Data Protection, the new health and safety

For those of you not in the UK, you may not understand some of the legal and cultural references. In the UK, we have a habit of referring to some legislation in everyday conversations, and as a justification for why we can or more likely cannot do something.

Often alas for the civil stuff, many cite these in ignorance and often an excuse not to do something.

You don't hear someone say "can't do that, its homicide you know?".

So, in many situations, many unreasonable and dense, you get the "can't do that, health and safety you know?".

Now it seems to have become the same with Data Protection, where call centres, who you call to get them to do something that they initiated, becomes a nightmare.

Last week we sent our sons damaged mobile phone to be repaired, so of it was warranty, some external damage. We get a call from the repair group with a reference, asking us to call to agree payment.

So, as the bill payer I call. I pass many of the fort knox-esque security questions, my inside leg measurements, last time i stood at hearing the national anthem etc.

Then, postcode, i give mine. No, sir it has to be the one we picked it up from. Ok, i said, i can look that up (as my son lives at the place he is having his apprenticeship).

Sorry sir, i can't let you continue, Data Protection ....

Eh, as my mind exploded with a sense of what the frigging hell.

As you need to check the postcode, I can't let you continue.

So, I said, if i hang up, find the postcode and call back, it will all be fine.

After a three minute attempt by the bewildered soul trying to explain to me why they are protecting and my having to try and help them understand that i am the one paying for everything so they are protecting my data from me. I said, "so after all this, if i hang up, find the postcode and call back, it will all be fine, you can't stop me".

Yes came a perplexed reply, you are right.

So polite good bye, hung up, redialed, shared reference number, had post code to hand, they took my money, all without checking that I was the card owner. As the delivery address was in the name of my son (remember the postcode), the account in my name, but my card, well? They asked for the long number, expiry and short number on the rear but they did not ask me for the name on the card, which is somewhat cunningly different than my sons.

Major fail, I wonder if their data protection policy covers this?


Popular posts from this blog

HeartBleed article in @ConversationUK ...

Highlights and lowlights of 2014, a golden year for cybercrime from @ConversationUK

Simulation vs emulation vs virtualisation ....