Taxpayers urge HMRC to delete biometric data

Thousands of taxpayers have urged HMRC to delete the biometric data it stored during phone calls made to its Voice ID system.

Image result for Taxpayers urge HMRC to delete biometric data

HMRC has gathered millions of callers’ biometric data since launching its Voice ID system in 2017. However, non-profit organisation Big Brother Watch stated that people have been ‘railroaded into a mass ID scheme by the back door’.

HMRC’s Voice ID system allows taxpayers to say a key phrase when calling its helpline, which is used in place of a conventional password in order to grant access to accounts. The Revenue now permits individuals to opt out of using the Voice ID scheme, and delete any data captured. However, millions of Voice ID records have been stored in a third-party database.

Big Brother Watch said that it has reported HMRC to the Information Commissioner’s Office (ICO), on the grounds that it has ‘broken data protection laws’.

Figures show that there are seven million taxpayers currently enrolled in HMRC’s Voice ID database. According to a Freedom of Information request, 162,185 individuals have opted out of the Voice ID scheme and have had their biometric data deleted by HMRC.

A spokesperson for HMRC said: ‘Our Voice ID system is very popular with millions of customers as it gives a quick route to access accounts by phone.

‘All our data is stored securely, and customers can opt out of Voice ID or delete their records any time they want.’

Advertisements

Ban on pensions cold-calling takes effect

From 9 January 2019, the government’s new ban on pensions cold-calling takes effect.

Making unsolicited calls in regard to pensions is now illegal, and any business found to be breaking the law will face fines of up to £500,000.

Image result for Ban on pensions cold-calling takes effect

Data published by the Money Advice Service recently revealed that as many as eight scam calls are made every second in the UK, totalling 250 million unwelcome calls per year.

Meanwhile, research conducted by the Financial Conduct Authority (FCA) suggested that pension scammers stole an average of £91,000 per victim in 2018.

Commenting on the ban, John Glen, Economic Secretary to the Treasury, said: ‘Pension scammers are the lowest of the low. They rob savers of their hard-earned retirement and devastate lives. We know that cold-calling is the pension scammers’ main tactic, which is why we’ve made them illegal.

‘If you receive an unwanted call from an unknown caller about your pension, get as much information you can and report it to the Information Commissioner’s Office (ICO).’

The ICO website can be accessed here.

UK SMEs ‘unmindful of risks posed by cyber-attacks’, poll suggests

A poll commissioned by insurance firm Aon has suggested that UK small and medium-sized enterprises (SMEs) are ‘unmindful of the risks’ that cyber-attacks and data breaches pose to their business.

Image result for cyber-attacks

The poll found that eight out of ten small firms don’t regard cyber-attacks or data breaches to be significant risks to their business.

Earlier this year, a survey carried out by the National Cyber Security Centre (NCSC) revealed that almost half of UK firms fell victim to a cyber-attack or data breach in 2017. 66% of SMEs were affected by a loss of data, according to the survey.

Aon’s poll also revealed that 31% of SMEs don’t currently insure against cyber and data risks. An additional 68% were unaware that data breaches must be reported to the Information Commissioner’s Office (ICO).

Commenting on the poll, Chris Mallett, Broking Manager at Aon, said: ‘What’s more, it revealed one in three don’t see personal information stolen as a result of a cyber-attack or fraud as a data breach.’

‘There is a lot of misunderstanding of risks, and still a worry among SMEs that it must be complicated,’ said Dr Emma Philpott, Founder of the UK Cyber Security Forum.

‘It is not always about high end security. It’s about having the basics in place to protect you from indiscriminate attacks. Educating staff takes time, but doesn’t cost anything at all.’

‘Time running out’ for SMEs to prepare for introduction of GDPR, says FSB

‘Time running out’ for SMEs to prepare for introduction of GDPR, says FSB

With less than one month until the introduction of the new General Data Protection Regulation (GDPR), the Federation of Small Businesses (FSB) has warned small and medium-sized enterprises (SMEs) that time is running out for them to prepare.

The business group stated that small businesses face an ‘uphill challenge’ in ensuring that they are compliant by 25 May 2018 – the date from which the new regulation takes effect.

Under the new rules, organisations which collect, store and process individuals’ personal data will be subject to new obligations, with an increased emphasis on accountability and transparency.

The financial penalties for failing to comply are severe, with fines costing up to €20 million or up to 4% of total annual worldwide revenue, whichever is the greater.

The FSB has called on the Information Commissioner’s Office (ICO), the regulatory body that will monitor firms’ compliance, to adopt an ‘understanding approach’ to GDPR enforcement.

‘As the GDPR deadline swiftly approaches, there is a real danger that many small businesses are yet to have adequately prepared for the changes,’ said Mike Cherry, National Chairman of the FSB.

‘Fortunately for these businesses, there is still time on the clock to start, or finish, their preparations.

‘The GDPR is the largest shake-up of data protection laws for years, and whether you are a personal trainer or a consultant, most businesses will have to implement changes to their current practices to make sure they are complying with the new rules.’

Further information on the GDPR can be found on the ICO website.