Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
GDPR Two-Year Anniversary: How to collect consent without creating consent fatigue? – Webinar 4 June 2020
4 June 2020 – Cyber Security Coalition
The second webinar co-organized by the Cyber Security Coalition Privacy Focus Group and Beltug tackled the issue of “tensions on ‘consent’ under the GDPR”, with some extra attention to cookie-related consent. Prof. Paul De Hert and Mr. Gianclaudio Malgieri (VUB LSTS) provided well-documented insights into the tricky legal areas of ‘consent in the GDPR’, ‘the crisis of consent’ and ‘three tensions on consent’.
Interestingly, consent is straight off stressed to be only as good as the other grounds, and often perhaps not the most appropriate option (e.g., with a view to the data subjects’ rights). And consent cannot be used to ask for personal information that is not strictly necessary for the purpose at hand. Today’s ‘crisis of consent’ impacts both data subjects (fatigue, overload) and controllers/processors (difficult to be compliant, e.g. big data).
The session concluded by discussing three tensions, including some apparent contradictions between GDPR and other directives. The first relates to the demand for unnecessary personal info, between the GDPR (interdiction) and the 2019/770 directive on Digital Content/service. The second puts consent validity in the GDPR versus cookies ‘easy’ consent in e-Privacy. At this point, GDPR stands as the reference law, though more clarification (e.g., by DPA’s) is required. The third ‘tension’ involves consent versus ‘legitimate interest’ in sensitive areas as marketing and research, as well as when vulnerable data subjects are involved.
This is a session that will amply reward an attentive replay, with plenty of food for study.
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.