Technology

Posted on July 11, 2016 by staff

Public need to be more aware about data

Technology

One of the people tasked with making sure data is handled properly said there needs be more awareness about the matter.

Carl Wiper is a senior policy officer at the Information Commissioner’s Office, which regulates the Data Protection Act.

Wiper was speaking at a Big Data and Internet of Things conference organised by law firm Weightmans in conjunction with BusinessCloud and sponsored by the University of Liverpool.

He told a packed audience at the Martin Luther King Building, in Liverpool: “We try and ensure that organisations that are handling personal data are doing it in the right way. If there are breaches we do have the power to take enforcement action.

“Organisations that are using personal data need to be as transparent as possible with those customers and they need to think of it from the customers’ point of view. If you told them everything you were doing would they think better or worse of you as an organisation? That’s an important key principle.

“I think people, all of us, are not sufficiently aware of how our data is being collected and use. All of us are reluctant to read lengthy terms and conditions. It would be wrong to assume people don’t really care about what happens to their personal data and are blasé. There’s plenty of evidence to show that isn’t the case.

“It can be challenging to give people this information in a way that they can understand, especially as none of us wants to spend a long time reading terms and conditions.

” Last year Pharmacy2U Ltd was fined £130,000 by the ICO for selling on details of 20,000 customers to marketing companies without their consent.

“This illustrates the need for companies to follow basic data protection principles if they are trading in customer details,” said Wiper.

“Companies should consider whether they actually need to use data that identifies individuals in the initial ‘discovery’ phase of a big data project. Using anonymised data instead takes the processing out of the scope of data protection.

“Some of the breaches  that we have to investigate are caused by simple human error. I think a lot of it comes down to training.”