ICO Advice on Data Protection
The Information Commissioners Officer (ICO) has provided businesses collecting personal data with draft guidelines to help protect against breaches of the Data Protection Act.
Speaking at a personal information online conference in Manchester this month, Information Commissioner, Christopher Graham, has told businesses to offer consumers more control over the use of their personal data regarding online profiles, deleting accounts, and more personalised privacy settings.
"The internet plays a huge role in our everyday lives as we do more of our business online than ever before,” said Mr Graham. "Customers can always vote with their feet and punish organisations that they feel have let them down."
The draft code has warned businesses of certain practices if they are to minimise the risk to the individuals whose personal data they collect. These are:
- Do not be secretive or deceptive in the way you handle people’s personal data.
- Do not try to gain an advantage by using personal data in a way that people wouldn’t expect or might object to.
- Do not collect personal data you don’t need – this involves extra storage costs and additional risk – for example if there is a data loss.
- Do get the best security you can afford – a big data loss or a loss of sensitive personal data could undermine public confidence in your company and cause great commercial damage.
Do not assume that because you are based in the UK you can ignore other countries’ laws. If you use equipment in another country or collect personal data about people outside the UK, you may need to comply with other countries’ laws.
"The draft Code of Practice explains a difficult area of the law and provides practical advice on a range of online privacy issues," said ICO Head of Data Protection Projects, Iain Bourne. "It urges organisations to do more to explain what they do with the information they collect about people and to make sure they use it in line with individuals’ wishes."
A consultation regarding the guidelines began on 9th December 2009 and ends on 5th March 2010.