Font Size

Businesses waking up to data protection responsibilities


The Information Commissioner’s Office

Business Articles
Submit Articles   Back to Articles
p>News release 21 October 2011 - ICO

Businesses ‘waking up’ to data protection responsibilities - but less than half of individuals believe that their data is handled properly

Businesses may be ‘waking up’ to their obligations under the Data Protection Act (DPA) but public confidence in how personal information is being handled continues to decline, the Information Commissioner’s Office (ICO) said today.

New figures published today show that nearly three quarters of businesses surveyed now know that the DPA requires them to keep personal information secure – up 26% on last year’s figure.

Despite this, public confidence has fallen - less than half of individuals surveyed believe that organisations process their data in a fair and proper manner. Concern is particularly high in relation to web-based businesses – almost three quarters of individuals believe that online companies are not keeping their details secure.

In addition, the number of data security breaches in the private sector continues to rise – 58% more breaches have been reported to the ICO so far in 2011/12 than in the same period last year.

Information Commissioner, Christopher Graham said:

“I’m encouraged that the private sector is waking up to its data protection responsibilities, with unprompted awareness of the Act’s principles higher than ever. However, the sector does not seem to be putting its knowledge to good use. The fact is that security breaches in the private sector are on the rise, and public confidence in good information handling is declining. Businesses seem to know what they need to do – now they just need to get on with doing it. It’s not just the threat of a £500,000 fine that should provide the incentive. Companies need to consider the damage that can be done to a brand’s reputation when data is not handled properly. Customers will turn away from brands that let them down.”

The ICO’s annual track survey looks at information rights issues across the board. Other figures released today show that awareness of citizens’ rights under the Freedom of Information Act is increasing.

More than nine out of ten public authorities surveyed are aware that individuals have a right to see information. The vast majority - 84% - also agreed that the Act is needed. Despite unprompted awareness of the Act among individuals being higher than ever, at 24%, respondents were sceptical that the information they’d like to see is actually being made public. Just half of those surveyed are satisfied that information is readily available and accessible.

Other figures published today show that recognition of the ICO’s role as the enforcer of the Data Protection Act is now at 70% – the highest awareness level since the question was introduced to the annual survey in 2004. This increase is partly driven by the private sector; 53% of businesses surveyed now have a clear understanding of the ICO’s role in this area compared with 20% last year.

Mr Graham added:

“This survey highlights the increasing importance of accountability and transparency, and the public’s right to know. Almost all public authorities can see the clear benefits of having freedom of information laws. But more needs to be done to make sure that the right information is being made available since only half of citizens surveyed feel they have easy access to the information they want.”

The ICO’s 2011 annual track survey was undertaken by SMSR on behalf of the ICO. Nearly 2,500 individuals and over 800 companies were interviewed – both from the private and public sector.

If you need more information, please contact the ICO press office on 0303 123 9070 or visit the website at:


1. The full research report is available at:

2. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

3. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

4. The ICO is on Twitter, Facebook and LinkedIn, and produces a monthly e-newsletter. Our For the media page provides more information for journalists.

5. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:

• Fairly and lawfully processed

• Processed for limited purposes

• Adequate, relevant and not excessive

• Accurate and up to date

• Not kept for longer than is necessary

• Processed in line with your rights

• Secure

• Not transferred to other countries without adequate protection

6. The Freedom of Information Act (FOIA) provides individuals or organisations with the right to request official information held by a public authority. The Environmental Information Regulations (EIR) provide access to environmental information.

About the Author

The Information Commissioner’s Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. We do this by promoting good practice, ruling on complaints, providing information to individuals and organisations and taking appropriate action when the law is broken.

The ICO enforces and oversees the following legislation:

  •  Data Protection Act 1998
  •  Freedom of Information Act 2000
  •  Privacy and Electronic Communications Regulations 2003
  •  Environmental Information Regulations 2004

Follow us @Scopulus_News

Article Published/Sorted/Amended on Scopulus 2011-10-25 00:27:36 in Business Articles

All Articles

Copyright © 2004-2021 Scopulus Limited. All rights reserved.