EDPB Publishes Updated Guidelines on ConsentMay 2020The European Data Protection Board (EDPB) has published updated Guidelines on the 5th of May 2020 on Consent under the GDPR, replacing the previous Article 29 Working Party Consent Guidelines published in April 2018. The purpose of the updated guidelines is to provide clarity on:
- data subject consent in relation to cookie walls (which are not allowed), and
- scrolling or swiping through a webpage or similar actions (which does not constitute valid consent). The paragraphs (38-41 and 86) concerning these two issues have been revised and updated, while the rest of the document has been left unchanged, except for editorial changes.
The EDPB clarifies that a service provider cannot prevent data subjects from accessing a service on the basis that they do not consent to the use of their data for additional purposes. In order for consent to be “freely given”, as required by the GDPR, access to services and functionalities must not be made conditional on the consent of a user to the storing of information, or gaining of access to information already stored, in the terminal equipment (i.e. device) of a user (so-called cookie walls).
Unambiguous indication of Wishes
The EDPB also confirms that scrolling or swiping through a webpage, or similar user activity, does not constitute clear affirmative action that meets the conditions for valid conscent under the GDPR.
Click HERE to see the document.
By Judy de Castro - Regulatory Consultant