We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

GDPR breach?

13»

Comments

  • Section62
    Section62 Posts: 10,772 Forumite
    10,000 Posts Fourth Anniversary Name Dropper
    pochase said:
    Section62 said:

    On the face of it, this is a case of an employee making an error.  It is very difficult to stop errors like that happening, so it isn't obvious why the company would need to "behave better".

    What your suggestion would do is to increase costs.  Businesses treat claims as part of the cost of doing business, and those costs just get passed on to the consumer.

    If you disagree with the 'part of the cost of doing business' point, then why have you been suggesting that companies are so keen to settle rather than defending a claim?
    This error can be easily avoided, each agent will in future only deal with one customer at a time.

    It isn't fully clear what happened in the OP's case, but CSA's only dealing with one customer at a time can't stop them giving wrong email addresses to customers.

    E.g. if the CSA meant to message the OP with the email address "meter_readings@energyco.co.uk" there's probably nothing stopping the CSA typing "BonBonWoof1234@gmail.com".  If that email address is active and happens to be another customer of EnergyCo then it would appear to be a data breach*, even though it could also be an entirely random error.

    Also, in this case the CSA was dealing with two people at the same time, but a similar thing could have happened in the one-at-a-time scenario if the last customer's information is still in the CSA's head (or computer clipboard) when dealing with the next one.

    Essentially it could only be avoided (for sure) if the CSA can only use standard responses rather than being able to type free text.

    (*I believe there's a possible argument that in the OP's case the incorrect quoting of an email address (only) may not be a strict data breach, depending on what the address actually is)
  • pochase
    pochase Posts: 3,449 Forumite
    1,000 Posts Third Anniversary Name Dropper
    Of course nobody can exactly say what happened.

    But the OP wrote

    It transpires we were both on live chat at the same time and I was asked to confirm my email address as part of the security questions so I'm assuming that's how it's been passed on.
    So there is a high likelihood that the agent copied the email address to check it against the database and than for the next customer they either forgot to copy the correct email they wanted to give them, or what has happened to me often enough the copy failed and the old mail was still in the cache when he pasted the info to the other client.

  • Section62
    Section62 Posts: 10,772 Forumite
    10,000 Posts Fourth Anniversary Name Dropper
    pochase said:

    So there is a high likelihood that the agent copied the email address to check it against the database and than for the next customer they either forgot to copy the correct email they wanted to give them, or what has happened to me often enough the copy failed and the old mail was still in the cache when he pasted the info to the other client.

    That would have been my guess too.

    So you design the risk out by only allowing a CSA to deal with one customer at a time.

    And to avoid the copy/paste scenario between customers you design the CSA application to clear all details between dealing with one customer and the next, or disable the copy/paste function completely.

    But that still doesn't stop the CSA typing the thing in their head... which could well be the email address of the last customer.

    Unless, possibly, if you issue each CSA with a Neuralyzer which is automatically triggered at the end of each customer contact.
  • gj373
    gj373 Posts: 142 Forumite
    Part of the Furniture 100 Posts Name Dropper
    Section62 said:
    pochase said:

    So there is a high likelihood that the agent copied the email address to check it against the database and than for the next customer they either forgot to copy the correct email they wanted to give them, or what has happened to me often enough the copy failed and the old mail was still in the cache when he pasted the info to the other client.


    So you design the risk out by only allowing a CSA to deal with one customer at a time.

    The consequence of which is the cost of servicing customers rises and therefore prices are increased or as we are at the cap service levels fall even further.
  • pochase
    pochase Posts: 3,449 Forumite
    1,000 Posts Third Anniversary Name Dropper
    Yep, that is it.

    We don't have a wrong process here, we have here a human error. You cannot avoid human error, it just happens. 

    If you want to reduce the chance of human error, it will cost more money. And it will cost us, either in service or in money.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.5K Banking & Borrowing
  • 254.1K Reduce Debt & Boost Income
  • 455K Spending & Discounts
  • 246.6K Work, Benefits & Business
  • 602.9K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture