Monday 06 Mar 2017 @ 15:32
Information Commissioner's Office
Printable version

ICO guidance for consent in the GDPR

Blog posted by: Jo Pedder, Interim Head of Policy and Engagement, 02 March 2017.

gdpr-12-steps-to-take-nowBack in January I wrote about our plans for GDPR guidance in 2017 and our commitment to help organisations improve their practices and prepare for the GDPR.

I’m pleased to announce that our first piece of detailed topic-specific GDPR guidance has been published today for public consultation. This new guidance is about consent in the GDPR and we are interested to gain your feedback on it through a short consultation which is running from now until 31 March 2017.

The basic concept of consent, and its main role as one lawful basis (or condition) for processing, is not new. However the GDPR does set a high standard for consent. It builds on the Data Protection Act (DPA) standard of consent in a number of areas, and it contains significantly more detail on both the standard and processes for consent.

Basing your processing of customer data on GDPR-compliant consent means giving individuals genuine choice and ongoing control over how you use their data, and ensuring your organisation is transparent and accountable.

Getting this right should be seen as essential to good customer service: it will put people at the centre of the relationship, and can help build customer confidence and trust. This can enhance your reputation, improve levels of engagement and encourage use of new services and products. It’s one way to set yourself apart from the competition and will be fundamental to the growth of the digital economy.

Our guidance on consent explains our recommended approach to compliance and what counts as valid consent. It provides practical help to decide when to rely on consent, and when to look at alternatives. It also explains the key differences with the DPA and gives advice about existing DPA consents.

Following the consultation we aim to publish this guidance in May 2017. This timescale may be affected if we need to take account of developments at the European level.

That won’t be the end of our work on consent. Later in the year we are planning to issue a call for evidence to get a better sense of what technical solutions are available or are being developed for obtaining and managing consent. And we are also working with our European counterparts on the Article 29 working party to produce further agreed guidelines on consent later this year. Keep an eye on our data protection reform website for updates.

Jo Pedder is Interim Head of Policy and Engagement. She has lead responsibility for the ICO’s guidance on the Data Protection Act and the Freedom of Information Act.

 

Channel website: https://ico.org.uk/

Share this article

Latest News from
Information Commissioner's Office

ICO fines two companies a total of £340,000 for making aggressive and unwanted marketing calls

24/04/2024 15:20:00

The Information Commissioner’s Office (ICO) has fined Cardiff-based Outsource Strategies Ltd (OSL) £240,000 and London-based Dr Telemarketing Ltd (DRT)£100,000 after the companies made a total of almost 1.43 million calls to people on the UK’s “do not call” register, the Telephone Preference Service (TPS).

Housing association reprimanded for exposing personal information on online portal

19/04/2024 14:10:00

We have issued a reprimand to Clyde Valley Housing Association in Lanarkshire after personal information was accessible to other residents on an online customer portal. 

ICO publishes guidance to improve transparency in health and social care

16/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is supporting health and social care organisations to ensure they are being transparent with people about how their personal information is being used.

Information Commissioner’s Office seeks views on accuracy of generative AI models

12/04/2024 12:25:00

The Information Commissioner’s Office (ICO) has launched the latest instalment in its consultation series examining how data protection law applies to the development and use of generative AI.

ICO joins global data protection and privacy enforcement programme

04/04/2024 15:20:00

The Information Commissioner’s Office (ICO) has signed onto a new international multilateral agreement with the Global Cooperation Arrangement for Privacy Enforcement (Global CAPE) to cooperate in cross-border data protection and privacy enforcement.

ICO sets out priorities to protect children's privacy online

04/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is calling on social media and video-sharing platforms to improve their data protection practices so children are safer when using their services. 

ICO publishes new fining guidance

19/03/2024 09:10:00

The Information Commissioner’s Office has published new data protection fining guidance setting out how it decides to issue penalties and calculate fines.

ICO reprimands Dover Harbour Board and Kent Police over information sharing

18/03/2024 10:20:00

The Information Commissioner’s Office (ICO) has issued reprimands to Dover Harbour Board and Kent Police after they breached data protection law.

ICO reprimands London Mayor's Office for Policing and Crime for complaint web form error

15/03/2024 14:10:00

The London Mayor’s Office was yesterday reprimanded by the Information Commissioner’s Office (ICO) for a web glitch that potentially revealed the personal information of people who were complaining about the Metropolitan Police Service.