The European Court of Justice has confirmed controllers must reveal the specific recipients of any data they shared in their responses to access requests, unless it is impossible or excessive to do so.
Filed under
Topics
Organisations
Laws
Courts
Industries