Comparison of notice requirements for consent between ISO/IEC 29184:2020 and GDPR
Item Type:Journal Article
Citation:Harshvardhan J. Pandit, Georg Philip Krog, Comparison of notice requirements for consent between ISO/IEC 29184:2020 and GDPR, Journal of Data Protection & Privacy, 4, 2, 2021, 194 - 203
preprint.pdf (Accepted for publication (author's copy) - Peer Reviewed) 102.7Kb
This article analyses the ISO/IEC 29184:2020 standard and compares its requirements for notice and consent with those specified by the General Data Protection Regulation (GDPR). More specifically, it considers the extent to which the ISO/IEC 29184 standard can be applied to demonstrate compliance with the requirements of the GDPR, and to identify the additional requirements in areas where it is not sufficient. The article concludes with remarks on the potential role of ISO/IEC 29184 as a certification mechanism under GDPR for consent and notice.
Irish Research Council (IRC)
European Union (EU)
Funding Acknowledgements: Harshvardhan J. Pandit is funded by the Irish Research Council Government of Ireland Postdoctoral Fellowship Grant#GOIPD/2020/790, by European Union?s Horizon 2020 research and innovation programme under NGI TRUST Grant#825618 project ?Privacy as Expected: Consent Gateway?, and by the ADAPT SFI Centre for Digital Media Technology, which is funded by Science Foundation Ireland through the SFI Research Centres Programme and is co-funded under the European Regional Development Fund (ERDF) through Grant#13/RC/2106.
Author: Pandit, Harshvardhan
Type of material:Journal Article
Series/Report no:Journal of Data Protection & Privacy
Availability:Full text available