Guide for local authorities on consent in data protection

Local authority staff need to know how to comply with data protection law, so they can protect individuals and the authority. Consent and how it forms part of an organisation’s data protection duties is often misunderstood, which can cause problems for the authority, and confusion and upset for individuals.

The Pan-London Information Governance Lead at LOTI supports multi-agency public sector data sharing activities across London and nationally, and often advises projects on the correct lawful basis for processing personal data. This guide brings together that advice on consent, for local authorities and those agencies who partner with them.

Who should use it

This guide is for employees of local authorities, but it will also be helpful to other public sector organisations.

This guidance is written for people who are not information governance (IG) or data protection (DP) specialists.

IG professionals may use this guide with their teams or in training.

Aims

The guide supports local authority employees to:

• understand the specific meaning of consent when it is used as a lawful basis condition for processing personal data.
• understand why we usually don’t need consent to process personal data.
• treat people fairly and clearly explain what is happening with their data.

You can find more detailed information on consent on the website of the Information Commissioner’s Office (ICO).

< Information governance considerations for system or process testing

Topic-specific resources >