ICO: Public more trusting of companies to hold their data than a year ago

The general public has more faith in companies to hold their data than a year ago, new research by the Information Commissioner's Office (ICO) has found.

Public institutions such as the NHS, the police and national government bodies are more likely to be trusted by the public than social media platforms, according to the UK data watchdog's annual survey.

The survey of 2,131 UK adults conducted in late July showed just 15% of the public trust social messaging platforms to keep their data safe - which is not a surprise in light of an ongoing data misuse and privacy scandal.

But the public is more trusting of these firms than they were in 2017, where they scored 12% reflecting an across-the-board rise in the level of trust - from 20% last year, to 34% this year.

"Across the world people have woken up to the importance of personal data and how it's used," said the Information Commissioner Elizabeth Denham.

"Personal data has become the currency by which society does business, but advances in technology should not mean organisations racing ahead of people's rights.

"Individuals should be the ones in control and organisations must demonstrate their accountability to the public."

Denham highlighted the rollout of the European Union's General Data Protection Regulation (GDPR) on 25 May, and the incoming Data Protection Act 2018, as having played a part in raising trust in organisations to hold personal data across the board.

The ICO stated in July when publishing its annual accounts that the public is far more aware of their data rights than ever before - citing a 14.5% year-on-year rise in complaints, and 29% rise in self-reported breaches, for 2017/18.

"Many businesses, charities, and public bodies have actively taken the time to explain the new rules and have actively taken on board new obligations to protect personal data," Denham continued.

"However, there is still a long way to go and organisations need to realise that, unless they are trusted to properly look after people's personal data, they will fail to realise its potential benefits to their business or the wider economy."

Awareness campaigns, such as 'Your Data Matters' is also having an effect, according to the research, with a significant rise in respondents saying they would get advice and information from the data regulator - from 15% in 2016 to 33% this year.

More concerningly, there has been a decline in the number of people who feel they can access and change their personal data, from 32% in 2017 to 29% this year.

Two-thirds, 66%, did not agree businesses were open and transparent about how they use personal information (from 61% in 2017) while 63% felt it was hard to find out whether their data is being made available to third parties (from 59%).

And despite GDPR, which carries maximum fines of 20 million or 4% of global annual turnover (whichever is higher) for breaches, just 33% agreed "current laws and regulations provide sufficient protection of personal information".

Sharing data with third parties is nearly twice as likely to be seen as a negative, moreover, with citizens aged 55 and older significantly more likely to look down on companies for the practice.

Organisations now face a battle to retain public trust in light of a general rise in cyber activity - with recent research finding SMBs faced five attacks on average in the last year.

One large company who faces a battle to retain public trust is BA - who just disclosed that data belonging to 380,000 customers, including their payment details, were compromised in a breach that lasted two weeks.