You may have noticed that the General Data Protection Regulation is rather in the news lately, and quite right too considering there is only a year left to prepare for the most stringent and wide-reaching privacy law the EU has yet seen. Unfortunately however, in the rush to jump onto the latest marketing bandwagon, a lot of misleading and inaccurate information posing as “advice” in order to promote products and services is flourishing and appears to be drowning out more measured and expert commentary. Having seen a worrying number of articles, advertisements, blog posts and comments all giving the same wrong message about GDPR’s “consent” requirements, I was compelled to provide a layperson’s explanation of what GDPR really says on the subject.
So, let me start by saying GDPR DOES NOT MAKE CONSENT A MANDATORY REQUIREMENT FOR ALL PROCESSING OF PERSONAL DATA.
