It was once said that money runs the world. Not anymore. Data, more specifically personal data, is the real currency of the modern world. You’ll have spotted in the news that this week Mark Zuckerberg, the CEO and founder of Facebook has been called to give evidence to the US Senate about over how data is shared in the US. This followed from the Cambridge Analytica scandal which saw millions of Facebook users’ data harvested, and then manipulated, allegedly to influence the outcome in the US election.
This case differs from other data scandals before it. There was no implication of financial data or data like your national insurance or payroll number being compromised. It was data around our preferences, the things that make us tick or turns us off, that they were after. For many, a much more sinister breach than your average phishing scam. Whilst no one was trying to break into bank accounts or hack emails, this personal data was being used to infiltrate our minds and influence our decisions – positively Orwellian in its intentions.
A reported line of defence being advanced by Facebook’s is that, technically, this wasn’t a data breach. Indeed, everyone whose data was harvested gave their consent. But is this really any better? If this was the work of a sophisticated group of expert hackers, although Facebook’s firewalls would be open to scrutiny, Facebook itself could be seen as a victim. The fact that no systems were infiltrated, that no passwords or sensitive pieces of information were stolen or hacked, is a salutary reminder of the power in our data and the responsibility of brands to guard and defend our own data and the data our customers share with us.
Post Office, like almost every other brand in the UK, holds a wealth of data. We collect it from our customers. We request it from our employees. We expect it from our partners. And just as there is huge power in having this data, what also comes with this data is a heavy weight of responsibility. Facebook’s error reminds us of the importance of transparency when communicating with customers about how we use and safeguard their data.
Chris Russell, Data Protection Officer commented that:
“Post Office have invested significant resources through the GDRP Programme, both on the IT and Operational side, to ensure that when our customers and employees entrust us with their personal data that the integrity of their personal data isn’t compromised.
A significant effort has been placed on our transparency obligations ensuring that when we collect personal data from customers and employees that they are fully informed on what the data will be used for, who will have access to it and significantly any use that wouldn’t be expected by the individual.
This transparency is at the heart of everything Post Office stands for, Paula has said previously that; ‘we are a commercial organization with a social purpose’ . For me that translates to when Post Office are entrusted with our customers valuable assets we owe not just a legal obligation but a moral obligation to do the right thing with personal data.”
Data is such a powerful asset to any business. And with great power comes great responsibility. We must continue to strive for excellence in this arena, to ensure peace of mind for our customers and the integrity of our brand.