Data PrivacyWhat are Types of Consent for Data Processing?

What are Types of Consent for Data Processing?

Consent is the key element under the Digital Personal Data Protection Act,2023. The enactment requires that the Consent must be freely given, specific, informed, and unambiguous.

Below are the different types of consents in data protection to be obtained from the Data Principal, explained with examples.

1. Explicit Consent

Definition

Explicit consent leaves no room for ambiguity and requires a direct statement of consent from the data subject.

Example

A medical research company seeking to use a patient’s medical records for a study would present the individual with a clear, specific consent form outlining the nature of the study, the exact data to be used, and the purpose behind it. The patient must sign and date this form to provide explicit consent.

Use-Cases

• Sensitive data such as health records, biometric data, or religious affiliations.
• Where the legal requirement explicitly mandates it.

2. Implied or Inferred Consent

Definition

Implied consent is inferred from the actions or circumstances of the data subject, rather than a direct or written statement of consent.

Example

By browsing through an online shopping website and adding items to the cart, you implicitly consent to the use of cookies to track your shopping preferences for a personalised experience.

Use-Cases

• General web tracking through cookies.
• Business-card exchange at a conference, implying consent to be contacted.

3. Opt-In Consent

Definition

Opt-in consent requires the individual to take proactive action to give their consent, such as ticking a box.

Example

A newsletter subscription form on a website that includes an unchecked box stating, “Yes, I want to receive monthly updates.” Users must check the box to opt-in.

Use-Cases

• Email marketing subscriptions.
• Service updates and notifications.

4. Opt-Out Consent

Definition

Opt-out consent places the onus on the individual to remove themselves from a particular service or feature.

Example

A company sends promotional emails that include a line at the bottom saying, “If you wish to stop receiving these emails, click here to unsubscribe.”

Use-Cases

• Unsubscribing from email lists.
• Disabling personalized ads in an application’s settings.

5. Granular Consent

Definition

Granular consent offers options to consent to one or several types of processing independently.

Example

Upon installing a new app, the user is given options to consent to sharing location data, contacts, and/or photos, each with its own “Yes” or “No” option.

Use-Cases

• Applications that require multiple permissions.
• Research studies involving different levels of participation.

6. Blanket Consent

Definition

Blanket consent covers multiple activities or types of data processing but should generally be avoided under strict regulations like GDPR.

Example

A single checkbox during software installation that says, “I agree to the Terms and Conditions and the Privacy Policy,” without further elaboration.

Use-Cases

• Simple, low-risk services where detailed consent may not be crucial (though this is increasingly frowned upon in strict legal frameworks).

7. Freely-Given Consent

Definition

Consent must be given freely, without coercion or conditions tied to a service that does not require such consent.

Example

An online service should not say, “Agree to share your contact list to use this service,” unless sharing the contact list is essential to the service offered.

Use-Cases

• Any situation where consent is required should ensure that it is freely given.

By understanding these different types of consents, businesses can more effectively comply with data protection laws, ensuring that the data subjects’ rights are respected in terms of the Digital Personal data Protection Act,2023. However, it is always advised to  consult an expert to implement these types of consent adequately.

For any query or feedback, please feel free to get in touch with dataprivacy@amlegals.com or mridusha.guha@amlegals.com