Despite being inclined to have firms collect endless amounts of data on their customers, the British government does at least want them to protect it. Accepting a new EU law, known as the General Data Protection Regulation (GDPR), means that when introduced in 2018, British firms will be mandated to disclose any breaches that occur, and could be fined if enough protections are not in place.
Over the past few years we’ve seen a number of high profile companies hit with big data breaches as hackers steal away user information by the truckload. In some cases these companies let their users know straight away, but in others it can take weeks, months or even years before the public is made aware. To combat that in future, it is now a legal mandate that firms must disclose the information in a timely manner.
The ICO could have much greater powers after the ruling. Source: Eradar
To encourage companies to stop breaches before they happen though, a new penalty system will be put in place. As it stands the Information Commissioner’s Office can fine companies £500,000 if they fail to adequately protect their customers. In the future though, that figure will increase to £20 million, or four per cent of turnover, whichever is larger (as per Telegraph).
While there is some consternation that the UK is adopting new EU legislation while looking to negotiate a leaving of the group, implementing the GDPR is said to have been a key component of staying within the single market.
Discuss on our Facebook page, HERE.
KitGuru Says: As much as this legislation sounds great, the government is also looking to force tech companies to install back doors in hardware and software, which invites these sorts of breaches. It just goes to show how unaware most politicians are about how technology, and particularly digital security, works.