Information Commissioner’s Office is set to expand its powers in the UK, meaning companies have to be more careful than ever when handling consumer data. Roger Llewellyn, CEO of data analysis expert, Kognitio, looks at how firms can avoid treading on the toes of the ICO as it plans to reveal the results of its consultation at the beginning of the new year.
Most businesses today have easy access to consumer information, which can prove invaluable for spotting and analysing consumer purchasing patterns, trends and general promotion opportunities at seasonal periods throughout the year.
With the introduction of loyalty cards and e-commerce sites, organisations now have an even bigger database of information, thus they need to know when and how to properly use this information, without drawing the attention of the Information Commissioner’s Office and other regulators.
MPs have been debating the impact of the Internet on personal privacy, and organisations such as the ICO are champing at the bit for greater leeway to punish organisations that they believe abuse consumer data.
As a result, if organisations continue to spend, spend spend on online marketing and e-commerce, they will need to ensure they correctly use the data that they collect from customers.
Already the ICO has penalised organisations that lose or abuse data with penalties ranging from anywhere between an information notice – whereby the ICO will contact the company asking for information within a certain period of time in relation to a complaint or suspicious activity – to a monetary penalty of an amount determined by the ICO, up to a maximum of £500,000.
Influence from the European Union also means that its powers are likely to be increased very soon.
With the ICO’s consultation on data sharing well underway and the results set to be announced on 5th January 2011, businesses need to begin preparing for any new, more stringent regulations they might have thrown at them in the new code of practice that will result.
Just earlier this year, the ICO was forced to serve enforcement notices on SAS Fire & Security Systems Ltd and Direct Response Security Systems Limited – a penalty under the ICO’s existing guidelines – in response to complaints about the companies cold-calling consumers, abusing confidential contact details.
The existing guidelines as they stand are relatively lenient: in future, such organisations could face far worse penalties. Since the current consultation is a prolonged process, businesses will have no excuse if they get on the wrong side of the ICO.
Organisations can help protect themselves and their customers without treading on the toes of the ICO by understanding exactly where the value of personal data is found.
A single, detailed piece of personal information is of no use to anybody, except criminals. But 10,000 or more items of anonymous data, such as customers’ purchasing histories or their online activity on retail or other websites, can provide near-infinite information on trends, viewpoints and opportunities in the general population.
Therefore, organisations should be collecting the bare minimum of personal details and keeping it sealed away (or deleted) from any prying eyes. Their interest and their success will come from that data which is of the least threat to the consumer.
Personal details such as names, addresses, post codes, phone numbers, and email addresses should be deleted or not collected in the first place.
Organisations also need to ensure that their databases are secure from physical or electronic attacks, while those using a service likewise need to ensure that the company they are trusting with their and their customers’ data is 100% watertight.
It is in the interest of marketers and other organisations to keep up-to-date with the ICO’s actions, to ensure that they are following the existing guidelines and are prepared for any onslaught of new regulations the ICO might throw at them in the new year. By complying with the basics of data protection regulations ahead of the consultation results, businesses can remain a step ahead of the ICO, maintain a good relationship with their customer base and still garner the intelligence that is vital to understand buying patterns and increase profits.
Roger Llewellyn
CEO
Kognitio
www.kognitio.com