Businesses retreating from consent under GDPR

Author: Olly Jackson | Published: 3 Apr 2018

The General Data Protection Regulation (GDPR) is changing the way companies handle data. But contrary to popular belief companies do not have to obtain consent from their customers to process data. Businesses are choosing an easier way that allows them to act in a very similar manner as to now.

The GDPR often refers to explicit consent needed, particularly when processing sensitive personal data, but it is unclear precisely what this constitutes. Because of the hurdles businesses need to leap through to obtain this consent, it is likely that many businesses will look to other, less onerous, legal grounds.

Linklaters partner Richard Cumbley said that this change is one of the biggest practical concerns with GDPR.

"Because consent is much more difficult to obtain under GDPR, clients who have relied on getting consent historically are retreating from that," he said.

A road less travelled?

GDPR requires businesses to receive an...



close Register today to read IFLR's global coverage

Get unlimited access to for 7 days*, including the latest regulatory developments in the global financial sector, updated daily.

  • Deal Analysis
  • Expert Opinion
  • Best Practice


*all IFLR's global coverage published in the last 3 months.

Read IFLR's global coverage whenever and wherever you want for 7 days with IFLR mobile app for iPad and iPhone

"The format of the Review has changed over the years; the high quality of its substantive content has not."
Lee C Buchheit, Cleary Gottlieb