News
A quarter of UK consumers eye up potential GDPR compensation pay-outs
October 2017 by Macro 4
Simple curiosity, the lure of compensation pay-outs,
and the chance to get their own back on companies who might have treated them badly:
these are some of the reasons that will tempt consumers to use new rights coming in
under the General Data Protection Regulation (GDPR), allowing individuals to request
access to all the personal information any organization is holding about them, new
research suggests.
Under the GDPR, a major shake-up of data privacy laws which comes into effect next
May, data access requests such as these must be turned around free of charge and
within 30 days. Businesses will need to have adequate systems and processes in place
to quickly locate individuals’ personal information and be ready to handle the
extra administration involved.
The survey of 1,000 UK consumers suggests that around half (52 per cent) would make
a request if they suspected their personal information was being held without their
consent; 39 per cent would consider doing it just because they are curious to see
what data companies are holding about them; and 26 per cent would make a request if
there was a chance of compensation - which is possible if the rules were not being
followed or their privacy was being breached, for example. 17 per cent would make a
request in order to ‘get back’ at companies who had given them a negative
experience.
In fact, only seven per cent of UK consumers would not be interested in seeing the
personal information companies are holding about them, according to the survey
carried out by UNICOM® Global’s Macro 4 division in partnership with MaruUsurv,
the online survey company.
GDPR requests will pose a challenge for organizations both because personal data now
includes so many different types of information and because it is difficult to
predict just how many requests to prepare for, explained Lynda Kershaw, Marketing
Manager at Macro 4, which provides IT solutions to support GDPR compliance.
“Personal information can be anything that is identifiable to an individual:
everything from contact details, date of birth and credit card numbers, to
information within emails and social media conversations, letters, bills and policy
documents. Much of this is unstructured information held in separate systems
controlled by different business departments and cannot be pulled together at the
snap of your fingers.
“And things get even more complicated if you’re an online or ecommerce business
that tracks people’s online behavior - such as the web pages they visit and ads
they click - for marketing purposes. Under the new rules, cookies, IP addresses and
other online identifiers all count as personal data. You need to explain exactly how
you are using this kind of information, and be able to respond to customer queries
about it, too.”
62 per cent of the survey sample said they want stricter rules surrounding data
collected about people’s online behavior (sites they visit, ads they click and
purchases they make). The GDPR takes account of this by classifying online
identifiers such as computer IP addresses as personal information.
Surprisingly, with over six months to go before the GDPR takes effect, the research
suggests that 66 per cent of consumers already have some awareness of the
regulation. 43 per cent say they want to see bigger fines for companies who are not
following data protection rules.
While tough financial penalties are expected for failing to comply with the GDPR,
experts believe companies should also be concerned about compensation litigation,
which could mimic the activity that has grown around Payment Protection Insurance
(PPI) compensation pay-outs. This supposes that hundreds or thousands of individuals
could be brought together by law firms to mount ‘no-win, no-fee’ class actions
against organizations who have not adhered to the new data privacy regulation.
Other findings of the Macro 4 research include:
– 42% of consumers find it difficult to keep track of personal information
they have consented to organizations collecting
– 41% would be more likely to use a company that made it easier to
understand what personal information they are holding and how it will be used
– 31% want companies to provide discounts, special offers and other
incentives in exchange for their personal information
For more background on the survey results download Macro 4’s accompanying report
‘The GDPR: what consumers think’ at:
http://www.macro4.com/the-gdpr-what-consumers-think.
About the survey
Macro 4 partnered with online survey company MaruUsurv to run a survey of 1,000 UK
adults in September 2017.
