If we want to use digital services, we must agree that the services providers store and process our personal data. This consent must be "informed" and voluntary. We should therefore know for how long and for what purpose our data are stored and processed, and whether the data may be passed on to third parties. We can revoke consent at any time. All this leads to the fact that the declarations of consent presented by the providers are usually long and complicated – and that we increasingly click "I agree" without having thoroughly read and understood everything. This harms mutual trust.
How would a technical solution to this issue look like? There are already ideas: "Personal Information Management Services" (PIMS) or "PETs" (Privacy Enhancing Technologies). These concepts are hardly known in Germany. In other European countries they have been discussed for some time. The Foundation for Data Protection has investigated these approaches and presented the study "New Approaches to Consent" in March 2017. Supported by the Federal Ministry of the Interior, the authors explain the current concepts, discuss the technical, economic and legal requirements and develop concrete recommendations for action for politics, research and the data processing economy.
Link to publication