ABSTRACT
The first data protection principle requires data controllers to process personal data
fairly and in accordance with any relevant law. In addition to the general duty
to process personal data fairly and lawfully, data controllers must meet specified
requirements, otherwise their personal data processing will not be deemed fair.