80 per cent of UK consumers support tough US-style data protection laws

Following the first ever fines for data breaches given out this week, the public want to see the ICO continue with stringent policy

UK consumers want tougher penalties and regulation for organisations that lose customer data, according to research by log analysis and management firm LogRhythm.

Of the 5,000 consumers who participated, four out of five respondents felt that firms should be conforming to a breach disclosure law that would force them to publicly declare data loss incidents as is currently done in the US.

These results come after The Information Commissioner's Office (ICO) finally used its power to fine organisations for breaching the Data Protection Act (DPA), leaving Hertfordshire County Council with a £100,000 fine and employment services company A4e with £60,000.

Some 62 per cent felt that organisations should receive large fines, and 31 per cent of respondents thought the offence serious enough to warrant company directors being subjected to criminal proceedings.

"The Europan data protection supervisor came out in support of wide-ranging reform of data protection laws including the implementation of mandatory data breach notifications," said Ross Brewer, vice president and managing director of international markets at LogRhythm.

"Our research suggests there is solid public support for such moves. There is now a common desire to see definite steps taken to force organisations to clean up their act," he added.

"This lack of public confidence is something that businesses and the government need to address fast. Our findings show that when people hear about the loss of confidential information they will actively avoid the organisations involved – 66 per cent stated they would try to avoid future interactions, while 17 per cent said they would definitely not have anything more to do with the guilty party."

David Tomlinson, managing director for encryption solutions firm Data Encryption Systems, argued that companies will start to wake up to the realisation that more fines could be on the way.

"Over the years we have become so accustomed to government talking the talk and not walking the walk," said Tomlinson.

"A large majority of senior management will be experiencing a degree of shock that the ICO has moved from idle threats to enforcement. I can't help but feel that a wave of complacency will be followed by the chilly realisation that the large majority of managers and staff are now holding a fine liability rather than an encrypted laptop".