Giving and removing consent

Opt-in to give consent

Description

For data to be regularly accessed in the future for a specific purpose the user has to give explicit permission. The choice to give consent must be clear and given freely. If a user declines a request for access, this doesn’t prevent them from using the service.

Advantages

  • It’s a low friction way for the user to agree to regular data sharing for a specific purpose e.g. a weekly newsletter without having to repeat the consent process every time
  • The user understands why the data is needed and what it’s going to be used for, as long as the explanation is included in the request
  • When and how consent is granted can be recorded to meet legal obligations

Limitations

  • It will be difficult for users to assess the consequences of data sharing if organisations request permission to access lots of data for multiple purposes at the same time
  • It can be hard to understand what opting in will mean in practice, users must always know how they can opt out later on

Examples

  • EU 'Cookie Law' →

    current European Union legislation requires users to opt-in to cookies being stored on devices.