Web of Secrecy: most organisations failing to inform users about what will happen to their personal data
10 November 2017 #Data Protection
The ICO has led a global investigation of website privacy communications on behalf of the Global Privacy Enforcement Network (GPEN) and found many organisations’ data protection practices are lacking.
Globally, GPEN came to the conclusion that in relation to privacy communications, organisations tended to be vague, and lacked specific details. A majority of organisations reviewed also demonstrated failures in:
- specifying how and where information would be stored;
- adequately explaining whether data would be shared with third parties and what information would be shared;
- providing users with a clear means of removing their personal data from a website;
- making it clear how a user could access data held about them; and,
- providing information on the safeguarding of data.
Clearly, many companies worldwide still have a long way to go to meet upcoming GDPR requirements. These requirements are not only applicable to organisations based within the EU, but also those that do business within the EU. The UK government has confirmed that despite Brexit, the GDPR will apply to the UK.
Be the first to comment on this blog.