Is it time to criminalise data breach cover ups?
As the US proposes criminalising data breach cover ups, we explore whether the UK should do the same.
There is also the simple argument that people want companies to come under greater scrutiny.
LogRhythm research has shown 70 per cent of UK consumers want more prescriptive regulations and 80 per cent support compulsory data loss disclosure.
With so many people wanting stricter laws, it would make sense for companies to really shore up their security something that would benefit everyone from the consumer to the company chief executive.
"Organisations need to move quickly to ensure that their security systems are ready for any data breach disclosure regulations, and that they do not fall into the trap of viewing compliance as a one-time only requirement otherwise, they are risking severe penalties," said Ross Brewer, vice president and managing director for international markets at LogRhythm.
"While the UK is still behind the US in implementing such name and shame' legislation, it's only a matter of time before similar laws requiring mandatory data breach notifications are implemented here."
Time for the ICO to shine?
When laws eventually do come into force making concealment of data breaches a criminal offence, as they are likely to do, it could be the time when the ICO receives praise rather than denigration.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The body has been slammed in the past for not being harsh enough, particularly on private companies. Many thought Google got off very lightly after the Street View scandal. The small fine handed to ACS:Law owner Andrew Crossley did not go down well in some corners either.
When businesses can no longer hide their data offences, however, the ICO won't have many excuses to shy away from fining perpetrators.
If the ICO fails to act sternly when that time comes, it won't be doing itself any favours.
The watchdog has shown it is not afraid to hit public sector firms with significant fines.
It should show that same attitude to private companies too, so citizens' data is universally protected.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.