As head of the commercial team Luisa has a wealth of commercial law experience and advises clients…View Profile View all
As more and more business is done online, the amount of personal data which organisations hold about customers continues to grow. That data can be a powerful tool as organisations use it in an increasingly sophisticated way with the advent of ever-new technologies to target and promote their products and services. Yet organisations need to make sure that in the age of big data, they collect and use information in a way which gives appropriate assurances to people about how that data is handled.
One of the ways in which businesses can give such assurance, is by making sure that people know what they are agreeing to when they hand over their information. In other words, when people consent to providing their data, are they giving informed consent?
This issue was recently considered in an Ofcom commissioned report “Personal Data and Privacy”. The report gathered insight from various stakeholders and looked at ways in which obtaining informed consent could be improved.
Whilst it stops short of making policy recommendations, the report does offer some interesting food for thought about how organisations obtaining personal data might improve their approach to the issue:
The concept of “nudging”
This works by organisations providing warning boxes which “nudge” users to particularly important terms which in turn, can help those customers obtain a clear picture about what they are actually agreeing to and encourage them to demonstrate some positive action such as ticking a box or positively submitting details. It also suggests that this nudging process should be adopted as a continual approach, rather than gaining consent being seen as a one-time act.
Provide better visual indicators by using icons to denote certain information types
The idea is that rather than the customer having to scroll through lengthy terms, icons can be used to indicate certain categories of information, allowing customers to access the information which is of interest to them in a “bite-sized” way.
Give more control to consumers about how they might rate their own data
For example, by allowing them greater choice about which of their data might be used for particular activities. This would be quite different to the all too common approach of all data being used for all marketing, where customers are given little if any, opportunity to state their preferences. There must also surely be a commercial advantage to this, not least as it means people receive the information they have said they are likely to be interested in.
So all this begs the question about what organisations need to do to get their approach right.
No matter which of the many suggestions in the Ofcom report an organisation might choose to adopt, a good starting point is to review the information being given to users and make sure that a clear and accurate explanation is provided about what their information will be used for.
Once that is addressed, the next aim should be to make sure that customers give as clear an indication as possible about what they want their information to be used for. Reviewing how much positive action a user is asked to take and encouraging them to consider their preferences will go a long way to a compliant approach.
If you would like to discuss these issue in more detail, contact Luisa D’Alessandro on 0113 2206284 or by email at LuisaDAlessandro@schofieldsweeney.co.uk.