Yesterday was European Data Protection Day. Did you miss it?

On 28th January 2009 The UK Information Commissioner celebrated European Data Protection Day (Celebrated what? Is there a commemorative postage stamp?) by creating and getting people to sign the Personal Information Promise.

Oh.

Good.

Yes, anything that makes people think about the safe custody of personal information is a good thing.

The Personal Information Promise, eh?

Well, it's on the UKIC's site.

And it has precisely no power. None.  Zilch.

Oh, I expect if anyone complains to the UKIC about one of the signatories they'll be told, "Gosh, you broke the promise as well as the law.  Still, since you have now stopped doing that we'll let you off with a strongly worded letter."

So what does this exciting promise say?

You're going to love it!

I

on behalf of

promise that we will:

1. value the personal information entrusted to us and make sure we respect that trust;

2. go further than just the letter of the law when it comes to handling personal information, and adopt good practice standards;

3. consider and address the privacy risks first when we are planning to use or hold personal information in new ways, such as when introducing new systems;

4. be open with individuals about how we use their information and who we give it to; [that would be "whom".  Dative not nominative.]

5. make it easy for individuals to access and correct their personal information;

6. keep personal information to the minimum necessary and delete it when we no longer need it;

7. have effective safeguards in place to make sure personal information is kept securely and does not fall into the wrong hands;

8. provide training to staff who handle personal information and treat it as a disciplinary matter if they misuse or don’t look after personal information properly;

9. put appropriate financial and human resources into looking after personal information to make sure we can live up to our promises;

and

10. regularly check that we are living up to our promises and report on how we are doing.

Ah.  So that's all right, then.  We'll feel so much safer now.  Especially when we read the FAQs on the site.

This is obviously Data Protection in Action.

So why am I so cynical?

Look, the act was made into law in 1998.  This is 2009.  There have been no significant prosecutions or heavily publicised enforcements.  The whole thing has a department behind it that takes for ever to respond to complaints, and either can't enforce or doesn't enforce when it finds a breach.

And there's even a rumour going round Data Protection circles that the incoming UKIC in July was selected in order to be less tough than the current incumbent.

So. let's all sign up for a new badge.  Ah no.  The great signing was yesterday on European Data Protection day!

• Who's "in" so far?
  
• Action for Children
  
• Acxiom
  
• Astra Zeneca
  
• Belfast City Council
  
• British Gas
  
• BT
  
• Callcredit Limited
  
• Dudley Primary Care Trust
  
• Experian
  
• Equifax
  
• Field Fisher Waterhouse
  
• Greater Manchester Police
  
• Informing Healthcare
  
• Isle of Anglesey County Council
  
• NHS Information Centre
  
• Northern Ireland Association of Citizens Advice Bureaux
  
• Royal Mail
  
• T-Mobile
  
• Unison
  
• Vodafone
  

Well, good for them.  I hope that they are in because their data protection team is using the promise to beat up their senior management and make them comply properly.  But this is really a load of puffery about nothing.

Unless, of course, you think different?

May The Force be with boys at Sir William Borlase's Grammar School in Marlow

Until 1987 this was a single sex grammar school for boys.  Today I was walking round Marlow and I looked up at this wonderful plaque with its improving text from the book of Ecclesiastes, chapter 9, verse 10:

Throughout my education, a Christian education, I was never, not once exhorted that 'Whatsoever thy hand findeth to do, do it with thy might'!  Instead we were counselled against such things!

How different, then, for the pupils at this Buckinghamshire school!

BT, Take a Gold Star and a House Point!

I just had reason to call BT.  An item I expected to be free appeared on my bill for money.

The call was free (good).  When I got through there was a long delay (bad), but they said "You can stay on the line for a wait of about five minutes (good to know) or we will keep your place in the queue and call you back if you opt for that." (wow!)

Now that is service.

Better than that, when I queried the item on the bill, they explained both why it would be chargeable, but that, since I had not been made fully aware of the fact, it was now free.

Is this really BT?

Wow.

They've listened to customers!

The Information Chihuahua to get a new bite

News has broken that the current head of the Advertising Standards Authority, Christopher Graham, is set to take over from Richard Thomas on his retirement on 30th June 2009.

Richard is a really nice chap.  Breaking the Data Protection Act or the Privacy and Electronic Communication Regulations has been an absolute pleasure under his guidance as regulator.  It's like having your shoe nibbled by a pet Chihuahua.  Case work has built up to a new paper mountain.  I've just reminded(!) one of his team that he owes me a review of a case that was promised by 27th August 2008.

I'm not sure how efficient the ASA is, but I know it bites hard.  And I know it bites fast.  If it had any prosecution powers it would scare seven bells out of the UK marketing industry.  Transgressions hit the press, hit google, and stay there.  Companies go under when the ASA bites.

So, an open request to Mr Graham:

Use your teeth.  Get your staff to learn to bite, bite hard and bite fast

The days of the sweet uncle are over.  Bring on the wicked step father!

We don't need the law! We have a British Standard!

