You are here: Home - Credit Cards & Loans - News -

Experian faces £20m fine over data protection failures

Written by:
The information watchdog has taken enforcement action against credit reference agency Experian, ordering it to make changes to the way it handles personal data in direct marketing services.

Following a two-year investigation into how Experian, Equifax and TransUnion used personal data for marketing purposes, the Information Commissioner’s Office (ICO) found they were “trading, enriching and enhancing people’s personal data without their knowledge”.

As a result, it meant millions of people were potentially targeted by commercial organisations, political parties or charities, and their personal data collected and profiled without their knowledge.

The ICO said this is against data protection law.

While Equifax and TransUnion withdrew some products and services, the ICO said Experian made progress in improving compliance but “it did not go far enough”.

The ICO noted: “Experian did not accept that they were required to make the changes set out by the ICO, and as such were not prepared to issue privacy information directly to individuals nor cease the use of credit reference data for direct marketing purposes.

“As a result, Experian has been given an enforcement notice compelling it to make changes within nine months or risk further action. This could include a fine of up to £20m or 4% of the organisation’s total annual worldwide turnover.”

‘Lack of transparency’

Information commissioner, Elizabeth Denham, said: “Our investigation uncovered data protection failings that likely affected millions of adults in the UK. Our investigation has changed the way credit reference agencies operate their offline direct marketing services. It has found invisible processing, allowing people to better understand how their data is being used, meaning people can exercise their privacy and data protection rights.

“The information the Credit Reference Agencies are privileged to hold for statutory credit reference purposes was unlawfully used by them in their capacity as a data broker, with poor regard for what people might want or expect.

“The data broking sector is a complex ecosystem where information appears to be traded widely, without consideration for transparency, giving millions of adults in the UK little or no choice or control over their personal data. The lack of transparency and lack of lawful bases combined with the intrusive nature of the profiling has resulted in a serious breach of individuals’ information rights.”

The ICO added that its notice requires Experian to inform people it holds their personal data and how it is using or intends to use it for marketing purposes. Experian has until July 2021 to do this subject to any appeal.

The ICO also requires Experian to stop using personal data derived from the credit referencing side of its business by January 2021, which it does currently for limited direct marketing purposes. In the enforcement notice, the ICO states that people have no choice about whether their data is shared with Experian for credit referencing purposes and that Experian’s processing of this data for marketing purposes is unexpected.

It should also stop screening out prospective customers from marketing lists on the basis of financial status.

Other requirements include: what data is being used for and who the data is being sold to and why, and stopping the processing of any personal data that has been collected unlawfully.

‘We intend to appeal’

Experian confirms the notice relates to its UK marketing services business and its credit-related services are not affected.

An Experian spokesperson, said: “We disagree with the ICO’s decision today and we intend to appeal. At heart, this is about the interpretation of GDPR and we believe the ICO’s view goes beyond the legal requirements.

“This interpretation also risks damaging the services that help consumers, thousands of small businesses and charities, particularly as they try to recover from the Covid-19 crisis.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Everything you wanted to know about ISAs…but were afraid to ask

The new tax year is less than a fortnight away and for ISA savers or investors, it’s hugely important. If yo...

Your right to a refund if travel is affected by train strikes

There have been a wave of train strikes in the past six months, and for anyone travelling today Friday 3 Febru...

Could you save money with a social broadband tariff?

Two-thirds of low-income households are unaware they could be saving on broadband, according to Uswitch.

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week