Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

In this white paper, the Centre for Information Policy Leadership aims to provide the WP29 and data privacy practitioners with input on transparency, consent and legitimate interest — three core concepts of the GDPR. Accordingly, the paper sets forth CIPL’s recommendations on how to apply and implement these concepts. It also notes certain open questions that might be further explored. The relevant GDPR provisions on each of these items are summarized at the end of this paper.