In May next year the new General Data Protection Regulations are set to strengthen the security of our personal data and help citizens take more control over their information.
And this can’t come soon enough: research by Broadband Genie has found that many people don’t feel in control, and don’t know where to turn if there’s a problem with the misuse of data. The data gathered by web sites and services can be extremely valuable to organisations, and extremely damaging for us if it falls into the wrong hands.
Some of changes introduced by the General Data Protection Regulation (GDPR) include:
- Organisations must clearly explain how collected data is to be used
- There must be a record of consent for data collection
- Data breaches must be reported within 72 hours of discovery
- Organisations must say how long information will be stored for
- When data is no longer required, and upon subject request, data must be erased
- Failure to comply with the regulations can result in fines up to €20m or 4% gross revenue (whichever is higher)
In a survey we queried 1,500 Broadband Genie visitors to find out how much they knew about data protection rules, and how they felt about the collection of data.
62% of respondents said they did not feel in control of the personal data gathered by organisations.
All too often it’s not clear exactly what data is being gathered, or how it will be used. And while we do have the right to ask companies and organisations what data is held about us, this is not a commonly exercised right.
Just 9% of those in our survey had ever asked for information about personal data stored by an organisation.
It’s also very easy to report possible data misuse to the Information Commissioner’s Office (ICO). But while 92% said they would do this, 60% of them also admitted that they didn’t know how.
Data regulation breaches can be reported to the ICO via their web site. You can also write to any organisation to request details of any data they hold about you.