“Text Pests” and the Importance of Data Security in Customer-Facing Businesses
In a recent report by the UK's Information Commissioner's Office (ICO), it was revealed that 17% of the public have had their personal information misused for romantic or sexual propositions.
This alarming statistic is even more concerning among younger age groups, with 30% of 18-24s and 29% of 25-34s reporting such misuse. This underscores the urgent need for businesses to tighten their data security measures, especially those in customer-facing roles.
The ICO's Findings
According to the ICO's research, which surveyed 2,289 UK adults:
17% of the public have had their personal information misused for romantic or sexual propositions. This figure rises to 30% among 18-24-year-olds and 29% among 25-34-year-olds.
London residents are most affected, with 33% reporting such incidents.
56% of the public believe this misuse to be illegal, yet 9% think it's legal. This perception varies significantly among age groups and genders.
66% consider it morally wrong, with older people and women more likely to hold this view.
The ICO has called for victims to come forward and share their experiences, emphasizing the gravity of the issue.
The Legal Implications
Misusing customer data for personal contact is not just unethical; it's illegal. Businesses found to be lax in their data security measures could face severe penalties, including hefty fines and reputational damage.
To help you mitigate the risks associated with data misuse, here are some actionable steps:
Real-Time Monitoring: Implement real-time monitoring systems that track data access and usage within the organization.
Regular Audits: Conduct regular audits of your data storage and access protocols.
Employee Training: Educate employees about the importance of data security.
Access Control: Limit access to sensitive data to only those employees who need it.
Data Encryption: Encrypt sensitive data both at rest and during transmission.
Two-Factor Authentication: Implement two-factor authentication for accessing sensitive or confidential information.
Incident Response Plan: Have a well-defined incident response plan in place.
Vendor Vetting: Conduct regular audits to ensure compliance.
Effective pre-employment screening, such as background checks and reference checking, can also serve as an additional layer of protection against potential text pests. By thoroughly vetting potential employees, businesses can better ensure that their staff will handle customer data responsibly.
Emily Keaney, Deputy Commissioner, Regulatory Policy at the Information Commissioner’s Office, commented on the worrying rise of text pest by saying:
“People have the right to order a pizza, or give their email for a receipt, or have shopping delivered, without then being asked for sex or a date a little while later. They have a right to know that when they hand over their personal information, that it will not then be used in ways that they would not be comfortable with. But our research today shows a disturbingly high number of people, particularly young people, are falling prey to these text pests.
“There may be, amongst some, an outdated notion that to use someone’s personal details given to you in a business context to ask them out is romantic or charming. Put quite simply, it is not – it is against the law.
“If you are running a customer facing business, you have a responsibility to protect the data of your customers, including from your employees misusing it. We are writing to major businesses, including food and parcel delivery, to remind them that there are no excuses, and there can be no looking the other way.
“We’ve launched this call for evidence today because we want to hear directly from the public how this misuse of personal information has affected them. As the data regulator, we can then use this to inform our work protecting the public.”
To report unwanted contact, the ICO has provided a form that can be accessed here.