Consents Consultation - the new challenge for the GDPR

Queens Speech confirms UK will implement GDPR

The ICO has published its second piece of draft guidance on the new General Data Protection Regulation (“GDPR”), this time on consents. 

The GDPR sets a high standard for consent and organisations will need more granular opt-in methods; they will also need to keep records of consent and provide simple ways for individuals to withdraw their consent. The guidance explains the GDPR requirements in more detail, including: 

  • Obtaining consent – what is required in order to have valid consent under the GDPR and likely issues
  • Deciding when to obtain consent – consent needs to be capable of being withdrawn, so it may be appropriate to rely on alternative bases for processing instead of consent in some circumstances
  • How to record consents – how to keep an audit trail of how and when consent was given
  • Managing consents – keeping consents under review and how to enable individuals to access and update their consent settings

The Article 29 Working Party is also expected to publish European-level GDPR consent guidance later this year.

Contact our experts for further advice

Beverley Flynn

Search our site