Data Privacy Complaints Soar As Breaches Rise

The Information Commissioners Office (ICO) receives two complaints every day from consumers angry at businesses for not protecting their data.

The record number of complaints come amid an ever increasing number of data breaches, which has seen more and more customer data falling into the hands of criminals and hackers.

Growing Concern

The new ICO figures were obtained by international law firm Pinsent Masons using a freedom of information request. It found that complaints made to the ICO relating to the security of personal information jumped to 1,150 in 2014.

This makes it more than two complaints a day on average and is a 30 percent increase on the 886 complaints received the previous year.

And complaints over a five year period have risen by a staggering 64 percent.

Pinsent Masons says that the increase in consumer complaints highlights increasing levels of public unease over how big business and other organisations store personal information. It cited high profile attacks on organisations such as Sony and Target, and more recently the damaging attack on infidelity site Ashley Madison.

“Information security isn’t a new issue; businesses have always had a responsibility to protect customer data,” said Luke Scanlon, technology lawyer at Pinsent Masons. “But as consumers are increasingly finding themselves left exposed as a result of cyber attacks, concern is clearly growing. The chances are that they wouldn’t be making these complaints without having been directly impacted in some way.”

Scanlon pointed out that the ICO has the power to hand out fines of up to £500,000 if it deems that a company failed to take appropriate measures to protect customer information.

“We’re definitely seeing the cyber-attack threat moving up the corporate food chain to being a C-suite issue,” said Scanlon. “Nobody wants to be the one who gets hit, and many bluechips are now role-playing what happens in that scenario. There is increasing recognition that how an organisation responds to the compromise of customer data can impact its long term prospects as deeply as the incident itself.”

“Many of the businesses and other organisations we are working with are working hard not just to implement good procedures and controls, but also to develop cross-disciplinary teams who understand the legal and reputational issues in the event of a crisis,” he added.

Changes Coming?

Scanlon pointed out that a UK Government commissioned survey in June revealed that around 90 percent of large organisations and 74 percent of small businesses experienced information security breaches in the past year.

Despite this, it is not currently mandatory to report data breaches, but the incoming General Data Protection Regulation (GDPR) is likely to enforce a change in reporting requirements.”

In the summer a report from Digital Catapult revealed the scale of distrust that now exists between consumers and big businesses about people’s personal data. It found that 60 percent of consumers admitted they were uncomfortable sharing personal data. Indeed, 14 percent of consumers now refuse to share any personal data at all.

Earlier this week a survey found that the vast majority of businesses are still not being proactive about their security, and fail even to conduct cyber security drills.

Are you a data breach expert? Take our quiz to find out!