The Information Commissioner's Office (ICO) has called on consumers to use their legal rights to manage their personal information - because organisations aren't doing such a great job.
An ICO-sponsored survey of over 2,000 UK adults found the level of awareness around the importance of personal data had grown 95 per cent considered it quite' or very' valuable and more than 70 per cent claimed to routinely shred personal documents.
But it revealed 44 per cent of those questioned by the ICM Research poll had never considered contacting an organisation to find out what information it holds about them. More alarmingly, 40 per cent admitted they would hand over their details to a company without knowing whether it was trustworthy.
David Smith, ICO deputy commissioner, said people need to realise that the more personal data they provide to organisations, the greater the risk was that it would become out-of-date, be held for longer than the Data Protection Act (DPA) stipulates, or fall into the wrong hands.
"The more people that use their rights [under the DPA] to check what information is held about them, the stronger the signal to organisations that the mismanagement of peoples personal details will not be tolerated," Smith said.
Demonstrating the risks when too much personal information is kept by organisations, the ICO said that frequent data breaches should urge people to take the protection of their personal information even more seriously.
With that in mind, the ICO has launched a new online tool to help consumers do their bit to protect and manage their personal information.
Smith said: "Our Personal Information Healthcheck is suitable for everyone, whether they've never before thought about protecting their personal information or could just benefit from a few extra tips and ideas."
The 'healthcheck' is of a list of questions about the storage and management of personal information - like PIN numbers and passports - that is used to score the level of risk a person takes with their data and offer relevant security advice.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
23andMe 'failed to take basic steps' to safeguard customer dataNews The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
