The Article 29 Working Party (WP29) released two guideline documents, WP259 and WP260, on the General Data Protection Regulation (GDPR) concepts of consent and transparency in November.  Comments on both documents will be accepted by the Working Party through January 23, 2018 after which the WP29 will issue final guidance.   WP29 is an independent European advisory body on data protection and privacy.

This blog post focuses on WP259, which is the guideline on consent. We have also written a companion blog on WP260, the guideline on transparency.

Guideline on Consent

The guideline provides a thorough analysis of the notion of consent, which is one of the six lawful bases to process personal data under the GDPR. Article 4(11) stipulates that consent of the data subject must be:

• Freely given.
• Specific.
• Informed.
• Unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Continue reading “Article 29 Working Party Releases Guideline WP259 on Consent under the GDPR”