Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

UK: ICO reviews reports of customer data misuse and releases organizational best practices

On November 29, 2023, the Information Commissioner's Office (ICO) published the results of its survey into unwanted customer contact following media reports of customers receiving unwanted contact after using delivery services. The ICO explained that after reviewing the survey responses and speaking with the relevant companies, the ICO determined that there was not any ongoing negligent behavior from specific companies, highlighting that most companies had taken proactive action to address complaints received. In addition, the ICO noted that a good level of understanding was maintained by companies to ensure appropriate measures were in place to avoid misuse of customer data by their employees. 

Regarding best practices, the ICO outlined several good practices it noted from organizations including, amongst other things: 

  • applying data minimization by allowing couriers to only view limited customer data; 
  • connecting couriers and customers through centralized phone numbers or showing temporary phone numbers; 
  • training staff to understand the misuse of personal information; 
  • applying principles of least privilege for customer data; 
  • using robust disciplinary measures in the event of an incident; and 
  • ensuring there are measures in place to report serious incidents to the ICO.

You can read the press release here