Do online services respect consent? Empirical evidence from the UK

Conference: Computer, Privacy and Data Protection (CPDP)

Dates: 22 January-24 February 2014

Abstract:

The presentation discussed the results of an empirical study carried out on a sample of most-popular UK websites in various sectors of e-commerce. The study comprises (1) a survey on the methods used by websites to seek and obtain consent to process personal data for direct marketing purposes, and (2) an experimental test on the frequency of unsolicited commercial emails (UCE) received by data subjects as a consequence of their registering and submitting personal data to websites. Based on the analysis of the elements that ought to be in place to seek and obtain valid consent under EU law, the study unveils a striking departure between current EU data protection requirements and practice in processing personal data by UK commercial websites. The discussion will address possible explanations of this gap, and workable solutions to reduce it.

Source: Manual