Consumers want to know about all data breaches
Survey suggests that many feel the new EU rules are not strict enough
As if to provoke a collective groan from IT industry ranks, consumers have indicated they want to be told about all data breaches – no matter how small.
That is based on a poll of 1,000 consumers by security vendor LogRhythm where 66 per cent of respondents stated that organisations should be forced to declare any and all data breaches – and that customers should be told of such events immediately.
"Consumers call for breach notification laws that make it mandatory for all breaches to be reported to all customers – irrespective of scale," the vendor warned.
LogRhythm commissions the poll annually, and this year more respondents also indicated that punishments for data breaches should be harsher than the current regime.
EU law at present only requires telecoms operators or ISPs to notify customers affected by a breach – but 64 per cent of respondents in the survey said all customers should be informed.
Ross Brewer, managing director of international markets at LogRhythm (pictured), speculated that the number of data breaches reported this year had affected consumer perceptions.
"EU data privacy laws go some way towards mandating full breach disclosure, but the feedback from consumers is that much more needs to be done – across industries far beyond the telecoms sector," he said.
Fifty-three per cent of those surveyed indicated they would wish to avoid doing business with organisations that had suffered data breaches. Yet at the same time, 48 per cent said it was "inevitable" their data would be compromised by hackers at some point.
Social media and gaming websites were least trusted keepers, while healthcare providers and financial services were more trustworthy, according to respondents.
"Perhaps, as initiatives such as the EU's 24-hour breach notification regulations develop, we'll see confidence increase and consumers becoming less resigned to the fate of their privacy," opined Brewer.
Respondents also said they were worried about large organisations and internet companies sharing information. However, 16 per cent, up from 11 per cent in 2013, believed government organisations do enough to protect national assets.