Reply to post: Re: Their Site

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage

Anonymous Coward
Anonymous Coward

Re: Their Site

But "not in any way responsible" is not true in this case. The third party script is also unlikely to define itself as a data controller. If it was deemed by Ticketmaster to be a data controller then they would have had to do the risk analysis and the consultation with them to ensure their duties as a data controller. They would also have to notify the customers of their use of this third party data controller and gain data transfer agreements under one of the exceptions in GDPR.

It could all get a bit messy if they go down the GDPR route.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019