We recently undertook a review of the GDPR enforcements by the ICO over the past 12 months, which revealed that lack of consent, failure to comply with control responsibilities and data security are the three most common infringements since July 2021. Sixty-one per cent of the 28 enforcements were found to be in breach of Article 4.11 which states: ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.  Article 4.7 and 5.1f were both breached by 14 per cent of the organisations who [...]