06 April 2010

Personal Data Black Holes

What do your web-enabled personal data processing systems look like? Are they black holes you keep clear of?

Photograph of visitors at the Tate Modern gallery of modern art, London, entering Miroslaw Balka's sculpture 'How It Is' in dark shadow so their features are not discernible and slightly blurred so their precise location is not known

Are you aware how personal data enters your information systems and business processes, how it is used, where it it stored, where it is transferred and how it is disposed of? Probably not, well at least not fully. And full information about purpose and consent? Almost certainly not.

Consider this scenario... a charity collects donations from supporters and uses a third-party for it payment screens to minimise the scope of Payment Card Industry Data Security Standard (PCI DSS) cardholder data environment. However, the charity needs to maintain details of the donors' names and addresses for those who have indicated they are UK taxpayers and have opted in for their donation to be topped up by the government's gift aid scheme.

The charity doesn't want to put donors off by asking for their address more than once, so therefore chooses to use the cardholder's billing address as their record for gift aid, even thought these might not be the actual donor.

But what happens to this cardholder name and address? Imagine a phonecall from a supporter who is surprised that their cardholder address, which is different to their usual postal address, has received marketing materials from the charity? Is this scenario fact or fiction? Yes it was real.

Photograph of Miroslaw Balka's steel sculpture 'How It Is' in the turbine hall, Tate Modern, London, United Kingdom

The charity was contravening these data protection mandates:

  • confidentiality (the charity's own policy)
  • fair processing (first principle, Data Protection Act 1998)
  • specified purposes (second principle, Data Protection Act 1998)
  • accuracy (fourth principle, Data Protection Act 1998)
  • consent (data fundamentals Direct Mail Code of Practice, Institute of Fundraising).

Luckily neither the payment card primary account number (PAN) nor sensitive authentication data (e.g. security code) were being recorded which could have meant PCI DSS compliance issues as well. But the possible accuracy and confidentiality problems by using billing details of the cardholder, and the lack of consent for using cardholder addresses for marketing purposes were a real concern. Until this incident, the business owner had not realised how personal data were flowing through the system and being used.

How might this type of problem be avoided? Like building security in, early consideration of privacy and the value of personal data in system development including the use of risk assessments (for example privacy impact assessments) would provide a better understanding of the data flows, processes and risks. Another benefit is that proactive privacy protection contributes to good security.

Make sure you don't have any black holes.

Posted on: 06 April 2010 at 09:55 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter

Comments

Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
Personal Data Black Holes
http://www.clerkendweller.com/2010/4/6/Personal-Data-Black-Holes
ISO/IEC 18004:2006 QR code for http://clerkendweller.com

Page http://www.clerkendweller.com/2010/4/6/Personal-Data-Black-Holes
Requested by 38.107.179.221 on Thursday, 17 May 2012 at 22:18 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use http://www.clerkendweller.com/page/terms
Privacy statement http://www.clerkendweller.com/page/privacy
© 2010-2012 clerkendweller.com