Data Quality Issues – Another example
The email inbox for me in UCD’s School of Law has become unusable. The cause of this unusefulness is a data quality problem. The cause of the data quality problem is a namesake of mine living in Vancouver who seems to have used this address to register for online shopping, take out credit with Klarna, and to order goods and services.
Implications and Impact of Data Quality
So, what are the implications of this?
- Use of my staff email address for any communications to/from UCD Law School is effectively impossible. I have MANY HUNDREDS of spam emails and similar clogging up the works. I am probably going to have to get a different email address issued to me to allow me to function as a lecturer. This is hassle that I can do without…
- My email address is now linked to credit profiles of another person. That is a problem because that data is not accurate or correct. Thankfully I don’t apply for credit using my UCD email address, and it’s not linked to my identity outside of the University as I don’t use it for any other purpose. But it’s still a potential problem. And it highlights the problem of relying on email addresses as an identifier… people are stupid and put in other people’s email addresses by mistake.
- The University is now a Data Controller for this person’s data because I have emails with documents containing his personal data sitting in the University inbox.
- He (or she – the name is gender neutral after all) is NOT getting correspondence from their retailers or from Klarna. Things like delivery notes and receipts.
Fixing “Accuracy at Source” in Data Quality
The person apparently lives not far from a data management consultant I know in Canada. If this was my personal email account I would probably just ask my friend in Canada to either call over or phone this person (I have full home address and telephone number in the data that is being bounced into my inbox) to let them know about the issue in person.
“Hey, my friend in Ireland who has the same name as you wants to stop getting emails intended for you” is probably a conversation opener that Other Daragh would struggle to believe though.
The Data Governance and Data Protection Angle on this Data Quality issue
But because the data is held by the University, I would actually not be entitled or able to disclose the data anyway without authorisation from the University. They are the Data Controller, not me.
So, now I have to figure out how I can exercise my data protection rights (as the person who the email address actually relates to) in respect of entities in the EU that Other Daragh has been interacting with. But the fact that that email address has been used (in error) in relation to transactions that Other Daragh has been entering into means it is also data that relates to them (albeit in error).
So… Klarna’s DPO: I am about to contact you with a Higher Level Exam paper Data Protection Scenario.