Consumers are being denied the right to access the information that companies or public bodies hold about them, according to the Information Commissioner, Christopher Graham.
Graham said complaints about mishandled 'subject access' requests in the last financial year accounted for more than a third (38 per cent) of the ICO's total data protection casework.
“Organisations that handle personal information need to remember that customer records are not simply their property, the individuals who do business with them also have rights. We are seeing far too many complaints that could easily have been avoided if they'd been given serious and timely consideration,” said Graham.
“The result of mishandling requests is not simply a blip on customer service satisfaction levels, it can cause individuals a great deal of upset. The people who are making these requests are not doing it for fun; the vast majority are seeking resolutions to real problems.”
The ICO has launched an awareness-raising campaign, ‘Access Aware', that aims to highlight what a subject access request looks like and what to do if one is received.
The regulator revealed that the sector that continues to generate the most complaints about subject access requests is financial lending, with 34 per cent of completed data protection complaints in 2010/11 concerning mishandled subject access requests by financial institutions.
The proposed changes to the EU Data Protection Directive this week included a focus on the need for personal data to be controlled by individuals, with Viviane Reding, vice-president of the European Commission in charge of justice, fundamental rights and citizenship, saying that users were not aware of the privacy policies of social networking sites, or how their data was used when they visited a search engine.
Google pre-empted these changes by announcing on Tuesday a streamlining of its privacy policies across its applications, to be introduced in March.