Concerns regarding the scope of personal data held by companies (and the uses to which it is being utilised) have grown enormously in recent years. Government legislation is notoriously slow to react to the ever-changing technological environment; with the upcoming European GDPR legislation soon to be the apex for the protection of personal data.

The problems relating the cold calling raise a number of issues regarding consent and personal data. Often, individuals in the process of filling out forms consent for their data (numbers, emails) to be used for other purposes. This can range to counterfraud or financial checks in relation to bank applications, or for their data to be shared with selected "relevant partners". As in the case of Terms and Conditions, many people do not read the small print, and therefore are not aware of who has access to their data, what is being done with it, or how companies acquire it.

Finding out exactly how these companies acquired your details is often impossible for those who receive cold calls. The GDPR alleviates a number of the previous pitfalls regarding what defines consent, the length of time consent is given for the information to be held and the responsibilities of the data controller. Whilst the lack of government intervention in cold calling is disappointing, the future will hopefully involve a greater level of transparency and control for individuals and their information.