Posted in Privacy

ICO Turns Spotlight on Data Broker Industry

EU GDPR means also tighter regulation of Data Broker (those companies you can find in newspapers for not acquiring always personal data in a transparent manner).

Purchasers of such data need to ask:

  • How and when was the consent obtained?
  • Who obtained it and in what context?
  • What method was used – e.g., was it opt-in or opt-out?
  • Was the information provided clear and intelligible? How was it provided – e.g., behind a link, in a footnote, in a pop-up box, or in a clear statement next to an opt-in box?
  • Did it specifically mention texts, emails, or automated calls?
  • Did it list organisations that would be provided the information by name or by description, or was there consent for disclosure to any third party?
  • Is the seller a member of a professional body or accredited in some way?

Moreover, Data brokers:

  • Bear responsibility for ensuring that individuals have been adequately informed about how their personal data is handled, and
  • Cannot claim to sell lists of individuals who have consented to receive marketing texts, emails, or automated calls from particular organisations unless they have clear records of those consents.




Contract Manager with a remarkable lust for legal and business knowledge

Share your insights with a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s