Czech banks are data-thirsty
Reports in the Czech media recently warned readers about a form of malpractice that has been spreading among Czech banks and insurance companies - the illegal manipulation of data collected from their clients. Vladimir Tax has the details.
"Our supervisory activity in the banking and financial sector has just started but we have observed many cases of bad practice. For example, one big financial institution collected and processed personal data for banking purposes and then this personal data have been transferred to a daughter company for leasing or travel purposes, which is absolutely illegal."
Banks try to get around the law by making clients sign a contract which contains a clause allowing them to pass data onto third parties. However, as Mr. Neuwirt pointed out, such contracts are invalid because in the Czech legal system, a client's consent is not above the law.
"Our inspectors have repeatedly criticised contract clauses between institutions and clients. A specific problem is a consent of clients for collection and processing of personal data. We observe bad practice also in creating of contract clauses and this practice shall be changed."
The Office for Personal Data Protection can impose a fine of up to 10 million CZK, an equivalent of roughly 250,000 USD for violating the law or twice as much in case of repeated offence.
Unfortunately, there is not much an ordinary bank client can do to protect himself against this practice except report such cases to the Office for Personal Data Protection. But inspectors at the office advise clients to read the small print in their contracts before they sign anything.