Public Calls For Stronger Data Breach Penalties
Consumers would be in favour of stronger regulations for organisations that lose their personal data, according to a new survey
British consumers would be in favour of stronger regulations for organisations that expose the personal data of their customers, with four out of five supporting mandatory breach disclosure laws, according to a survey carried out by OnePoll and published on Thursday by LogRhythm.
The survey of 5,000 consumers found that 70 percent wanted more prescriptive breach regulations, with 62 percent supporting the imposition of large fines for companies that expose data. Thirty-one percent said company directors should be subject to criminal proceedings.
First ICO fines
The survey follows on the heels of the first fines to be issued by the Information Commissioner for data loss and breaches of the Data Protection Act, bringing to an end months of speculation over when it would use powers it gained in April to penalise negligent organisations.
LogRhythm noted that the European data protection supervisor recently came out in support of wide-ranging reform of data protection laws including the implementation of mandatory data breach notifications.
“Our research suggests there is solid public support for such moves,” stated Ross Brewer, vice president and managing director, international markets, LogRhythm EMEA. “Data released by the Information Commissioners Office (ICO) shows that data breaches are still rife in the UK, and this seems to have led to a change in the public mood. There is now a common desire to see definite steps taken to force organisations to clean up their act.”
The survey found a lack of confidence in organisations to protect their data, with 63 percent concerned they might become a victim of identity theft through no fault of their own and half believing neither public nor private sector organisations have sufficient security measures in place to adequately safeguard sensitive data.
Public anger
Many said they responded actively to reports of data exposure, with 66 percent saying they would try to avoid future interactions with the organisation involved.
“The message to organisations couldn’t be clearer: those taking a lax approach to data security won’t just lose face, they will also lose customers,” Brewer stated.
Reflecting public anger over privacy breaches, the ICO was earlier this month branded “Keystone Kops” by Conservative MP Robert Halfon for its failure to crack down on Google over the high-profile WiSpy incident, in which some Wi-fi data was accidentally snooped by Street View cars.