Banks hit by double data threat

The financial services sector is staring down a double-barreled shotgun, after being warned by two regulators to improve its record on releasing customer data or else.
Speaking at an event held by the British Banker’s Association, the UK’s deputy information commissioner David Smith called on banks to take their obligation to give customers access to the data they hold on them seriously.
“Getting it right on data protection doesn’t just mean keeping data secure,” he said. “The law also gives individuals an important right to remain in control of their information. I want to remind banks of the need to take this obligation seriously, providing full responses in a timely manner.”
He warned that the recent ruling that many banks had mis-sold payment protection insurance (PPI) means that customers are likely to exercise that right. “We cannot have a repeat of the situation we were in two years ago when the unfair bank charges ruling took place. Our case workers were swamped with complaints from customers who hadn’t received a satisfactory response from the banks.”
A recent study by Which? Money found that by far most common kind of complaint about banks’ data protection practices concerns this obligation to disclose customer data on request. The ICO received 271 valid complaints of this kind last year – Barclays was top of the shame list, followed by Lloyds Banking Group.
Meanwhile, EU commissioner Neelie Kroes has reminded banks and financial services firms that they will one day be subject to a law forcing them to notify customers about any data breaches they suffer. The plan to introduce such a requirement is included in the European Union’s proposed amendments to the Data Protection Directive.

Related stories
Barclays tops data ‘roll of shame’