Information Commissioner, Christopher Graham, supported by Lord McNally, Minister of State at the Ministry of Justice are right to recognise the urgency of this issue but 'understanding the law and your rights' alone is not sufficient if unenforceable.
According to research by Privacy International and Virtual Identity and Privacy Research Center, Switzerland, the Personal Information of a European Citizen is currently stored in over 1,000 data silos around the world. This is not the data that you have shared willingly in exchange for a product or service -this is the result of your data being stolen, harvested and sold without your knowledge let alone your permission. It is this 'hijacked' data which is the source of spam (85% of internet traffic), phishing and fraud. How on earth do you submit a Subject Access Request to view, correct, update or delete such information when you don't know where it is?
It is imperative that an individual has the ability to impose their Terms & Conditions, their EULA, when forming an online relationship with a supplier (private or public). These Ts&Cs could comprise such conditions as:
- to be encrypted during transmission and storage,
- not to be shared with any third party without my express permission,
- to allow access to data held about me at all times to view or request correction and deletion as appropriate,
- to inform me of any data breach immediately,
The supplier would have to 'sign' my Ts&Cs before my Personal Information is revealed and a unique email address could be used so that the source of any breaches are immediately identifiable and accountable.
PAOGA are developing the very tools and services to empower individuals who are concerned about their privacy leading to Trusted Relationship Management in which the 'subject' is an equal partner.