BCR Advisory blog

UK companies will face far tougher fines if they lose customers’ info in data breaches

This article was sourced from Business Insider.  Article by Rob Price.

LONDON — Companies that expose their customers information in data breaches could face far harsher penalties — including fines of up to 4% of their global annual turnover.

On Monday, the British government announced plans to strengthen UK data protection law with the a new Data Protection Bill.

Among the plans laid out in the bill is to give the ICO (Information Commissioner’s Office) regulator the power to fine companies up to £17 million, or 4% of global turnover, in the “most serious data breaches.”

It’s a significant increase — the maximum fine that the ICO can currently levy is for £500,000.

It’s likely that these powers would be used in major breaches like the 2015 hack of British telecoms firm TalkTalk that saw more than 150,000 customers’ data compromised. Hackers were able to gain access using a rudimentary attack that has been known about for more than 15 years, and in its aftermath a parliamentary report called for businesses breached in similar ways to face “significant fines.”

The Data Protection Bill will also make it easier for people to withdraw consent for the use of their personal data, and expand the definition of “personal data” so that it includes DNA, internet cookies, and IP addresses, among other changes.

In a statement, secretary for digital Matt Hancock said: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.

“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”

For specialist advice regarding your specific circumstances, please contact the BCR team.

Tell us what you thought of this article by commenting below or connecting with us on LinkedIn or Twitter.

BCR team
The BCR Advisory team are a national represented firm with its main office located in Sydney. It is a boutique corporate advisory, recovery and insolvency firm that specialise in the SME market. The team’s reputation is built on their extensive experience within the industry as well as their fresh and innovative approach to problem solving for distressed business owners.Let us know what you thought about this article by leaving a comment below. Alternatively, you can get in touch with the BCR Advisory through our contact page.