Motorists are being blocked from taking advantage of new laws giving them control of their data to get better deals – because Britain’s biggest insurers are unable to process it.
GDPR gives consumers far greater control over the way financial institutions use their personal data, including the right to request any information a firm holds on them.
This could include data on driving held by car insurers gathered using a telematics device, commonly known as a “black box”. Experts say this information could help drivers get cheaper car insurance, if it proves they are a safe driver, but so far, despite preparations for GDPR beginning several years ago, companies have been overtaken by the law.
When asked by Telegraph Money, only one of the seven biggest insurance firms in Britain said it would consider telematics information from another provider when calculating a premium – although some others said it was something they were looking to do in the future.
Telematics is long-established as a way for young drivers to keep the cost of car insurance down. The insurer will install a black box in the car which tracks driving statistics, like average speed, braking and cornering, and assigns a driving score. Drivers deemed safe will be offered a lower renewal price.
Because these advantages depend on the insurer’s access to your black box data, you have to stay with the same insurer – or start from scratch with a new one. GDPR means customers should now be able to take this historical data and use it to get better deals elsewhere. But while drivers can now request the data from their insurer, most companies still have no way to make use of the results.
Selim Cavanagh, of insurer Ingenie, which specialises in providing car insurance for young people, said the company has allowed customers full access to their telematics data for several years but demand remained low, with only a handful of customers making a request last year.
Ingenie does use data from other companies to attempt to give new customers better deals, but Mr Cavanagh said the quality of the information varied.
“If we take other companies’ data it won’t be as good as ours but we can still get some value out of it,” he said. “We can establish whether someone is a really good driver or someone who needs to improve.
“If you look at the credit score, it’s trusted by the industry as a measure of someone’s risk and it actually made it more straightforward for people to get credit. The same thing could happen in insurance.”
A spokesman for LV=, which has almost 2.5 million policyholders, said: “We would offer a discount to customers who transferred us data from another telematics provider if it showed that they were a safer driver.
“The level of discount would vary depending on the data received. However, not all telematics providers collect the same level of data or present it in a format that we may be able to access.”
The other six insurance brands to have at least two million policyholders in Britain – Direct Line, Admiral, Aviva, Hastings Direct, the AA and Churchill – said they do not currently accept telematics data from other companies.
A spokesman for Hastings Direct said: “Insurers generally use their own unique and proprietary algorithms to create driving scores for their customers. The same driving score can therefore mean different things to different insurers.”
A spokesman for the AA said most insurers would not recognise data from another provider, as standards may differ. He added: “That doesn’t mean that the call centre staff you might speak to don’t have a degree of discretion to take into account factors that suggest a good driving record so it is worth asking the question.”
Julian Saunders, from PORT.im, a firm which specialises in data policy, said insurers should be looking to make it easier for customers to transfer their information.
“It just makes life easy for consumers and we all like things being made easy for us,” he said. “Customers don’t want to be filling out big, long forms for everything, they just want a fair price.”
It’s not just car insurance
There are further applications to our ownership of our own data afforded to us by GDPR beyond car insurance. The obvious one is of course other types of insurance, including health and travel.
Telegraph Money has reported in the past on risks associated with insurers which base premiums on data taken from a smart fitness device like a Fitbit. This could mean your premium rising if you are inactive but could also lead to savings if you exercise often.
But Mr Saunders said there are more areas where consumers can harness the power of their data. Everything from streaming services allowing you to move a full listening or viewing history between the two to mobile phone providers offering deals tailored to your needs.
He said: “You could go and ask Vodafone for your information and get your billing history, your data usage, how often you go abroad. Then you can go and get a contract that suits your needs.”
How do I request my data?
The simplest way to request an entire record of your personal data is to use a subject access request. While this used to be a paid-for service with limits on what you could request, GDPR makes it free-to-use.
Most institutions will have a page on their website explaining how to do this and you should be able to do it online. Mr Saunders also said the Information Commissioner’s Office (ICO) has a template form you can send to companies.
You can request a copy of all of the personal information a company holds on you and they have up to a month to comply with the request. Companies may need to carry out additional security checks over the phone.
A request can only be refused if it is “manifestly unfounded or excessive”. They can also withhold some information if it also relates to another person, unless that individual gives their consent or there is a good reason to provide you with their details.
If you disagree with the company’s decision you can complain to the ICO.