Data holders to be ‘inundated’ by post-GDPR privacy requests
Organisations are being warned to prepare for an influx of data privacy requests after 25th May.
Findings from a study by Veritas Technologies indicate that many organisations will be ‘inundated with requests’ for personal information from UK consumers, with 40% already planning to take advantage of their data privacy rights within six months after the General Data Protection Regulation (GDPR) comes into effect on May 25.
Under GDPR, European Union residents will have greater control over their personal data. EU residents already have the right to ask a company what personal data is held on them (e.g., gender, age, location, sexual preference, religious beliefs, passport/ driver’s licence information, etc.).
From May 25, they will also have enhanced rights to ask to have their data deleted (‘right to be forgotten’). Businesses will be required to sufficiently respond to these requests within one month of request receipt.
The 2018 Veritas GDPR Consumer Study, commissioned by Veritas Technologies and conducted by 3GEM, surveyed 3,000 adults, including 1,000 in the UK. It suggests that consumers are most likely to target the following industries with personal data requests:
- Financial services companies, including banks and insurance companies (56%)
- Social media companies (48%)
- Retailers (46%)
- Former, current or potential employers (24%)
The findings come as consumers reveal an increasing need to regain control over their personal data as trust in businesses to protect data fades, and as more and more consumers show a desire to put organisations to the test to understand whether they value consumer rights, the survey suggests.
“In light of recent events surrounding the use of personal data by social media, and other organisations, consumers are taking much more interest in how their data is used and stored by businesses across many sectors,” said Mike Palmer, Executive Vice President & Chief Product Officer at Veritas Technologies.
“With a flood of personal data requests coming their way in the months ahead, [data holders] must retain the trust of consumers by demonstrating that they have comprehensive data governance strategies in place to achieve regulatory compliance.”