Q&As
What are the differences between joint controllers and controllers in common under the GDPR? What is the difference in liability if a party is a joint controller with another, compared to where the parties are controllers in common?
Read full title
Published on: 05 September 2017
(1) What are the differences between joint controllers and controllers in common under the GDPR?
Definition under the data protection Act 1998
In summary, under the Data Protection Act 1998 (DPA 1998), 'data controller’ is defined in DPA 1998, s 1(1) as a ‘person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed’.
The Guide to data protection from the Information Commissioner’s Office (ICO) states that, in relation to data controllers, the term ‘jointly’ is used where two or more persons (usually organisations) act together to decide the purpose and manner of any data processing. The term ‘in common’ applies where two or more persons share a pool of personal data that they process independently
Access this content for free with a 7 day trial of LexisNexis and benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 42 practice areas
Get your quote today and take step closer to being able to benefit from:
- Instant clarification on points of law
- Smart search
- Workflow tools
- 36 practice areas
Get a LexisNexis quote
* denotes a required field
To view the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.
Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Related legal acts:
Key definition:
Joint controller definition
What does Joint controller mean?
Defined under the EU GDPR and UK GDPR as one of two or more controllers that jointly determine the purposes and means of the processing of personal data.
CONTACT US
