Drawing largely from the experience under the GDPR and several EU digital laws, CIPL partnered with Bae, Kim & Lee LLC on this paper to make the case for shifting away from over-reliance on consent and exploring, instead, other legal bases such as contractual necessity and legitimate interest.
The paper argues that to ensure the viability and success of the digital economy and society, GDPR-style consent does not always have to be the go-to legal basis for an ever-expanding multitude of data processing scenarios where it is insufficient, ineffective, or impracticable.
The objective of this paper is to serve as a case study for law and policymakers in other jurisdictions looking to update their digital legislative frameworks.
Download the Paper
Download NowMore like this
March 2025
Privacy-Enhancing and Privacy-Preserving Technologies in AI: Enabling Data Use and Operationalizing Privacy by Design and Default
Find out more
March 2025
The Impact of Digital Advertising on Europe’s Competitiveness: A Study on the Role of Digital Advertising in Europe
Find out more
October 2024
Decoding Responsibility in the Era of Automated Decisions: Understanding the Implications of the CJEU’s SCHUFA Judgment
Find out more
September 2024
From Barriers to Bridges: Cloud Computing in Support of Privacy and Security
Find out more
April 2024
Enabling Benefits and Safe Uses of Biometric Technology Through Risk-Based Regulations
Find out more
December 2023
Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age
Find out more
