UK Consumers to Target Businesses with Onslaught of Data Privacy Requests Following Deadline for GDPR Compliance
- 40 per cent of UK consumers intend to exercise their data privacy rights in the next six months, finds research from Veritas
- Financial services, retail and social media companies to be hit the hardest with personal data requests
READING, UK – May 2, 2018 – New findings from a study by Veritas Technologies, a leader in multi-cloud data management, indicate that many organisations will be inundated with requests for personal information from UK consumers, with two in five (40 per cent) already planning to take advantage of their data privacy rights within six months of the new General Data Protection Regulation (GDPR) coming into force on May 25, 2018.
Under the new GDPR, European Union (EU) residents will have greater control over their personal data. Currently, EU residents already have the right to ask a company what personal data is held on them (e.g., gender, age, location, sexual preference, religious beliefs, passport/ driver’s licence information, etc.) and beginning May 25, 2018, they will also have enhanced rights to ask to have their data deleted (‘right to be forgotten’). Businesses will be required to sufficiently respond to these requests within one month of receiving the request.
A new study, commissioned by Veritas and conducted by 3GEM, surveyed 3,000 adults, including 1,000 in the UK. It reveals that consumers are most likely to target the following industries with personal data requests:
- Financial services companies, including banks and insurance companies (56 per cent)
- Social media companies (48 per cent)
- Retailers (46 per cent)
- Former, current or potential employers (24 per cent)
- Healthcare providers (21 per cent)
The findings come as consumers reveal an increasing need to regain control over their personal data as trust in businesses to protect data fades, and as more and more consumers express a desire to put organisations to the test to understand whether they value consumer rights.
“In light of recent events surrounding the use of personal data by social media, and other, companies, consumers are taking much more of an interest in how their data is used and stored by businesses across many industry sectors,” said Mike Palmer, executive vice president and chief product officer, Veritas. “With a flood of personal data requests coming their way in the months ahead, businesses must retain the trust of consumers by demonstrating they have comprehensive data governance strategies in place to achieve regulatory compliance.”
The driving force behind a rise in data privacy requests
The forthcoming GDPR will impact any organisation that gathers, processes or stores the personal data of individuals in the EU. The research shows UK consumers welcome their enhanced privileges. Of those that intend to exercise their rights, two-thirds (65 per cent) plan to request access to the personal data a company holds on them, while the majority (71 per cent) intend to exercise their right to be forgotten under the new regulations.
The key drivers for exercising their data privacy rights are:
- Increased control over personal data: over half (56 per cent) of respondents don’t feel comfortable having personal data sit on systems that they have no control over.
- A clearer understanding of what data companies hold on them: over half (56 per cent) want to understand exactly what personal information companies hold on them.
- Data breaches increase the likelihood of receiving requests for personal data: nearly half (47 per cent) of respondents will exercise their rights to request personal data and/or have that data deleted, if a company that holds their personal information suffers a data breach.
- Businesses are not trusted to protect personal data: over a third (37 per cent) intend to exercise their data privacy rights because they do not trust companies to effectively protect their personal data.
- Consumers want to put companies to the test: over a quarter (27 per cent) want to test businesses to understand how much their consumer rights are valued before deciding whether to continue doing business with them.
- Consumers want to get revenge: eight per cent will exercise their data privacy rights simply to irritate a company that they feel has mistreated them.
Under the new GDPR, this influx of personal data requests will need to be answered by organisations within a one month time limit. But meeting this timeframe may be difficult as many organisations have limited visibility into what data they have and where it is located.
Most consumers do not expect organisations to be capable of fulfilling their requests under the new regulation. The majority (79 per cent) believe that organisations won’t be able to find and/or delete all of the personal data that is held on them, and a fifth (20 per cent) believe that businesses will only be able to deliver up to 50 per cent of the personal data they hold.
“It’s imperative that businesses embrace technology that can help them respond to these requests quickly, with a high degree of accuracy. This means having the ability to see, protect and access all of the personal data they hold regardless of where it sits within their organisation. Businesses that fail to recognise the importance of responding effectively and efficiently to personal data requests will be putting their brand loyalty and reputation at stake,” added Palmer.
In addition to this research, Veritas today announces the latest update to Veritas Enterprise Vault, part of its Digital Compliance suite of products. Veritas Enterprise Vault 12.3 leverages intelligent classification for hybrid archiving, a new approach for automating cloud and on-premises storage decisions that delivers optimal flexibility and operational efficiency. The new privileged delete feature streamlines data expiration upon request to help comply with GDPR “right to be forgotten” requests or to simply clean up legacy content manually.
For further information on how Veritas Technologies can help your organisation become GDPR compliant visit https://www.veritas.com/gdpr.
About Veritas Technologies
Veritas Technologies empowers businesses of all sizes to discover the truth in information—their most important digital asset. Using the Veritas platform, customers can accelerate their digital transformation and solve pressing IT and business challenges including multi-cloud data management, data protection, storage optimization, compliance readiness and workload portability—with no cloud vendor lock-in. Eighty-six percent of Fortune 500 companies rely on Veritas today to reveal data insights that drive competitive advantage. Learn more at www.veritas.com or follow us on Twitter at @veritastechllc.
Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change at the sole discretion of Veritas. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Veritas, may or may not be implemented, should not be considered firm commitments by Veritas, should not be relied upon in making purchasing decisions, and may not be incorporated into any contract.
Veritas, the Veritas Logo, NetBackup, and CloudPoint are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owner.
3GEM Research and Insights, 2018, "2018 Veritas GDPR Consumer Study", interviews conducted and statistics compiled for Veritas Technologies LLC by 3GEM Research and Insights, Office 10, 5-10 Corbridge crescent, London E2 9DS, www.3gem.com.
Dayna Fried +1 925 493 9020
Meera Lakhani-Patel +44 7824 122395
Belinda Lim +65 64275564