ISO/IEC 27560 Is Now Freely Available

ISO/IEC 27560, the global standard for consent records, is now freely available — a significant milestone for privacy and data protection.

This means that all organisations, including small businesses, can now implement structured, verifiable consent records without financial barriers. Adoption should be universal — privacy is a right, not a privilege.

Making a standard free

ISO does not take making standards free lightly, given its business model. But through persistence, the co-editors — myself, Andrew Hughes, and Kelvin Magtalas — together with critical help from Harshvardhan Pandit, managed to secure an exception to promote wider adoption of ISO/IEC 27560 and other privacy-focused ISO standards.

The day I received the message from Nat Sakimura (editor of ISO/IEC 29184) that 27560 would be made free, I happened to be with Andrew at EIC in Berlin. We snapped a picture together to mark the occasion. The timing could not have been better.

Why it matters now

ISO/IEC 27560 builds on ISO/IEC 29184 and enables compliance, transparency, and individual control over personal data. It comes at the perfect time, as the world prepares for the EU’s EUDI Wallet (eIDAS 2.0) and heightened regulatory focus on consent transparency.

The standard provides a structured format for consent records that supports:

• Compliance — Demonstrate lawful basis for data processing under GDPR and similar regulations
• Transparency — Give individuals clear, verifiable records of what they consented to
• Interoperability — Enable consistent consent records across systems and jurisdictions

Get the standard

The standard is available for free download from ISO. If your organisation processes personal data — and most do — ISO/IEC 27560 provides a practical, standards-based approach to managing consent records.

Let’s make consent clear, immutable, and actionable — everywhere.

Originally shared on LinkedIn.