We all remember privacy policy gate, right? In the build-up to GDPR coming into power in May 2018, companies lost the plot and destroyed our inboxes with privacy policies. Thankfully, according to a report by the Data Protection Commission of Ireland, public knowledge around data protection has gone far beyond an email inconvenience.
Here are some of the key findings from the DPC’s first annual report which looks at 25 May to 31 December 2018.
The Public’s Concern With Data Protection
The report’s findings show there’s been a significant increase in how the public view their data protection rights. During the period of the report, 4740 valid breaches of data security were recorded versus 2795 in 2017. It’s no coincidence this increase accompanies the introduction of GDPR as the people now realise that companies and organisations have a responsibility to protect the personal data of people who trust them.
My own example is another way GDPR can be used to take back control of your own personal data. In short, I looked at the Catholic church as an organisation who has my personal data without my consent. So I raised it with the DPC. I’m still waiting for this to be resolved, but it’s moving in the right direction, an indicator that people really could take back the power when it comes to their own personal data.
Helen Dixon: Data Protection Commissioner
The Irish DPC is fast becoming the hub of data protection in Europe. The Data Protection Commissioner, Helen Dixon, believes “the rise in the number of complaints and queries demonstrates a new level of mobilisation to action on the part of individuals to tackle what they see as misuse or failure to adequately explain what is being done with their data.”
GDPR has made a massive impact with Dixon stating “Although we are still in the stage of having to bust some myths and misunderstandings that have built up around the GDPR, we feel very optimistic about the improvements we will see in Ireland in personal-data-handling practices over the next few years.”
Data Protection Case Studies
Perhaps the highlight of the report is a collection of case studies which really helped me to understand just how far-reaching GDPR is. In here, you’ll be able to read about how Currys took a customer’s email address for the sending of a receipt, but then this email was used for marketing. There’s also a mention of how Ryanair sent customer details to another customer with the mistake being found out when the two customers ended up talking about the incident.
We’ve reached a stage now where, thanks to GDPR, people have somewhere to go when they fell their data rights have been infringed upon.
I know you didn’t wake up this morning thinking you’d read a data protection report, but those case studies really are interesting. Give it a go, you might like it.