Published January 16, 2021 | Version preprint
Journal article Open

Comparison of notice requirements for consent between ISO/IEC 29184:2020 and GDPR

Creators

  • 1. ADAPT Centre, Trinity College Dublin
  • 2. Signatu AS

Description

This article analyses the ISO/IEC 29184:2020 standard and compares its requirements for notice and consent with those specified by the General Data Protection Regulation (GDPR). More specifically, it considers the extent to which the ISO/IEC 29184 standard can be applied to demonstrate compliance with the requirements of the GDPR, and to identify the additional requirements in areas where it is not sufficient. The article concludes with remarks on the potential role of ISO/IEC 29184 as a certification mechanism under GDPR for consent and notice.

Notes

Funding Acknowledgements: Harshvardhan J. Pandit is funded by the Irish Research Council Government of Ireland Postdoctoral Fellowship Grant#GOIPD/2020/790, by European Union's Horizon 2020 research and innovation programme under NGI TRUST Grant#825618 project "Privacy as Expected: Consent Gateway", and by the ADAPT SFI Centre for Digital Media Technology, which is funded by Science Foundation Ireland through the SFI Research Centres Programme and is co-funded under the European Regional Development Fund (ERDF) through Grant#13/RC/2106.

Files

preprint.pdf

Files (105.3 kB)

Name Size Download all
md5:acbe109b09d53b084459d1e1a497185a
105.3 kB Preview Download

Additional details

Funding

NGI_TRUST – Partnership for innovative technological solutions to ensure privacy and enhance trust for the human-centric Internet 825618
European Commission
ADAPT: Centre for Digital Content Platform Research 13/RC/2106
Science Foundation Ireland