EU firms ignore more than 40% of customer data requests

EU companies are ignoring more than four out of ten data requests from their customers, it is claimed

European businesses are ignoring laws that require them to let customers see their data.

More than 40 per cent of firms tested by researchers made the process of obtaining citizen data "complex, confusing and unsuccessful". A University of Sheffield team made 184 data requests to companies across 10 European countries, with 43 per cent resulting in non-disclosure.

In more than half of cases, no response was received concerning how the companies shared customer data with third parties.

"We part with our personal data on a daily basis, creating vast and invisible reservoirs of actionable personal information," said study leader Professor Clive Norris. "We do this actively and passively, and our experience of the world is reshaped in ways that we don't appreciate.

Advertisement - Article continues below
Advertisement - Article continues below

"We are selectively marketed to, our locations are tracked by CCTV and automated licence plate recognition systems and our online behaviour is monitored, analysed, stored and used.

"The challenge for all of us is that our information is often kept from us, despite the law and despite our best efforts to access it," he added.

The university study forms part of a project funded by the EU looking into citizen interactions with surveillance in health, transport, employment, finance, leisure security and criminal justice.

In 71 per cent of cases, the requests for information sent by the researchers were not addressed in a legally compliant manner, while in only 34 per cent cases an acknowledgement letter was received. Even when a company did reply to the requests, the team said the process was often time-consuming and complex.

Public sector bodies performed far better than their commercial counterparts, while loyalty card scheme operators disclosed their data 86 per cent of the time. Only 30 per cent of banks disclosed information about third-party access.

The team actually found it impossible to locate a specific officer or department for data requests in 20 per cent of cases. Requests for CCTV footage were particularly problematic; seven out of ten of data requests regarding it were blocked or held up.

Advertisement - Article continues below

"In our view, there is an urgent requirement for policymakers to address the failure of law at the European level and its implementation into national law," said Norris.

"They need to train their staff so they are aware of their responsibilities under law; and they need to implement clear and unambiguous procedures to facilitate citizens making access requests."

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now


data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Policy & legislation

Breaking up big tech 'will cause more problems', says EU

8 Nov 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019
Policy & legislation

EU shelves plans to impose digital tax

13 Mar 2019

Most Popular

cloud computing

Google Cloud snaps up multi-cloud analytics platform for $2.6bn

13 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Microsoft Azure

Microsoft Azure is a testament to Satya Nadella’s strategic nouse

14 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020