26 Nov 2010
UK consumers want tougher penalties and regulation for organisations that lose customer data, according to research by log analysis and management firm LogRhythm.
Of the 5,000 consumers who participated, four out of five respondents felt that firms should be conforming to a breach disclosure law that would force them to publicly declare data loss incidents as is currently done in the US.
These results come after The Information Commissioner's Office (ICO) finally used its power to fine organisations for breaching the Data Protection Act (DPA), leaving Hertfordshire County Council with a £100,000 fine and employment services company A4e with £60,000.
Some 62 per cent felt that organisations should receive large fines, and 31 per cent of respondents thought the offence serious enough to warrant company directors being subjected to criminal proceedings.
"The Europan data protection supervisor came out in support of wide-ranging reform of data protection laws including the implementation of mandatory data breach notifications," said Ross Brewer, vice president and managing director of international markets at LogRhythm.
"Our research suggests there is solid public support for such moves. There is now a common desire to see definite steps taken to force organisations to clean up their act," he added.
"This lack of public confidence is something that businesses and the government need to address fast. Our findings show that when people hear about the loss of confidential information they will actively avoid the organisations involved – 66 per cent stated they would try to avoid future interactions, while 17 per cent said they would definitely not have anything more to do with the guilty party."
David Tomlinson, managing director for encryption solutions firm Data Encryption Systems, argued that companies will start to wake up to the realisation that more fines could be on the way.
"Over the years we have become so accustomed to government talking the talk and not walking the walk," said Tomlinson.
"A large majority of senior management will be experiencing a degree of shock that the ICO has moved from idle threats to enforcement. I can't help but feel that a wave of complacency will be followed by the chilly realisation that the large majority of managers and staff are now holding a fine liability rather than an encrypted laptop".
Regulation and fines have an important role to play in ensuring organisations protect consumer data, but they will not solve the problem. Such measures must be aligned with an overall government effort to encourage and build a culture of security best practice and common sense, underpinned by solid technologies that can deliver the level of security required by law and be able to cope with emerging threats and the changing ways in which we work.
Posted by: Kurt Johnson, vice president of corporate strategy and development at Courion 29 Nov 2010
Have your say on this article
Newsletters
Latest stories from Government
Latest videos
You may also like
Government jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
