EU A29WP consent consultation indicates next year for ICO guidance


Share This Post

The data protection principle of consent is one of the significant areas of the General Data Protection Regulation (GDPR) that’s changing from the existing data protection rules and the one area that’s got marketing people over excited due to it’s rules about consent being “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” An indication that when consent is the lawful basis for processing you not only need to be clear about what you’re asking consent for but the data subject has to make a positive confirmation (i.e. no more pre-ticked boxes).

So it’s no wonder that we’ve all been waiting for clear guidance, particularly from the Information Commissioner’s Office (ICO) on what consent actually means in practice.

The ICO published their draft consent guidance for consultation back in March of this year, with a view of publishing the final version in the summer. That was then delayed with a view to publishing in December when the Article 29 Working Party (the European group of regulators) had consulted on it’s own consent guidance.

However, the Article 29 Working Party have only just published their own consent guidance for consultation and are seeking views on it by 23rd January, indicating that the long awaited ICO guidance won’t be appearing till next year (I’m guessing February at the earliest).

The A29WP consent guidance can be downloaded here and covers (amongst other things), what constitutes valid consent and how to collect it. There’s quite a lot to take in, but it does give you, which the ICO guidance does too, an indication of the basic thinking about valid consent, including when you’re not collecting consent electronically.

More To Explore


The key message from the ICO regarding the use of AI is not to forget if AI is processing personal data, then you need to

Read More »

Eat. Sleep. GDPR. Repeat.

We live and breathe GDPR and ePrivacy compliance, so you don’t have too. Our GDPR UNLIMITED helpline is all about offering you help and support, whenever you need it most. As well as the unlimited helpline, you get up to 4 hours “hands-on” help each month, which we can configure to help you in anyway you need such as a GDPR review, or acting as your DPO.

As well as the unlimited helpline and hands-on help you get GDPR and privacy updates, access to our GDPR knowledge centre and webinars.

Unlimited email & phone support

Unlimited email and phone support. Email or organise a voice call as often as you need each month.​

Up to 4 hours "hands-on" help per month

We use these "hands-on" hours to do the GDPR work for you, such as reviews, acting as your DPO, checking DPIA, dealing with breaches, training your staff, etc. (Additional hours: £100+VAT per hour)

Online resources

Our Knowledge Centre gives you access to information, guidance, topic related guides and other tools to support your GDPR and PECR compliance

Updates, alerts & briefings

We provide updates and alerts and a monthly compliance briefing. You can either sign into the Knowledge Centre or sign up via email to receive an email every time we add a new update or alert

DPO services

Whether mandated or not we can act as your Data Protection Officer (DPO) and manage your day to day compliance

Webinars, workshops & training

Whether updates on the latest issue, workshops or team training, it's all included in your monthly retainer.

LIKE WHAT YOU'RE READING? join our email list

Sign up for monthly briefings and the occasional emails about our webinars and services

Want to know more about how we use your data? Check out our privacy policy