Recommendations and Automation in the Consenting Process: Designing GDPR compliant consents

Yki Kortesniemi, Jens Kremer

Research output: Contribution to conferencePaperScientificpeer-review

Abstract

Giving consent to the processing of personal information can be complex. Under the GDPR, to be valid, a consent has to present a ‘freely given, specific, informed and unambiguous indication of the data subject's wishes’ -- requirements, which can be difficult for the controller to meet. But choice and consent can also be burdensome for data subjects as, for instance, being truly informed of personal data processing operations and their consequence may require serious efforts and deep understanding of technical and societal processes. This paper looks at using recommendations and automation to provide a better consenting process under the GDPR. In particular, the paper analyses four scenarios ofincreasing automation, and finds that that while recommendations are an acceptable way for improving the consent process, fully automated consenting is difficult to implement under the GDPR.
Original languageEnglish
Number of pages11
Publication statusPublished - 12 Dec 2018
MoE publication typeNot Eligible
EventLegal Design as Academic Discipline: Foundations, Methodology, Applications - Groningen, Netherlands
Duration: 12 Dec 201812 Dec 2018
http://gdprbydesign.cirsfid.unibo.it/legaldesign-workshop/

Workshop

WorkshopLegal Design as Academic Discipline: Foundations, Methodology, Applications
CountryNetherlands
CityGroningen
Period12/12/201812/12/2018
OtherPart of JURIX 2018
Internet address

Fingerprint

Dive into the research topics of 'Recommendations and Automation in the Consenting Process: Designing GDPR compliant consents'. Together they form a unique fingerprint.

Cite this