Recent data breaches and cyber attacks have highlighted vulnerabilities in personal information management in Australia, exposing millions of consumers’ sensitive details, including passports, home addresses, driver’s license information, and government IDs
The rise in data breaches has brought a crucial question to the forefront: Is it necessary for companies to collect and store so much personal information from their clients?
In the rental market, for example, the traditional process involves gathering a substantial amount of documentation from renters, especially during the application phase. Given the current market dynamics, where tenants often apply to multiple properties to secure a rental, the sheer volume of data exchanged has become a significant burden for both agents and renters.
For real estate agents, this translates to managing, securing, and storing increasing volumes of sensitive data, which in turn escalates IT costs and heightens the risk of severe financial and reputational damage in the event of a cyber attack. The Real Estate Institute of Australia has even warned that escalating privacy obligations or potential data leaks could potentially drive smaller companies out of business.
What Can Be Done?
Data minimisation is a key strategy to mitigate the risks and impacts of cyber attacks while maintaining high security standards during client onboarding. This principle advocates for collecting, processing, and storing the minimum amount of customer information necessary.
Agents should focus only on essential data, such as verifying a tenant’s identity, their ability to pay rent, and their rental history. This approach helps in avoiding the accumulation of unnecessary information, like data from unsuccessful tenancy applications, and ensures that information is retained only for as long as needed. Regular reviews of archived data and deletion of unneeded files are essential practices.
Additionally, companies can avoid the need to collect and store sensitive information by utilizing solutions such as ConnectID. This technology allows for direct validation of customer details with trusted sources like banks or government institutions, eliminating the need to store sensitive data. For instance, verifying that a tenant is over 18 without needing to keep their date of birth on file.
Benefits of Data Minimisation
Adopting data minimisation can lead to significant reductions in the costs associated with managing, storing, and securing information. This approach not only saves money on IT systems and training but also decreases the time teams spend on administrative tasks and handling personal data.
By leveraging trusted sources for information verification, the approval and verification processes can be accelerated, improving overall productivity and reducing the risk of data breaches. Such breaches can have substantial financial repercussions and damage a business’s reputation.
For renters, these advancements translate into enhanced privacy and greater control over their data. The rental application process becomes simpler, with less manual form-filling required, and renters can have peace of mind knowing their personal information is handled securely and responsibly.
Maintaining stringent security standards is crucial, and employing data minimisation through trusted sources can further bolster trust and confidence. This approach helps in reducing the volume of data collected and stored, thereby mitigating the risks of frequent breaches and cyber attacks in Australia. It is a proactive measure that companies of all sizes can take to contribute to the safety of personal information.
