ISO/IEC 27560 defines how organisations should create, store, and manage consent records. As lead editor of this standard — now freely available — I explain what it covers, why it matters for GDPR compliance and EUDI wallet ecosystems, and how to get started with implementation.
ISO/IEC 27560, the global standard for consent records, is now freely available — a significant milestone for privacy and data protection. This means that all organisations, including small businesses, can now implement structured, verifiable consent records without financial barriers. Adoption should be universal — privacy is a right, not a privilege. Making a standard free ISO does not take making standards free lightly, given its business model. But through persistence, the co-editors — myself, Andrew Hughes, and Kelvin Magtalas — together with critical help from Harshvardhan Pandit, managed to secure an exception to promote wider adoption of ISO/IEC 27560 and other privacy-focused ISO standards. ...