The CJEU rules on the liability of controllers

Published

Jan 08 2024

Written By

Partner
UK

I am based in London and co-head Bird & Bird's International Privacy and Data Protection Group. I enjoy providing practical advice and solutions to complex legal issues.

Katerina Tassi

Senior Associate
UK

I am an associate in our London Privacy and Data Protection Group, advising organisations on UK and EU data protection law, including GDPR and ePrivacy rules.

Practices

Privacy and Data Protection

Regions

Western Europe

Ruth Boardman and Katerina Tassi have written an insightful article for the International Association of Privacy Professionals (IAPP) covering the Court of Justice of the European Union’s interpretation of EU General Data Protection Regulation provisions in recent cases. In the article they delve into a recent case, C-683/21, where the court held a controller can be liable for processing carried out by its processor.

To read the full article, click here

Latest insights

More Insights

Australia’s first standalone cyber security law – the Cyber Security Act 2024

Dec 18 2024

The New Cybersecurity Dawn – Hong Kong readies for new critical infrastructure legislation

7 minutes Dec 10 2024

Saudi Arabia: Qualified obligation on data controllers to register with Data Protection Authority

3 minutes Dec 03 2024