gdpr-3285252_1920-e1562752544103

The number of informants lifting the lid on data protection-related scandals has skyrocketed over the last 12 months, RPC has concluded.

Research conducted by the City law firm found a 175% rise in instances of whistleblowing in the year to May 2019, with figures going from 138 to 379 over the studied time-frame.

The company believes that the arrival of the GDPR on May 25th 2018 has awoken a new data privacy and security conscious in global citizens, with the number of data breach notifications to the Information Commissioner’s Office going up in kind.

Over recent times the UK’s data privacy watchdog has issued landmark fines against companies found in breach of the GDPR, with British Airways and Marriott International receiving a combined total of around £300 million in fines for data breaches that have had a global impact.

BA received a record-breaking fine of £183 million from the ICO just last week, after the private information of around 500,000 customers was exposed through a hacking campaign against the British carrier.

Hotel chain, Marriott International was issued with a fine of £99 million following a data breach which took place over the course of four years on the groups’ Starwood Division database. The breach is thought to have exposed the private data of around 339 million customers.

Commenting on the report, RPC partner, Richard Breavington, said:

“The jump in whistleblowing reports of data breaches will be a concern to businesses. The ICO’s large fines mean data security continues to be a C-suite issue for businesses that hold personal data.

“There were a lot of eyes on the ICO, waiting to see how it would use its new powers. Few foresaw it hitting a business with such a high fine at this stage.”

There was a dip in the number of whistleblowing reports to the ICO in the year leading to May 2018, but this number escalated rapidly after the introduction of the new EU data laws, which have given European regulators the power to clamp down on companies that misuse personal and private data.

“GDPR has driven a cultural shift in how people perceive personal data and its value. More people now see it as part of their personal property, and they are more likely to act if they believe it is being misused,” Mr Breavington added.

 

Article originally published on PrivSec:Report


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.