Data Protection

When data processing is undertaken jointly, it is important that roles and responsibilities need to be easily and clearly allocated in order to minimize risk to the people and communities represented by the data. These include the obligation to notify when laws are broken, to get require consent for processing, to provide access to data, and to delete. It also requires that users make explicit the decisions behind sharing and communicating. Otherwise, processing may lead to loss of confidentiality, social disadvantage, or accidental deprivation of rights and freedoms to exercise control over one’s personal data.

  • Be clear about roles and Responsibilities for Data protection.
  • Provide mechanism for person to exercise control over their personal data.
  • State clearly what kinds of data (and how much of it) needs to be shared and with who and why it is being shared.


General Data Protection Regulation (European Commission, 2016012/2014) [Link
EU’s Article 29 Working Party Opinion 1/2010 [Link

Related Guidance

Responsibilities for Data

Data Protection

Data Protection when Crossing Borders

Privacy and Personal Data Protection

Data Controllers