BRUSSELS – October 19, 2020 – BSA | The Software Alliance submitted comments on the European Data Protection Board’s Guidelines 07/2020 on the concepts of controller and processor in the GDPR.

The EDPB’s further guidance on controllers and processors serves at least three important objectives: better protecting personal data, clarifying obligations for businesses, and promoting interoperability between privacy and data laws.

“This guidance is needed as a growing number of businesses and organizations undergo digital transformations. Here in Europe and around the world, companies are increasingly handling personal information daily as part of many routine operations, even if data management is not their core business. Protecting that data is paramount,” said Isabelle Roccia, Senior Policy Manager – EMEA, at BSA | The Software Alliance.

“In any privacy framework, the distinction between the roles of controller and processor, and their associated responsibilities, is key for legal certainty and contributes to stronger data protection,” Roccia added. “BSA and our member companies have long advocated for gold-standard privacy protections and the responsible use of personal data, which are foundational to building trust and enabling the digital economy. We are promoting these concepts globally to encourage interoperability among privacy and data protection laws worldwide.”

“BSA appreciates the opportunity to comment on these guidelines, and we stand ready to further assist the Board as it finalizes its guidance,” Roccia said.

Read BSA’s full submission here.