Sun. Aug 14th, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    pt flag
    ru flag
    es flag

    Editor’s Note: Recently the European Data Protection Board (EDPB) published revised guidance on the concept of consent under the GDPR. Provided below is a series of extracts as well as a complete copy of the recent guideline update for consideration by data and legal discovery professionals.


    Extract from an article by Claude-Etienne Armingaud and Natali Adison (National Law Review)

    EU Data Protection: Updated EDPB Guidance on Consent Clarifies the Mechanism for Cookie Consent

    Approaching its second anniversary this month, the European General Data Protection Regulation (GDPR) has never been as relevant as in these unprecedented COVID-19 times. While several countries are considering the implementation of contact tracing apps, a consensus has seemed to surface on subjecting their use to a voluntary basis. The notion of “consent” remains, therefore, the cornerstone (albeit not the only one) of the European data protection framework.

    In that regard, the European Data Protection Board (EDPB) issued a revised take on one of the first guidelines published by its predecessor, the WP29, in April 2018, taking into consideration the difficulties encountered by the stakeholders in the operational implementation of GDPR compliance. These clarifications come at a time where discrepancies in interpreting what constitutes valid “consent” emerge between various Member States’ Supervisory Authorities, especially as applicable to the use of cookies and other tracking technologies (together, “cookies”).

    Read the complete article at EU Data Protection: Updated EDPB Guidance


    Extract from an article published on the Privacy & Information Security Law Blog (Hunton Andrews Kurth)

    EDPB Publishes Updated Guidelines on Consent under the GDPR

    The EDPB aimed to provide further clarity around the validity of consent obtained through cookie walls and on whether scrolling through a webpage could constitute clear and affirmative consent under the GDPR. With respect to cookie walls, the EDPB Guidelines state that these types of mechanisms—which prevent users who do not accept the use of cookies from accessing a site or mobile app—are unlawful, as consent obtained this way cannot be considered freely given. Likewise, the EDPB Guidelines indicate that scrolling or swiping through a webpage, or similar user activity, does not constitute affirmative action that meets the conditions for valid consent under the GDPR. This practice also does not allow for easy consent withdrawal, in the EDPB’s view, and should not be used.

    Read the complete article at EDPB Published Updated Guidelines on Consent under the GDPR


    Extract from an article published by OneTrust DataGuidance

    EU: EDPB Adopts Guidelines on Consent Under the GDPR

    Moreover, the Guidelines state that, under the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’), a service provider cannot prevent data subjects from accessing a service on the basis that they do not consent, and that access to services and functionalities must not be made conditional on the consent of a user to the placement of cookies in his/her terminal equipment. Furthermore, the Guidelines find that scrolling or swiping through a webpage, or similar user activity, will not satisfy the requirement of a clear and affirmative action, since it may be difficult to distinguish such actions from other activity or interaction of the user. Therefore, the Guidelines state that determining that unambiguous consent has been obtained will not be possible, and that it will be difficult to provide a way for the user to withdraw consent in a manner that is as easy as granting it.

    Read the complete article at EU: EDPB Adopts Guidelines on Consent under the GDPR


    Extract from an article by Natasha Lomas (TechCrunch)

    No Cookie Consent Walls – And No, Scrolling Isn’t Consent Says EU Data Protection Body

    You can’t make access to your website’s content dependent on a visitor agreeing that you can process their data — aka a ‘consent cookie wall’. Not if you need to be compliant with European data protection law.

    That’s the unambiguous message from the European Data Protection Board (EDPB), which has published updated guidelines on the rules around online consent to process people’s data.

    Under pan-EU law, consent is one of six lawful bases that data controllers can use when processing people’s personal data.

    But in order for consent to be legally valid under Europe’s General Data Protection Regulation (GDPR) there are specific standards to meet: It must be clear and informed, specific, and freely given.

    Hence cookie walls that demand ‘consent’ as the price for getting inside the club are not only an oxymoron but run into a legal brick wall.

