Since GDPR went into effect on May 25, 2018, there’s been confusion on some parts of the law and clarity on others. Are you receiving updated Privacy Policies that mention data privacy? Are you still unsure how to properly collect data subjects’ consent? Have you seen organizations giving data subjects’ different options for giving their consent? In this webinar, Mark Hinely covers the confusing regarding consent, the regulatory developments since the GDPR enforcement date, and significant litigation to note.
How is Consent Being Collected?
Consent is considered the most confusing and misunderstood legal basis for processing personal data. This is probably because consent isn’t always required, it must be freely and affirmatively given, and is much different than the other five legal bases for processing. There are two areas seem to get a lot of attention in the GDPR realm: paid consent and privacy policies.
What are the Regulatory Developments Since GDPR Enforcement?
Since GDPR was officially enforced on May 25, 2018, there have been various regulatory developments, including:
- European Data Protection Board (EDPB): The EDPB has replaced the Article 29 Working Party and will now be the source for GDPR guidance.
- Data Protection Impact Assessments (DPIAs): Each EU member state has established or proposed DPIA requirements, which are a systematic way to identify and minimize risk.
- Data Subjects Complaints and Breaches: Within the first week of GDPR enforcement, there was a significant increase in complaints and reported breaches compared to pre-GDPR activity.
- Enforcement of Pre-GDPR Violations: Organizations such as the Gloucestershire Police, British and Foreign Bible Society, and Yahoo have all faced fines and penalties for pre-GDPR violations.
To learn more about consent, privacy policies, regulatory developments, and enforcement of GDPR, download the full webinar. For more information about GDPR compliance, contact us today!