Effective data sharing between organisations and across different digital sectors is an important factor in preventing data-enabled scams and fraud.

The UK GDPR and the Data Protection Act 2018 (DPA) do not prevent you from sharing personal information where it is appropriate to do so, or from taking steps to prevent harm.

This advice is aimed at private sector organisations across the digital economy such as financial services, telecommunications and digital platforms that want to share personal information with each other to support scam and fraud mitigation efforts.

Our role is to help and encourage organisations to carry out this data sharing in a confident, responsible and compliant way. That includes following the principles of the UK GDPR as well as ensuring that you respect people’s information rights.

The ICO continues to engage with private and public sector organisations to support efforts to prevent people being harmed from scams and fraud.