What is a significant requirement for consent under GDPR?

Under GDPR (General Data Protection Regulation), a significant requirement for consent is the need for individuals to have the option to opt-out of direct marketing. This regulation emphasizes that consent must be freely given, informed, specific, and unambiguous. Therefore, individuals must have a clear choice regarding whether they wish to receive marketing communications. The ability to opt-out provides individuals with control over their personal data and ensures that they can withdraw their consent at any time, aligning with GDPR's principles of transparency and individual rights.

In contrast, implicit consent is not sufficient under GDPR, as the regulation requires a clear affirmative action for consent to be valid. Unlimited consent duration is problematic because consent must be regularly reviewed and is not intended to last indefinitely. Verbal consent, while potentially valid, is often difficult to prove and generally does not meet the strict requirements outlined by GDPR for specific and informed consent.