Menu
Subscribe to Holyrood updates

Newsletter sign-up

Subscribe

Follow us

Scotland’s fortnightly political & current affairs magazine

Subscribe

Subscribe to Holyrood
by Sofia Villegas
29 October 2024
Information Commissioner: Companies ‘must do better’ to tackle ‘ripple effect’ of data breaches

Around 30 million in the UK have had their data lost or stolen | Alamy

Information Commissioner: Companies ‘must do better’ to tackle ‘ripple effect’ of data breaches

Information Commissioner (ICO) John Edwards has called on businesses “to do better” and stop the “ripple effect” of data breaches as new findings show almost 30 million people in the UK have had their data lost or stolen.

Edwards has urged for “empathy and action” after research suggested a lack of support for those who had suffered a breach.

Gathering more than 5,500 responses, an ICO survey found more than half of UK adults have had their data lost or stolen, with 30 per cent of them having experienced emotional distress as a result. However, a quarter said they received no support from the organisations responsible and almost two thirds revealed they had found out about the breach through the media rather than from the organisation itself.

The commissioner said: “There are two important things I need organisations to understand: empathy and action. You have a role to stop the negative ripple effect in someone’s life from spreading further. It is vitally important to acknowledge what has happened, be human in your response and commit to making sure it doesn’t happen again.”

Other qualitive research carried out by the ICO revealed some victims had felt forced out of their job and faced discrimination following a breach, while others had had to move homes.

John Edwards said people in vulnerable situations - such as survivors of domestic abuse and those living with long-term health conditions- are often disproportionately affected by such breaches, adding the unauthorised disclosure of their personal data can lead to “stigma, fear, discrimination, or even physical danger.”

Edwards said: “We trust organisations with some of the most sensitive personal information imaginable, yet these data breaches continue to happen. This is not just an admin error – it is about people. When data is mishandled, it can have serious and long-lasting consequences, particularly for people in vulnerable situations. We need organisations across the country to do better.”

The commissioner’s statement follows on from a string of high-profile data breaches across the UK. In February, NHS Dumfries and Galloway was hit by a cyber-attack which led to a “large volume” of personal data being leaked onto the dark web, while in September 5,000 people had their details hacked after Transport for London suffered an attack.

He added: “The stakes are too high to get it wrong. At the end of the day, it’s not just about protecting data. It’s about protecting people.”

Holyrood Newsletters

Holyrood provides comprehensive coverage of Scottish politics, offering award-winning reporting and analysis: Subscribe

Read the most recent article written by Sofia Villegas - Interpol: ‘We’re witnessing an unprecedented surge in cybercrime’.

Get award-winning journalism delivered straight to your inbox

Get award-winning journalism delivered straight to your inbox

Subscribe

Popular reads
Back to top