Member States shall provide for the controller to designate a data protection officer. Member States may exempt courts and other independent judicial authorities when acting in their judicial capacity from that obligation.

The data protection officer shall be designated on the basis of his or her professional qualities and, in particular, his or her expert knowledge of data protection law and practice and ability to fulfil the tasks referred to in Article 34.

A single data protection officer may be designated for several competent authorities, taking account of their organisational structure and size.

Member States shall provide for the controller to publish the contact details of the data protection officer and communicate them to the supervisory authority.