Surprises from the past – What bloodhounds can teach us about personal data

Surprises from the past – What bloodhounds can teach us about personal data

By Aim's data protection experts

December 2021

 

An article recently suggested that some dogs can follow a scent left between five and fourteen days ago, the time depending on environmental factors, for example, wind speed and direction, and rain. I also read a different story about a woman whose house was put on the market and very nearly sold by a fraudster who obtained an illegal lasting power of attorney for her.

 

I think that it’s possible to see the link to personal data in the second example, but the first might be a little more obscure. In the latter, the woman was away from home for an extended period, leaving her property vulnerable. The fraudster had gained entry, changed the locks, found a driving licence and bank statements to obtain the power of attorney, and then used a solicitor many miles from the property to complete the sale. Fortunately, the sale did not proceed after the solicitor asked for additional documents that were not forthcoming. In this example physical documents were used to piece together a convincing picture of a potential victim.

 

The first example strikes me as an allegory for the second example. The homeowner left a trail of documents that the fraudster could follow and put together to form a narrative that allowed them to conduct a potential crime, whereas the dog is able to follow a scent, left by an unsuspecting human. The scent is personal data, and whilst it might dissipate after a while, it’s there for enough time to make it useful, and just because it’s raining, or windy, it does not mean the scent will be expunged immediately. In the same way, the traces of ourselves, that we assume might disappear quickly, or take precautions to remove, might linger for significant periods.

 

If you’re an organisation that has employees, clients and suppliers, you can start to acquire large quantities of personal data, mainly in electronic form, and despite precautions you might put in place or obstacles there might be (in the case of our examples above these were locks, and weather, but if you’re a business, you’ll have firewalls, antivirus and retention policies) the data will leave a trail, and for a fraudster, it’s a potential pot of gold. Our clients come to Aim to identify these rogue pieces of personal data and using our world-leading data governance and management platform dataBelt®, we can find all references to it, categorise and establish its location, and if required, redact it, so that even a bloodhound will find it impossible to find a scent, let alone track it to anything resembling a pot of fraudulent gold.

 

More:

  • For information about our data protection services, please click here.
  • Data breaches: what should you do if they happen? Our 30-minute GDPR Data Breach Training gives you an understanding of what data breaches are, what the GDPR says about them and how you should deal with breaches if they occur. Access our training here.