The Role of Consent in Legitimising the Processing of Personal Data Under the Current EU Data Protection Framework

Abstract

A large amount of personal data is being collected in the form of metadata or personal identification data having the potential of invading the privacy of the data subject, even when collected anonymously. The consent is an instrument in the hands of data subjects to control their personal data in the context of EU data privacy framework. The consent plays an important role in legitimising the processing of personal data and EU has place high stakes on this concept at the cost of other legitimising factors like contract, which probably would be a more attractive proposition for market forces. There is a real possibility that by the time GDPR is adopted by member states, the enforcement of the violations of the provisions related to the consent becomes impossible and redundant in view of rapidly evolving information society services.