Data breach complaints double after GDPR
The number of data breach complaints received by the Information Commissioner’s Office has more than doubled since GDPR came into force.
Some 6281 complaints were received by the regulator between 25 May and 3 July 2018. This is a 160% rise in comparison with the previous year, where 2417 complaints were received in the corresponding period.
Financial services was one of the top sectors reported, accounting for 10% of all complaints. The education and health sectors faced similar problems, receiving a combined 1112 complaints. Media publicity and government advertising has raised awareness of consumer’s data rights which has likely encouraged the spike in complaints.
James Geary, principle commercial contracts at EMW Law, said: “We have seen many businesses are currently struggling to manage the burden created by the GDPR, whether or not an incident even needs to be reported.”
Breaching GDPR could result in a fine of €20 million or 4% of worldwide turnover – this is 33 times more than the previous maximum fine of £500,000.
Geary added: “The reality of implementation may have taken many businesses by surprise. For example, emails represent one of the biggest challenges for GDPR compliance as failing to respond promptly to subject access requests or right to be forgotten requests could result in a fine. The more data a business has, the harder it is to respond quickly and in the correct compliant manner.”
Far from signalling the end of marketing, GDPR should be seen as an opportunity to rethink your marketing strategy and reposition the function as a source of genuine competitive advantage.