This document focuses on what processors can (and cannot) do in helping controllers respond to consumer rights requests.

This document explains the history of the controller/processor distinction and demonstrates how widely that distinction has been adopted in global privacy laws.

Comprehensive privacy legislation must create strong obligations for all companies that handle consumer data. These obligations will only be strong enough to protect consumer privacy and instill trust, though, if they reflect how a company interacts with consumer data.

BSA’s 2024 Global Cyber Agenda represents the enterprise technology sector’s cybersecurity priorities. It urges policies to build on a successful foundation of public-private partnerships, risk-based approaches, and internationally recognized standards and best practices. It recommends leveraging artificial intelligence to improve secure software development and improve cybersecurity risk management.