Consumers doubt whether the widely publicised ‘right to be forgotten’ in the upcoming EU Data Protection Regulation will work in practice, new research suggests.
Iron Mountain’s European study found that 92% of consumers in the UK deal with so many organisations, both online and offline, that they no longer know who holds what information about them.
At the heart of the EU’s proposed data and privacy protection reforms is a belief that the protection of personal information is a fundamental right for all Europeans.
Any organisation that fails to do its utmost to respect this right could face a fine of up to 2% of its global turnover.
Under the proposed changes to European law, consumers will be able to ask companies that hold information about them to remove it.
However, 74% consumers in the UK are not convinced that the benefits of having their information deleted would be worth the bother of asking for it to be removed, and 86% don’t believe a company would honour the request anyway, even if the company assured them that their information had been deleted.
Furthermore, there is considerable confusion when it comes to the kind of information a person can ask to have removed.
Most of those surveyed in the UK believe they would be entitled to ask for personal information (91%), financial details (64%) and email correspondence (54%) to be deleted.
However, less than half think their rights would extend to recorded telephone conversations (42%) or social media posts (32%).
Close to half (45%) believe that information held on paper – such as letters or completed forms – would be covered by data protection laws, despite the fact that two thirds (64%) of respondents feel information on paper is easier to destroy than information held about them online.
“Almost everything we do creates an information trail that can be collected, processed and possibly shared,” said Christian Toon, Head of Information Risk for Europe at Iron Mountain.
“Organisations that collect this information need to manage it carefully and protect it securely. The proposed EU data protection reforms are a good first step to better protecting consumers.”
However, our research suggests that consumer attitudes have shifted since the EU reforms were first drawn up on the back of a wave of consumer data fears in 2011. While consumers today remain happy to conduct much of their business and social lives online, they no longer trust organisations to comply with a request to delete personal data.”