Feeds

Storing punters' till receipts? UK.gov wants you to hand it over

Businesses may have to cough up transaction records

Secure remote control for conventional and virtual desktops

Businesses that electronically store personal data about consumers may be required to make some of that information available to those individuals "in a machine readable format" if plans under consideration by the government are followed through.

The Department for Business, Innovation and Skills (BIS) is consulting on whether to legislate to make it a requirement for companies to provide individuals with electronic, machine-readable copies of "historic transaction data" they hold when those individuals request it.

Introducing such a requirement would build on the voluntary 'midata' programme to which some major companies are currently signed up. It would also expand on existing personal data access rights individuals have under the Data Protection Act, BIS said.

"The midata programme has shown how consumer empowerment through data release can operate," BIS said in its consultation document (28-page/483KB PDF). "Progress has been made on establishing a vision and principles. We understand better the current consumer and business perceptions and the need for safeguards when consumers use their data. And we have started to see data made available."

"This initial promise has convinced the government that more should be done to unlock the benefits of this data revolution. That is why we are consulting on the possibility of taking an order making power. If utilised, this will compel suppliers of services and goods to provide to their customers, upon request, historic transaction data in a machine readable format. The requirement would only apply to businesses that already hold individuals data electronically," it added.

"Our view is that the requirement: would only relate to transaction data relating to a consumer’s purchase/consumption of products and services from that supplier; would only cover factual information, for example what a consumer bought, where they bought it, how much they paid for it etc.; would not cover any subsequent analysis that the data holder has undertaken on the information; would only apply to businesses that already hold this information electronically and it will only have to be released if requested by consumers. Businesses would not be required to collect any new information," according to BIS' proposal.

Last year BIS announced that 19 major brands, including Google, Royal Bank of Scotland, British Gas and Visa, had all signed up to the voluntary 'midata' scheme. The scheme requires those signed up to provide consumers with "increasing access to their personal data in a portable, electronic format," the Department said at the time.

BIS now plans to make it mandatory for all businesses storing "historic transaction data" electronically to provide it in a machine readable form upon request. Legislation to that effect would only come into force following an order by the Business Secretary, the Department has proposed.

Currently individuals have the right to request that organisations grant them access to the personal data they store about them under the Data Protection Act. However, organisations are only obliged to provide the individuals with the information in "an intelligible form". In contrast BIS said that, under its new proposals, "historic transaction data" would be provided in a "commonly used open standard format".

BIS said that it expects a new market in "personal data management" would spawn from the introduction of its proposed new requirement. Such services are likely to include those that "help individuals understand their own consumption behaviours and patterns and help them change them for the better," it said.

Other services that "combine personal and other data from a range of different sources for use by the individual and by organisations to offer new goods and services" or "use an individual’s data to help them make more informed purchasing decisions," could also be offered by companies, BIS added.

"The government is convinced that midata has real potential to help consumers, business and the UK economy," BIS said. "For this reason, the government would like to see even faster progress over the coming year and has therefore decided to seek views on providing a legislative underpinning for the midata’s vision."

The consultation on BIS' proposal is open until 10 September.

Under proposed reforms to EU data protection laws, consumers would have a right to switch electronically processed personal data from a firm to its rival through a "commonly used" electronic format.

However, UK businesses have complained that those 'data portability' rules do not allow for organisations to protect their trade secrets and intellectual property rights and that the cost of changing systems in order to comply with such a requirement could be as much as £5m, with those costs probably being passed on to consumers.

Copyright © 2012, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Providing a secure and efficient Helpdesk

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.