back to article Most UK privacy cock-ups are 'careless' spaffing of personal data - watchdog

Most of the data breach incidents analysed by the Information Commissioner's Office (ICO) in a three-month period earlier this year concerned errors in the way personal information was disclosed, the watchdog has said. The ICO said that it had looked at 335 data breach incidents between 1 April and 30 June 2013 and found that in …

COMMENTS

This topic is closed for new posts.
Bronze badge

"some business groups concerned about their ability to meaningfully report breaches within 24 hours"

Meaning some business groups are concerned about their ability to sober up their PR people in time to find someone else to blame.

6
0
Silver badge

"Proposed amendments tabled by EU Ministers would, if introduced, restrict the cases in which personal data breaches would have to be reported."

Why?

Do they think it's not important? Do they think their corporate masters can save money by hoping nobody finds out?

4
0
Thumb Up

@ dogged -

> . . .

Do they think it's not important?

. . .<

Yep.

> . . .

Do they think their corporate masters can save money by hoping nobody finds out?

. . .<

That's what they're doing now.

So, a 'no change' proposal.

3
0
Silver badge

No, it's so that when some drunken EU commissioner leaves his briefcase on the train after one bottle too much at lunchtime he'll not have to own up.

2
0

Usual crap

When the numbers look bad, do one of the following

1) dont report them,

2) change them to look good

3) or change the way they are counted

4
0
Silver badge

Re: Usual crap

You missed one

4) Change the start of the reporting period

4
0

California SB1386 law

SB1386 seems to have worked in the states, with companies uping their security, to get out of writing to all their customers to say they screwed up.

It has been proposed in several corners that we should have the same, a point reinforced by the fact that the ICO does not actively investigate, even the stuff that has been directly reported to them by members of the public.

i.e

Joe Public>ICO. "organisation X is mishandling my personal data, as defined by these rules in DPA98"

"and I have attached the evidence that their doing it"

ICO>Org X. "are you complying with the data protection act?"

Org X>ICO "certainly"

ICO>Joe Public "Org X have not breached the DPA, case closed"

0
0
Silver badge

Problem Is Between Keyboard And Chair.

1
0
Gold badge
Unhappy

Nothing changes till criminal charges can be brought.

Which requires the relevant Minister to change his "Statutory Instrument."

Otherwise it'll be BAU

1
0
This topic is closed for new posts.

Forums