Difference between revisions of "Data Controller"

From MgmtWiki
Jump to: navigation, search
(Created page with "==Full Title or Meme== Some digital Entity on the internet that holds and processes User Information. ==Context== The GDPR uses the term term liberally but never...")
 
(Context)
Line 3: Line 3:
  
 
==Context==
 
==Context==
The [[GDPR]] uses the term term liberally but never defines it.
+
*The [[GDPR]] uses the term term liberally but never defines it.
 +
*Several <ref>Irish Data Protection Commission, ''Are you a "data controller"?'' https://www.dataprotection.ie/docs/Are-you-a-Data-Controller/y/43.htm</ref>
  
 
==Problems==
 
==Problems==

Revision as of 07:48, 30 July 2018

Full Title or Meme

Some digital Entity on the internet that holds and processes User Information.

Context

  • The GDPR uses the term term liberally but never defines it.
  • Several [1]

Problems

  • Several nations in the EU have defined Data Controller, in roughly similar terms.
  • The term in not helpful in understanding the practical consequences of the legislation.

Solutions

In this wiki we will use two terms that together seem to encompass the meaning of Data Controller and provide a better means to discuss the practical solutions.

  1. A Identifier or Attribute Provider is the source of User Information in any covered transaction on the internet.
  2. A Relying Party is the sink of User Information in any covered transaction on the internet.

Besides the two entities above a User Object containing User Information may exist at other locations, sometimes under the control of one of the above, sometimes not. See the diagram on the User Object Page for an example were the User Object may even be in a cookie residing on the User Device.

References

  1. Irish Data Protection Commission, Are you a "data controller"? https://www.dataprotection.ie/docs/Are-you-a-Data-Controller/y/43.htm