Yes, it looks as if implementation of the UK's Data Protection Act 1998 is going to be outsourced to the British Standards Institution.  Richard Thomas may retire and the entire Information Commissioner's Office is to be made redundant.

If this pilot scheme is successful the next government department to be outsourced to the BSI will be the Metropolitan Police, on the basis that the BSI is unlikely to enforce the offence of "Attempting to Travel On the London Underground While Being Brazilian" with capital punishment, nor will it be likely to be stopping and searching artists while going about their business.

We do not have a British Standard for not murdering people, nor for not breaking the speed limit while delivering goods by van.  But it seems we are about to have BS DPC 10012 as a Specification for the management of personal information in compliance with the Data Protection Act 1998.

This is a "British Standard for Not Breaking The Data Protection Act 1998"!

If you want, you can comment on the draft here.

I am aghast at the huge waste of effort.  A team of good people has sat in a stuffy room and drafted this.  They've drafted it well, there can be no dispute about that, but they've spent time doing it!  And this is just what we need at present, isn't it?

Yes, the retailers are slamming their doors in the high street, businesses are going into administration daily, and we need, gosh, yet another piece of Emperor's New Clothes, don't we.

Of course other experts will pay lip service to this.  You can't be seen to be objecting to something that is for our own good, can you?

How will this new standard prevent data losses on the scale we've seen in 2008?  How will it ensure good practice is put into place?

What is the point?  Far better to concentrate this effort into real compliance!

Or am I so wrong about this?

While on the topic of customer service

I have a Toshiba Portégé A200 laptop.  I bought it four years ago because it is lightweight, had decent horsepower for the era, and, while expensive at over £700, was reasonably priced for a machine of its class.

Every year so far it has had to have a new screen, actually more often than every year.  Every year, about 1cm in from the left hand margin, vertical lines appear, starting as a single line and gradually multiplying.  And, every year, the screen has been replaced under warranty.  But this is like saying that the screen is a consumable, just like a car engine air or oil filter! 

The first year Toshiba did this themselves.  Subsequently I've been very pleased with Topaz Support, who have done many repairs to it, including a new keyboard, battery, power supply, fan, motherboard, hard disk, 4 new screens (I am losing count!), a new screen wiring harness, etc.

The service I've received from Topaz and Toshiba has been unfailingly cheerful, helpful, understanding of my needs, and top quality.  Unfortunately Louise at Topaz now recognises my name!  That should not be right!  I really ought not to know her so well!  

Of course the screen has broken again.  I closed the lid at 3pm yesterday.  I opened it again at 7pm and the dreaded vertical lines were there.  So I called Topaz this morning.  "Hi Louise, it's Tim Trent."  I almost heard her think "Oh no, not the screen again!"  I'm sure I did.

The upshot is that I met a very nice man at Toshiba, Ian.  He met my expectations very well.  Quite reasonably we are dealing with a 4 year old laptop whose warrantky expired a year ago, almost tothe day, and his authority level says "I cannot authorise a warranty repair at my level," a thing I understand well, but he has made sympathetic noises while not committing Toshiba in any way, and escalated the matter to head office.  He agrees that he understands my concerns, and has made me feel content that the call has been well handled.

Of course, this does not yet mend my laptop!  The thing is, this is "not a known problem" in the Toshiba known problems list.  And the machine is, naturally, obsolete.  But I know the problem well enough to be on first name terms with Louise at Topaz over it, and it repeats with awful monotonous regularity.

To me this means that Toshiba should at least be interested.  I hope they are.  I'll let you know.

Do you have the same model and does it do the same thing to you, too?

Customer Service matters even more in a difficult market

My wife and I order a fair quantity of casual clothes from Craghoppers.  We do this online, and it never goes smoothly when stock levels are low.  You see the stock control system and the web based sales order processing system are not real time!  Yes, their service agent has just confirmed for me that the systems are linked by a batch update process!

This means that 143 of us can place orders for the last remaining pair of ladies lined Kiwi trousers in Earl Grey and that only one of us will receive it.  And the despatch note/invoice then says "Temporarily out of stock" for the rest of us.

The thing is, unless we call them on an 0870 number (giving them a little extra profit) we don't find out if the item will ever be sent.

Come to that the agent had no idea either, since "this is in the early stages" and "you'll probably get them by the end of next week."

But I have another gripe, too.  They market their Customer Service Line as open at 0830.  And at 0832 it was giving me some kind of ability to record a message, not to speak to anyone at all.

So what should they do?  What should anyone do who wants the edge over their competition?

Simple:

• Be available when you say you are available.  Open the lines a minute early.
• Say with precision on the invoice what will happen to an out of stock item.
• Integrate stock control with sales order processing.  Allow me to decide when I place the order if I'm happy to back order or if I am only satisfied if it comes now.

Oh yes.  And answer the calls with enthusiasm.  I was enthusiastic enough to spend my money, so they need to be enthusiastic about Customer Service.

How many times must we say this:  "Customer Service is Marketing."

Want to know how to run a decent Customer Service and Sales system?  Ask Lakeland.  They make you feel that they care.  And, right now, customers are what everyone needs.