Jane Devine: The data protection battle

HOW many times recently have you answered the phone to be greeted with someone saying “hello, I’m calling from - insert name of unrecognisable company – can you just confirm some personal details for me please?”
By The Newsroom
Published 13th Oct 2013, 19:59 BST
'Banks, insurance companies and others need to put in more effort to distinguish themselves from scammers'. Picture: PA'Banks, insurance companies and others need to put in more effort to distinguish themselves from scammers'. Picture: PA
'Banks, insurance companies and others need to put in more effort to distinguish themselves from scammers'. Picture: PA

My answer is usually no, on the basis that I have no idea who they are. They may well be genuine and perhaps I just don’t recognise the parent company name they are quoting; maybe they really are calling on behalf of an organisation I do do business with, but how do I know?

Another tactic of mine recently was to refuse to answer their questions until they told me something about me, or more specifically my business dealings with them that only they could know. If they could confirm the date of my last direct debit and the amount, for example, I would know it was them.

Hide Ad
Hide Ad

But they can’t do that, apparently, because of data protection. Isn’t that the protection of my data: data that, presumably, I gave them in the first place? What they are saying is that they can’t share things about me with me, even though they called me and I don’t know who they are, in case I’m not me.

It’s bafflingly stupid and more so because the outcome of the conversation tends to be that I ask them to write to me with whatever demands they have. And they do. Yet the only guarantee they have that they are not breaking “data protection” when communicating by mail is that they put my name on an envelope.

As computers do more and more for us, we have less contact with people in places which are easy to verify as genuine. Our contact with banks, for example, is rarely now through branches and more likely to be through text, email or a call centre.

And, to be honest, that is where it feels like we are all being held to ransom a bit. We can’t verify who is contacting us and they apparently can’t verify themselves to us because of data protection.

These companies are using data protection as an excuse, a little bit like people use health and safety. Both laws are often quoted out of context, misunderstood by those quoting them and used as a reason to not properly explain why things can’t be done.

It is at the very least frustrating, but for some people it is dangerous too. How many people are caught out by scam calls? And if those of us used to technology are caught out, what about more vulnerable people?

The genuine companies are behaving in the same way as those who are out to scam us: putting the emphasis on us to identify ourselves and, while many of the calls we receive may well be genuine, we have no way of knowing.

Banks, insurance companies and others need to put in more effort to distinguish themselves from scammers, or it will be back to snail mail for us all.