Barristers are not “data processors” under GDPR, Bar Council tells solicitors


Data: Guidance for barristers

Self-employed barristers are “data controllers” and not “data processors” for the purposes of the General Data Protection Regulation (GDPR) as they need to be able to act independently of instructing solicitors, the Bar Council has said.

The Bar Council said it was responding to attempts by solicitors’ firms to get individual barristers or chambers to enter into data processing contracts under the GDPR, which comes into effect on May 25.

“For the avoidance of doubt, self-employed barristers are data controllers of their client’s data. They are not data processors.”

Under article 28 of GDPR, processors must only act on the instructions of the controller and can be held directly responsible for non-compliance

In a guidance note, the Bar Council’s IT panel warned that barristers who signed data processing contracts could be in breach of the Code of Conduct because of their duty to the court and obligations to act independently.

It was only in “very limited circumstances”, such as when barristers were on secondment to law firms, that they could be properly considered data processors.

“Even then, in some circumstances the barrister may need to exercise their independence, and in those circumstances will be a data controller.”

The Bar Council said care should be taken to ensure that “an appropriate clause” was included in any data agreement.

“This is because a barrister’s role is not to act as a sub-contractor on the solicitor’s behalf, merely processing data accordingly, but is instead to provide independent objective specialist advice and advocacy.

“It is almost always up to the barrister to determine what information to process and obtain in order to perform the work, and each barrister has their own professional responsibilities to fulfil.”

The Bar Council said terms in some proposed data processing agreements could clash with their obligations under the Code of Conduct, in particular their duty to the court, obligations to act independently in the best interests of the client and keep appropriate records.

“The terms of a data processing contract could for example give rise to difficulties for a barrister in the event of a disagreement with the solicitors, or if a lay client is considering whether to change solicitors or changes solicitors.

“In view of the nature of the barrister’s role and the potential conflict with the barrister’s duties under the Code of Conduct, both the need for and content of any proposed data processing contract should be very carefully considered.

“It will not be appropriate for self-employed barristers to sign such an agreement for work carried out in the course of normal practice.”




Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog


Five key issues to consider when adopting an AI-based legal tech

As generative AI starts to play a bigger role in our working lives, there are some key issues that your law firm needs to consider when adopting an AI-based legal tech.


Bulk litigation – not always working in consumers interests

For consumers to get the benefit, bulk litigation needs to be done well, and we are increasingly concerned that there are significant problems in some areas of this market.


ABSs, cost and audits – fixing regulation after Axiom Ince

A feature of law firm collapses and frauds has sometimes been the over-concentration of power in outdated and overburdened systems of control.


Loading animation