The amount of data available on individuals is now staggering. An ever-increasing number of companies are investing in new data technology, having finally begun to realise just how crucial the proper application of data can be for the development of their brand. Consumers’ personal profiles, their likes and dislikes and their online activity can all be logged. Credit card details and other confidential information are also stored. Extensive data for millions of customers is currently held within databases and, at present, it’s fair to say that the governance of this delicate information leaves a lot to be desired.
The main issue that consumers are unaware of is the overwhelming lack of security that burdens the industry. However, the sheer scale of the task casts a rather imposing shadow across many companies’ ability to effectively manage the colossal volume of information they hold. The average consumer does not comprehend the enormous array of technical issues which must be considered. Regular updating of IT infrastructure and procedure is required to ensure secure data storage, integrity and accessibility of information when necessary. The complexity of these operations, working simultaneously together, can lead to critical oversights.
Of course, they say that ignorance is bliss. But bliss only exists until disaster inevitably strikes and the issue is rather indelicately forced into the forefront. Problems usually come to the attention of the public in the form of security breaches, resulting from indistinct controls and flimsy processes. Infamous examples of these include government data sticks being left on trains through careless human error. Recently, Zurich UK was fined ₤2.28 million, having lost the personal data of 46,000 individuals. An entire year had passed before the loss was discovered. This comes amid news of yet another NHS breach, where a CD containing over 100 patient records was lost.
This sort of reliance on inefficient methods of data storage is an invitation for calamity, especially when considering that identity theft is the fastest growing crime in the UK. In fact, recent figures from CIFAS revealed that identity theft in the UK rose by 15 per cent in 2008 and by as much as 35 per cent in 2009.
The rise of social media has also raised a plethora of new issues. Consumers don’t know what information they need to be careful with and only find out when they are victims of criminal activity, such as credit fraud. Social media encourages the exchange of information on a deceptively casual level. People with Facebook and Twitter accounts must be very cautious when it comes to filling out profile details and publicising their information. The online environment is becoming an incredibly lucrative haven for criminals to target and take advantage of unsuspecting and unprotected consumers.
The trouble for the consumer rests in the assumption that social media brands and other organisations they have a relationship with have good data governance. People blindly place trust in brands’ abilities to formulate protected systems for data storage. This trust needs to be delivered upon by organisations of all sizes. They need to remember that the data they hold must be sound, that it’s secure and used within the parameters of the law.
When it comes to governance, too many companies have learned the hard way now that the buck stops with the data owner, and no one else.
By Ol Janus, managing director, EHS 4D Discovery