Companies have been warned to brace themselves for a tsunami of so-called “subject access requests” from consumers as soon as the new EU Data Protection Regulation comes into force, raising fresh fears that many will struggle to cope.
According to a poll of UK adults, commissioned by SAS, nearly half (48%) plan to activate new rights over their personal data.
Some 15% even expressed their intention to activate their new rights in the same month that the GDPR comes into force on 25 May 2018.
The 45- to 54-year-old age group is most likely to issue a request, with just over one in five (21%) thinking they will activate their new rights in the first month. However, the propensity to submit a request drops to 13% in the 18- to 24-year-old age category.
The poll revealed that 64% welcomed the right to get a copy of personal data held about them, and 62% welcomed the right to erase personal data from certain systems.
Meanwhile, 59% welcomed the right to change their details, if personal data is inaccurate or incomplete and 56% welcomed the right to object to their data being used for marketing and profiling.
A recent study by Consumer Intelligence and FastMap claimed that insurance brands may have to delete up to two thirds of their past customer records.
It has been well documented that compliance with the new data rights is still proving challenging for organisations. Gartner recently warned that by the end of 2018 at least 50% of companies will not be in full compliance with the regulations.
Among the sectors likely to be hit hardest are social media firms, with 39% of those polled saying they would be at the top of their requests, retailers (33%), insurance companies (33%), supermarkets (29%) and energy suppliers (27%).
SAS UK & Ireland vice-president and country manager Charles Senabulya said: “Finding customer zero is a huge challenge for some organisations. Personal data is often stored in thousands of databases and organisations will need to find, evaluate and categorise every piece of data relating to each customer to ensure compliance.
“Overcoming this challenge presents an opportunity for organisations as they form a new type of relationship with their customers that is bound by integrity, understanding and respect for their individual choices. We are entering a new data era that requires a firm grip of customer data. One that rewards consumers as well as protects their right to privacy.”
When it comes to what data consumers are willing to share, only a minority would voluntarily share what their friends and relatives like or dislike (5%), details on their social media activity (6%), information on their feelings or emotions (7%) or insight into their credit rating (8%).
It is not all bad news, however, as the younger consumers are, the more willing they seen to share their personal information. The poll revealed that the percentage of people willing to share information in each age category generally decreased with age. This suggests a shift in attitudes towards personal data among a new generation of consumers, SAS claims.
Insurance firms face deleting ‘two-thirds of their data’
GDPR compensation to dwarf £30bn bill for PPI claims
Half of all firms still not compliant with 1998 data laws
Data compensation claims ‘could run into millions’
Major ICO recruitment drive to prevent GDPR meltdown
GDPR fears mount over delay to ICO consent guidance
ICO insists GDPR guidance will cover legitimate interest
John Lewis and HSBC slam ‘ambiguous’ GDPR guidance
Lack of GDPR guidance fuels fears over bombardment