Technology Companies Favor Notification Law for Data Infringement

More than half of the technology companies in United Kingdom are demanding law that would compel organizations to inform their clients when a data hack occurs, a survey by Intellect, an industry body, revealed.

After carrying out an Internet security inquiry, the Lords Committee published a report in August 2007 providing details of the results. The Metropolitan Police was in favor of the idea of a notification law relating to data breach although with caution because they were not sure who would monitor and ensure proper implementation of the law.

According to Intellect, there should be a secure infrastructure for storing and handling data, so that business and consumer confidence stays intact, otherwise there could be an economic damage.

Intellect survey's preliminary results indicate that over 50% of the Intellect members support the legislation, and that the respondents want such a legislation to take care of both private and public sectors.

The respondents, who were a mixture of large and small businesses, also wanted the legislation to take care of information in any form, not just online.

Of the survey's total respondents from Intellect, three-quarter said that when a breach affects customers, those customers should be informed along with the regulator. However, one-third of respondents said the notification should be to all customers and not just the affected ones, while according to 1 in 5, the notification process should be extended to the police as well.

Chairman of the body, Barbara Navarro, said that businesses and consumers should handle personal information in the same way they would treat an asset. Navarro warned that infrastructure backing such data should be fully secured, otherwise there could be damage to business and consumer confidence thus affecting the economy. Silicon.com published this on October 2, 2007.

The system of notifying a data breach can help businesses to handle data more responsibly, although it may not be sufficient, she said.

The group plans to discuss the cost and impact of data interception on business and the whole industry, and also work to pull up the importance level of their employees about protecting the personal data.

Related article: Technology against phishing Needs to be Blended with User-Education

» SPAMfighter News - 10/23/2007