Monday 15 July 2019 12:01 am

Data breach reports soar since GDPR, as firms fear mammoth watchdog fines

The number of whistleblower reports to the information commissioner over data breaches have jumped 175 per cent since GDPR came in, according to research.

People have become more vigilant about the handling of personal data, and more likely to report potential breaches, since the regulations were introduced in May 2018 according to law firm RPC.

Whistleblower reports in the year ending May 31 2018 numbered just 138, compared to 379 the following year.

The data comes hot on the heels of the Information Commissioner’s Office doling out £238m-worth of fines to British Airways and hotel group Marriott International last week. 

In the context of the record-breaking penalties, the rise in reports will come as “a real concern to businesses,” said the law firm.

The two fines, issued in little more than 24 hours, amount to more than three quarters of the total fines given by the Financial Conduct Authority (FCA) in the whole of the past year. This is despite the fact the FCA has traditionally given far harsher fines than the ICO.

RPC Partner Richard Breavington said: “The ICO’s large fines mean data security continues to be a C-suite issue for businesses that hold personal data.

“GDPR has driven a cultural shift in how people perceive personal data and its value. More people now see it as part of their personal property, and they are more likely to act if they believe it is being misused.”

“The ICO has shown that it is a regulator to be respected. The FCA had traditionally been thought to be among the tougher regulators in the UK, but the fines the ICO is levying are now on a different scale.”

“There were a lot of eyes on the ICO, waiting to see how it would use its new powers. Few foresaw it hitting a business with such a high fine at this stage.”

Main image: Getty