Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
There has been some recent controversary over the government’s use of the ‘my voice is my password’ system.
Privacy campaigners have reportedly called for HRMC to delete the millions of recordings they hold for people who use the ‘my voice is my password’ system because they’ve failed to gain clear and proper consent from users of the system. The government say that the system is secure, and they have relied on implied consent; but privacy watchdogs are concerned over consent, security and storage.
Eyebrows have certainly been raised…
The ‘my voice is my password’ has faced heavy criticism recently from privacy watchdogs who say that the HMRC should delete the millions of recordings they have of people’s voices.
With some 5.1m callers in a recent annual period, the use of HMRC’s ‘voiceprints’ is being probed because they’ve reportedly failed to ask for proper permission to store and use the recordings. It’s understood that HMRC are changing the way they gain consent for people to use the ‘my voice is my password’ system, but they have until now relied on implied consent from users.
It’s important to know that implied consent does not always constitute as proper consent.
Concerns have also been raised over the security of the ‘my voice is my password’ system used by HMRC.
What if the system was hacked? They’re not the only ones using the system, as some high street banks use it as well. With a failure to gain proper consent comes the worry that they have perhaps failed to properly secure the voice recordings, but HMRC say that the system is secure.
Still, if it was ever hacked, people would have every right to be incredibly worried. You can change a password, but it’s not so easy to change your voice! Plus, the system can reportedly be fooled by people who have similar voices, such as siblings.
The public sector is already heavily targeted because of security vulnerabilities. Last year’s WannaCry attack was a huge example of this.
The issue over consent for the ‘my voice is my password’ system is exactly the kind of hot water an organisation could land themselves in by the simple act of not doing something completely right.
Whether there will be a GDPR fine or not remains to be seen, but assuming implied consent is OK for something like this could be the downfall of an organisation that finds themselves on the wrong end of the law.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.