Private Sector Data Protection Breaches Increase
The ICO’s annual report found a 58 per cent increase in data breaches by private companies.
Breaches by private companies increases by 58 per cent this year, according to the Information Commissioner Office’s annual track survey. It als found that three quarters of individuals don’t believe that online companies do enough to keep their personal details secure.
Less than half of people believed that organisations process their personal data properly, a figure which increases in relation to online businesses, according to the information rights survey, in which the data protection watchdog interviewed 2,500 individuals and 800 companies from both the public and private sector.
Waking up to data protection responsibilities
Despite this decrease in public confidence, the survey indicates that three quarters of businesses understand their Data Protection Act (DPA) obligations, an increase of 20 per cent on last year’s figure.
Information Commissioner Christopher Graham said that although he was encouraged “that the private sector is waking up to its data protection responsibilities,” he also noted that “the sector does not seem to be putting its knowledge to good use. The fact is that security breaches in the private sector are on the rise, and public confidence in good information handling is declining.”
He also reminded businesses that they need to consider the damage that can be done to a brand’s reputation when data is not handled properly, warning “Customers will turn away from brands that let them down.”
The ICO has fined a number of public authorities and private companies for breaches of the Data Protection Act in the last twelve months.
In November 2010, Hertfordshire County Council was fined £100,000 for revealing details about a sex abuse case to a member of the public and employment agency A4e was fined £60,000 for losing a laptop containing the unencrypted data of thousands of people.
Ealing and Hounslow County Councils were fined for losing unencrypted laptops containing sensitive personal data in February 2011 while Surrey County Council received a £120,000 fine in June for disclosing personal details on three separate occasions.