‘Pay or Consent’ part 2: The EDPB’s opinion and what it means for you  

Last Updated 14/05/2024

Following our previous post on understanding ‘Pay or Consent’ ad models part 1, the European Data Protection Board’s (EDPB) has released its opinion on the “pay or consent” ad model. We’re here to unpack these new insights and explain how they can help you enhance compliance, mitigate risks, and boost your business. 

Background on the EDPB’s position  

In recent guidelines, the EDPB outlined clear expectations for large platforms like Facebook on implementing ‘pay or consent’ models in line with GDPR. Key takeaways include: 

  • Clear and informed consent:  Users must have clear choices between ad-free and paid models, and fully understand the privacy implications of each choice. 
  • No penalties for opting out: Users should not be penalized if they prefer not to consent. For example, if they choose the payment option, it should not be prohibitively expensive. 
  • Additional alternatives:  While not mandatory, offering a comparable, ad-free version of services at no extra cost is recommended to support the notion of freely given consent. 

What this means for you  

Even if you don’t operate on the scale of the big tech giants, you can still benefit from adhering closely to these guidelines to build trust and avoid regulatory issues: 

  • Clarify your consent practices:  Simplify the language of your privacy policies and consent forms. Avoid legal jargon and make sure users understand what they’re agreeing to. 
  • Review your pay models:  Ensure that any opt-out fees are reasonable and justify the cost of the services you provide. Overpriced alternatives may invalidate ‘freely given’ consent. 
  • Document your process: Keep detailed records of your consent processes and fee structures. This helps prove your compliance and guides your ongoing improvements. 

Implementing these changes may seem challenging, but they are essential to ensure your operations run smoothly and your reputation remains intact. Keep in mind that these guidelines are primarily aimed at large platforms. If your business isn’t on this scale, the road to compliance is likely to be less complex, giving you more flexibility in how you adapt these principles. 

Need help with compliance?  

Navigating these regulations can be complex, but you don’t have to do it alone. LEXR can set you on the right path with our personalised privacy policies, as well as in-depth compliance assessments

We’re here to make sure your practices are not just compliant, but also leading the way in ethical data use.  Contact us today, and let’s transform these guidelines into growth opportunities for your business. 

By Francisco Arga e Lima

Junior Legal Counsel


Let’s Go!

Book a free, non-binding discovery call to discuss how we can help you achieve your business goals.

Or feel free to reach us directly via email at [email protected].

Book a free call