The GDPR and the problem of “simple” wording-based consent

An always present “advice” about GDPR’s consent gathering is “keep it simple and clear”.

This call for clarity, mainly advocated by the Data Protection Authorities themselves, is based on the assumption that legalese is actually a way to deceive the data subject into releasing a non well understood consent.

Clarity is a good thing but, in the law realm, must be practiced within the limit of the technical vocabulary.

One of the biggest mistake non-legal people always do when entering into this domain, is to think that they understand the law just because it is written with words they understand.

Nothing is more far from the true.

Take this example from an article titled “Decoding Doctor-Speak” :

Mr. Smith, let’s review the results of your blood tests. Your CBC, BMP, and LFTs were basically negative. You have prediabetes and a slightly elevated LDL, and since your BMI is 28, you should watch your diet and exercise more to prevent metabolic syndrome. Oh, and it’s OK to keep taking an occasional NSAID with food for your idiopathic knee pain;

That’s pretty close to Klingonese, isn’t it?

This is why this US News published article tries to explain in “plain-English” what the quoted fictional doctor said to Mr. Smith, by telling him what CBC, BMP, LFT and so on actually means.

But truth is, that to understand the “plain-English explanation” Mr. Smith is supposed to know, in advance:

  • what “blood cells”, “viral and bacterial infection” and “hemoglobin level” are,
  • why “levels of sodium, potassium, calcium and glucose” actually matter,
  • when “prediabetes” turns into “diabetes”

In other words, either Mr. Smith has a prior (minimum) education in the field of medicine, or he wouldn’t be able to understand even the “simplified” medical wording.

If you prefer a less dramatic example, you can try to explain to a person who’s not interested in tennis how does the game work without using words like “court”, “net”, “love”, “ace”, “second serve”, “volley” and so on.

I can imagine the dialog: “look, this court… ehmm, sorry, flat soil delimited by a series of rectangles is where players, holding a racket, no, wait, a shovel-like stick, must hit a ball and have it falls on the other side of the court… no, no, no, forget about “court”, it is still the flat soil delimited by a series of rectangles…

Coming to the GDPR’s Whereas 32, whose recital about consent requires that the information given to the data subject contain:

… unambiguous (emphasis added) indication of the data subject’s agreement to the processing of personal data relating to him or her,

it must be first remarked that a law shouldn’t use “negatives” because it is impossible to prove it (negativa non sunt probanda): I can provide evidence that I have been in Japan, but I can’t prove I never went there.

Second explaining the legal concepts in “plain-English” or whatever other languages, makes things actually more obscure because a single word (think of the difference between “possession” and “property”) carries a huge weight of legal knowledge.

To put it short: to explain technical things to a non technical people, you’d rather educate people instead of simplifying the language.

Unfortunately, while nobody actually think of being a doctor just because he knows what a Lymphocyte (more or less) looks like, and no one plans to participate to the next Grand Slam ? having watched for a few minutes a tennis match on a TV screen, a lot of people actually act as a legal-expert grounding their stance on the fact that law, at the end of the day, is just a sleight-of-word.

Leave a Reply

Your email address will not be published. Required fields are marked *