Data misuse is the use of information in ways it wasn’t intended for. User agreements, corporate policies, data privacy laws, and industry regulations all set conditions for how data can be collected and used. Data misuse violates these requirements. Unlike data theft, data misuse doesn’t necessarily happen as a result of a cyberattack or when data is collected without the owner’s consent. Although preventing data theft by employees—as covered in the Computer Misuses Act—is important to consider, misusing data often means that permissions are being ignored: a user might willingly provide a company with their personal data, only for the company to use or share this information for purposes that the user didn’t agree to. Causes of data misuse The misuse of information or information systems at an organisation can lead to unintentional data compromise. Often, data misuse happens when employees lack good data handling practices. As an example.