    Read the complete article at No Cookie Consent Walls – And No, Scrolling Isn’t Consent


    Extract from an article by Patrick Van Eecke and Anne-Gabrielle Haie (DLA Piper)

    Europe: EDPB Updates Its Guidelines on Concept of “Consent”

    What does it mean for business? Businesses must make sure that:

    • Access to their service is not conditional to the user’s consent for the processing of his/her personal data;
    • Users are provided with a genuine choice to accept or to decline the use of cookies
    • Users are not prevented from accessing the website if they decline the use of cookies;
    • Cookies are not installed until the users have genuinely provided their consent by accepting the use of cookies.

    Read the complete article at EDPB Updates Its Guidelines on Concept of “Consent”


    Guidelines 05/2020 On Consent Under Regulation 2016/79

    Read the Complete Updated EDPB Guidelines on Consent Under the GDPR (PDF) 

    Updated EDPB Guidelines on Consent – 4 May 2020

    Read the Original Guidelines from the European Data Protection Board


    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    The Tip of the Iceberg? New ENISA Report on the Threat Landscape for Ransomware Attacks

    According to ENISA, this threat landscape report analyzed a total of...

    Consumers Paying the Price? Cost of a Data Breach Hits Record High According to New IBM Report

    According to IBM Security, the annual Cost of a Data Breach Report...

    Safeguarding ePHI? NIST Updates Guidance for Health Care Cybersecurity

    This new NIST Special Publication aims to help educate readers about...

    Countering Threat Actors? Using Social Network Analysis for Cyber Threat Intelligence (CCDCOE)

    According to the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)...

    Revenue Headwinds? KLDiscovery Inc. Announces Second Quarter 2022 Financial Results

    According to Christopher Weiler, CEO of KLDiscovery Inc, “The second quarter...

    Beyond Revenue? DISCO Announces Second Quarter 2022 Financial Results

    According to Kiwi Camara, Co-Founder and CEO of DISCO, “We are...

    Live with Leeds? Exterro Completes Recapitalization in Excess of $1 Billion

    According to the press release, with the support of a group...

    TCDI Completes Acquisition of Aon’s eDiscovery Practice

    According to TCDI Founder and CEO Bill Johnson, “We chose Aon’s...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for July 2022

    From lurking business undercurrents to captivating deepfake developments, the July 2022...

    Five Great Reads on Cyber, Data, and Legal Discovery for June 2022

    From eDiscovery ecosystem players and pricing to data breach investigations and...

    Five Great Reads on Cyber, Data, and Legal Discovery for May 2022

    From eDiscovery pricing and buyers to cyberattacks and incident response, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for April 2022

    From cyber attack statistics and frameworks to eDiscovery investments and providers,...

    Inflection or Deflection? An Aggregate Overview of Eight Semi-Annual eDiscovery Pricing Surveys

    Initiated in the winter of 2019 and conducted eight times with...

    Changing Currents? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2022

    In the summer of 2022, 54.8% of survey respondents felt that...

    Challenging Variants? Issues Impacting eDiscovery Business Performance: A Summer 2022 Overview

    In the summer of 2022, 28.8% of respondents viewed increasing types...

    Downshift Time? eDiscovery Operational Metrics in the Summer of 2022

    In the summer of 2022, 65 eDiscovery Business Confidence Survey participants...

    Counterattack in Crimea? Ukraine Conflict Assessments in Maps (August 8 – 12, 2022)

    According to a recent update from the Institute for the Study...

    Droning On? Ukraine Conflict Assessments in Maps (August 3 – 7, 2022)

    According to a recent update from the Institute for the Study...

    Assuaging Distress? Ukraine Conflict Assessments in Maps (July 29 – August 2, 2022)

    According to a recent update from the Institute for the Study...

    Momentum Challenges? Ukraine Conflict Assessments in Maps (July 24 – 28, 2022)

    According to a recent update from the Institute for the Study...