Inconsistent oversight and enforcement of the new GDPR Privacy Regulations means that spam and fraud are on the rise again. I noted that the median value of spam held in my email quarantine folder dropped from around 120-130 at its peak down to around 80 at its lowest level - which is still far from exemplary but was a significant improvement. Checking on the Spam folder more recently shows that levels have largely crept back up to near as bad as they were before GDPR was introduced - which is more than disappointing.
I read that cyber crimes are still increasing at a fair clip, and seasonal fraudulent activity around the Tax period is back to its worst excesses. There has been lots on news coverage recently about fake HMRC calls concerning fines or tax refunds - either designed to get victims to call super-high-charge phone lines - to be kept talking as long as possible, or worse still - to inadvertently share bank account details with criminal organisations.
I personally was targeted a number of times during these last few weeks - both by phone and by email in several such scam attempts. Even more worrying are reports of emails from Real Estate Agencies being intercepted and having payment details doctored - such that customers unwittingly pay monies into the fraudsters bank accounts. All this means really that you have to double and triple check every transaction with each intended recipient - and verify by as many direct means as possible.
A lot of this spam has been despatched in the guise of ’Legitimate Interest’ which legally though cannot outweigh ’Explicit Consent’ but still somehow does in most practical cases, as repeat-offenders are not being admonished or fined. It seems every time I order pizza even - I of course need to submit contact phone details in case the courier gets lost - but then I feel I end up with lots of suspect phone calls in the following week. I have barred hundreds of phone numbers on my iPhone and every week need to add one or two more to the list - occasionally on a daily basis.
There are seemingly all manner of third parties out there which have and are abusing my details - and to whom I’ve not given any consent in the slightest - and certainly not for these sorts of activities. I just don’t think we know yet how severe or significant this issue is - particularly for those of us who are fairly active online. I would estimate several hundred organisations have my details on file - most of them illegally and without my Explicit Consent.
Of course there has to be some balance within a business environment for the ability to carry out one’s work in a reasonable manner, but it should not be at the expense of consumer and privacy rights. We at Affino spent a good couple of years developing and implementing a comprehensive GDPR methodology and infrastructure into the core of our system and covering every key customer-facing activity. It seems though that it’s really not a level playing field out there yet.
There is no point in having the correct degree of customer protections if these are then not going to be enforced - it is akin to having the very best quality speeding cameras available with then no follow-up or fines. If there is no enforcement then the system simply won’t work - as is the case at the moment. There are numerous large social media and internet corporations with European Headquarters in Ireland - and not a single one has been even admonished yet - despite ample evidence of abuse and misuse.
I was full of hope and expectation when GDPR was first introduced - that it would keep the criminals and fraudsters better in check and significantly reduce spam and phishing expeditions, but it seems that those levels are now pretty much back to what they used to be. We really need GDPR to be properly enforced and supervised - otherwise cyber crimes and fraud will continue to rise and we the consumers will be left to foot the bill as always...