This fall, the European Data Protection Board (“EDPB”) published the draft “Guidelines 07/2020 on the concepts of controller and processor in the GDPR.”  This development matters for CPW readers as even if you are an entity doing business in the United States, if you collect any personal data of people in the EU and meet other criteria you are required to comply with the GDPR.  CPW will be re-reposting a four part series addressing the key concepts and issues covered.

This is the third in our series of posts on the  Guidelines 07/2020 on the concepts of controller and processor in the GDPR (the “draft Guidelines”) focusing on the role of joint controllers.  What is a joint controller under the GDPR? A joint controller is an entity that jointly determines the purposes and means of processing data with another controller.  Find out what it all means here.