The dodgy use of personal data by rogue organisations in fraud and scams continues to be the biggest data protection bugbear for people in the UK, according to research from the Information Commissioners Office (ICO).

When quizzed about which data protection issue is most pressing, rather than citing privacy issues – the UK survey’s 2,102 adult respondents, polled between 6 and 18 May, said their top concern was that “personal information [is] being used for scams or fraud.”

What’s more, organisations with a poor record on keeping people’s data safe or not using it properly – such as those who pepper the public with unwanted marketing calls – are likely to find themselves scratched off people’s Xmas card list.

The findings contained in the ICO’s annual snapshot Information Rights Strategic Plan: Trust and Confidence report [PDF] also identify who people trust – and those they don’t.

Social media and messaging platforms remain firmly shackled to the naughty step with six in 10 people registering a “low trust.”

At the other end of the scale, health providers continue to be held in high regard.

“As in 2020, levels of trust and confidence with different types of organisations are highest for the NHS and local GPs,” said the report.

While there are plenty who agree, this finding may raise some eyebrows since the government is currently neck-deep in concerns about plans to hold medical data on all 55 million people in England on a central repository.

Campaigners for the move rally under the slogan “data saves lives” but opponents to the scheme – which has now been delayed two months until September 1 – have blasted it as the “biggest data grab in NHS history.”

But the issues go much deeper than that. Only yesterday, the ICO opened an official inquiry into the misuse of private email accounts at the Department of Health and Social Care (DHSC).

The investigation comes amid mounting allegations that senior officials within the department – including former health secretary Matt Hancock who resigned recently over his inability to follow lockdown rules – used private emails to discuss sensitive government business.

Elsewhere, the ICO-funded research found that half of those people questioned had received more unwanted marketing phone calls – such as those around PPI claims, home improvements or fast food offers – now than they did 12 months ago.

Regardless of the concerns people have, one thing is clear; when it comes to data breaches, companies and organisations should be named and shamed.

Almost three quarters (74 per cent) of respondents said that if a company/organisation that they used were affected by a data breach and their information was lost or stolen, the company holding the data should be “held responsible”.

After a 2015 mega-breach in which miscreants made off with data on 157,000 of its customers, Brit ISP TalkTalk lost 101k of them and wrote down £60m in IT costs.®