THE NUMBER of complaints from people seeking access to personal information held on them increased last year due to the economic downturn, with many people concerned about potential or actual dismissal from their jobs.
Data Protection Commissioner Billy Hawkes said yesterday the top item for complaints to his office in 2010 was about failure to respond adequately to requests for access to personal data.
Individuals have a right under the Data Protection Acts to be given this data. “In past years, the top spot was always occupied by unsolicited direct marketing,” Mr Hawkes said. “I think with the economic downturn we are currently suffering, we’ve seen increasing use of the right of access by people who are fearful that they are going to lose their jobs or, who sometimes may have lost them.
“They are using the right of access to see what exactly is going on in relation to them within a particular organisation, or to see was it justified that they should have been picked out for dismissal from the company.”
Mr Hawkes said that despite the best efforts of many companies, Irish people continued to complain their data protection rights were not being respected. His office opened some 783 formal complaints last year, of which 39 per cent related to people seeking access to their personal data.
In 2009, the number of complaints in this category was 29 per cent of an overall 914 complaints.
Mr Hawkes said he thought the downturn was also tempting some companies to opt for cheaper forms of marketing “but unfortunately, without asking for consumer consent”. He said his office had been active in prosecuting “repeat offenders” because it is a criminal offence to send such marketing by electronic means.
He was speaking at the third annual Irish Computer Society Data Protection Conference in Dublin. Mr Hawkes told delegates he hoped the statistics would show how failing to respect customer privacy carried a cost, and that treating personal data was “simply good customer service”.
There has also been a “very significant” increase in the number of reports of security breaches in the past year. The figures rose from 119 in 2009 to more than 400 last year. In 2009, theft of laptops or other IT equipment was the main source of breaches. But last year, the main source was more traditional types such as mistakes with direct mailing, with information sent to the wrong person. Mr Hawkes said many of these affected only a few customers.
“It’s now less usual, but unfortunately still too common, to have reports of large-scale data breaches due to loss of unencrypted data equipment.” Most recent examples of data breaches cited at the conference included theft of the GAA’s database of over half a million members, with details that included sensitive health information in some cases.
Also cited was the hacking of Fine Gael’s new election website, which resulted in the theft of data on more than 2,000 people who had submitted comments. An Irish Times story on an investigation into Fianna Fáil for allegedly sending unsolicited e-mails ahead of the election was also cited.
Mr Hawkes told The Irish Timeshis office had liaised with Fine Gael and it had addressed the original issue of how it was using information gathered on its site. It emerged that, in some cases, the e-mail addresses used by Fianna Fáil had been given to the party by individuals themselves.