Since the beginning of online services, lawyers have been the major influence upon the customer consent process. Their preferred instrument is to produce dense content, such as terms and conditions, combined with a tick box for the customer to acknowledge they have read, understood and given their consent. In practice, most people don’t read this type of content and even when they do it is not easy to read, let alone understand. This approach has failed and sadly led to more regulation as the use of personal data has been exploited beyond the bounds of reasonableness.

The EU GDPR (General Data Protection Regulation), which goes live on the 25th May 2018, includes addressing customer consent in context to each distinctive use of their personal data. This regulation is explicit that private and public organisations need to show that the customer truly has consented for their personal data to be used. GDPR is quite explicit to say a tick box is simply not enough to demonstrate customer understanding.

So, what are most organisations doing to redesign their consent process? Naturally, they are involving the lawyers again, the very profession that arguably contributed to the problem in the first place.

It would be prudent to undertake usability and understandability tests of the redesigned consent process, especially for the situation where multiple consents are required for different uses of the data. The usability and understandability tests ought to cover a spread of different personas. In addition, check and balances are needed from time to time, after consent has been obtained as part of treating customers fairly.

My expectation, is chatbots will eventually become the preferred instrument for consent once the lawyers accept their traditional modus operandi of dense content is no longer fit for purpose as the online world continues to evolve.