Which? has released figures obtained from the ICO which show that 515 complaints were lodged with the ICO about possible data protection breaches by the UK’s 8 largest banks and building societies during 2009.
Which? argues in its press release that an increase between 2008 -2009 in the overall number of complaints against financial companies from 1,060 to 1,163, during a period where the number of complaints against local authorities and HM Revenue and Customs fell is evidence that financial companies are getting worse at data protection.
The British Banking Association pointed out in its response to the press release that many of these complaints do not relate to security breaches, but cases where customers have disputed information contained on their credit records. As failure to provide individuals with copies of their personal data is the most common source of complaints to the ICO, it is also likely that many of the complaints against financial companies related to such matters.
Whether or not the figures are genuine evidence of declining data protection standards, they do highlight the importance of financial companies ensuring that their procedures for complying with the Data Protection Act extend to such matters as responding to requests for personal information and updating personal information as well as data security.