Share this content

UK public demands data breach disclosure laws

29th Nov 2010
Share this content

New research has revealed that the UK public is keen to see the introduction of US-style breach disclosure laws, which would force brands to publicly declare if they have suffered a data loss incident.

The OnePoll study, based on a survey of 5,000 consumers, revealed that four out of five were keen to see the introduction of breach disclosure laws.

Some 70% believed that there should be more prescriptive regulation, 62% felt that organisations should receive large fines, while 31% said that company directors should be subject to criminal proceedings.

Ross Brewer, vice president and managing director of international markets at network security vendor LogRhythm, which commissioned the survey, said that there appeared to be solid public support for calls by the European data protection supervisor for wide-ranging reform of existing data protection laws, including mandatory breach notification legislation.

Meanwhile, a second study has emphasised the growing importance of trust for consumers being asked to share personal information with brands, with two-thirds choosing to avoid contact where possible in the wake of a data loss incident.

According to a poll among 1,114 consumers undertaken by the Direct Marketing Association (DMA) and online marketing analystis firm,, while three-quarters said they would be happy to part with their personal details if they had an existing relationship with an organisation, less than one in 10 would be prepared to do so if no such relationship existed,

But the Data Tracking Study also revealed that consumers were quick to withdraw their trust if they felt it had been abused. More than half would opt out of receiving marketing messages if they received too many irrelevant ones, while a further third would lose faith following bad press around a data breach or loss.

Chris Combemale, the DMA’s executive director, said: "The good news for the marketing industry is that the tools necessary for building a reputation for good data security are well within their control."

Having a robust data security system, a clear privacy policy, an easy-to-use website with obvious security protection and giving the consumer control over how they were contacted were all key components in allaying customer fears about sharing their personal data, he added.

"Data released by the Information Commissioner’s Office shows that data breaches are still rife in the UK and this seems to have led to a change in the public mood. There is now a common desire to see definitive steps taken to force organisations to clean up their act," he added.

Such attitudes appeared to stem from the public’s lack of confidence in brands’ ability to protect the personal information that they held. Some 63% of respondents were afraid of becoming victims of identity theft through no fault of their own, while half believed that neither private nor public sector organisations had enough security controls in place.

If a security breach did occur, however, two thirds said that they would try to avoid interacting with the organisation concerned, with 17% saying they definitely would do so.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.