Promises, Promises

Meant to mention this last week, but congrats to the Information Commissioner’s Office (ICO), on the new Data Protection Promise. Good to see the safeguarding of personal data getting a much-needed boost – particularly as 99 data breaches (no, not Luftballons!), were reported to the ICO in the final quarter of 2008 alone.

According to ICO research, 95 per cent of companies are apparently strong advocates of the Data Protection Act. Which is just as well, as an estimated 70 per cent of consumers are concerned about the amount of personal information companies hold about them, say Ofcom.

I have a couple of minor quibbles with the Promise, though: (i) it commits signatories to what I regard as being minimum ‘good practice’ standards; and (ii) as we’ve all seen more gaffs in recent months than the North Atlantic tuna fleet, shouldn’t we, as responsible data handlers, be trying to raise the bar and do more?

But I don’t want to throw the data baby out with the ICO bathwater. With an estimated 100 million items of misaddressed mail still providing too ample opportunity for fraudsters each year (address forwarding fraud constituted a disconcertingly high 36 per cent of total ID fraud cases in 2008), let’s hope advocacy translates into tangible data hygiene and security action in 2009.