 Data Protection Working Party, "Opinion 1/2010 on the concepts of 'controller' and 'processor'" (WP 169), adopted on 16 February 2010, at 9. (last visited on 09/11/ 2019)

     

    Site:

    1. 19. http://curia.europa.eu/juris/document/document.jsf;jsessionid (last visited on 18/05/ 2019) =9D9DF361570E7E8B252244680A1AC3F2?text=&docid=202543&pageIndex=0&doclang=EN&mode=lst&dir=&occ=first&part=1&cid=291951(last visited on 1/06/ 2019)
    2.  http://ec.europa.eu/justice/data‐protection (last visited on 1/06/ 2019)
    3. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679(last visited on 1/06/ 2019)
    4. https://GDPR -info.eu/recitals/no-109/(last visited on 3/06/ 2019)
    5. https://ico.org.uk/media/for-organisations/documents/1546/data-controllers-and-data-processors-dp-guidance.pdf . (last visited on 12/06/ 2019)
    6. https://www.newyorker.com/tech/elements/the-GDPR -europes-new-privacy-law-and-thefuture- of-the-global-data-economy
    7. https://www.nytimes.com/2018/05/24/technology/europe-GDPR -privacy.html (last visited on 12/06/ 2019)
    8. https://www.privacyshield.gov(last visited on 12/06/ 2019)

    Documents:

    1. APEC PRIVACY FRAMEWORK (2015) . Available at https://www.apec.org/Publications/2017/08/APEC-Privacy-Framework-(2015) (last visited on 1/06/ 2019)
    2. General Data Protection Regulation . Available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679(last visited on 1/06/ 2019)
    3. Data Protection Act 2018 Available at: https://ico.org.uk/for-organisations/data-protection-act-2018/(last visited on 1/06/ 2019)
    4. Data Protection Act 1998 Available at: http://www.legislation.gov.uk/ukpga/1998/29/contents(last visited on 1/06/ 2019)

     

Legal Research Quarterly
Volume 24, Issue 95 - Serial Number 95
November 2021
Pages 137-158

Files

History

  • Receive Date: 03 July 2019
  • Revise Date: 25 February 2020
  • Accept Date: 13 March 2021

Share

How to cite

Statistics