GDPR: Is your consent valid?

• Published in: Business information review Vol. 37; no. 1; pp. 19 - 24
• Main Authors: Breen, Stephen, Ouazzane, Karim, Patel, Preeti
• Format: Journal Article
• Language: English
• Published: London, England SAGE Publications 01.03.2020; Bowker-Saur Ltd
• Subjects: Consent; General Data Protection Regulation; Legislation; Personal information; Auditable; Convention 108; specific consent; United Nations Universal Declaration of Human Rights; Nuremburg Code; consent; GDPR
• ISSN: 0266-3821; 1741-6450
• DOI: 10.1177/0266382120903254

The General Data Protection Regulation (GDPR) 2018 imposes much greater demands on companies to address the rights of individuals who provide data, that is, Data Subjects. The new law requires a much more transparent approach to gaining consent to process personal data. However, few obvious changes to how consent is gained from Data Subjects to comply with this. Many companies are running the risk of non-compliance with the law if they fail to address how data are obtained and the lack of true consent which Data Subjects currently give to their data being processed. Consent is a complex philosophical principle which relies on the person giving the consent being in full possession of the facts, this article explores the philosophical background of consent and examines the circumstances which were the point of departure for the debate on consent and attempts to develop an understanding of it in the context of the growing influence of information systems and the data-driven economy. The GDPR has gone further than any other regulation or law to date in developing an understanding of consent to address personal data and privacy concerns.