The number of data breaches reported by whistleblowers to the UK’s ICO has jumped 175% since the introduction of the General Data Protection Regulation (GDPR).
A Freedom of Information request from law firm RPC revealed that the number of breaches highlighted by individuals concerned over consumer data privacy rose from 138 reports in 2017-18 to 379 reports in 2018-2019. This clearly indicates a correlation with the introduction of the GDPR, making people more conscious of data protection laws.
“GDPR has driven a cultural shift in how people perceive personal data and its value,” said Richard Breavington, partner at RPC.“The jump in whistleblowing reports of data breaches will be a concern to businesses – the ICO’s large fines mean data security continues to be a C-suite issue for businesses that hold personal data.” “More people now see it as part of their personal property, and they are more likely to act if they believe it is being misused.”
Proportionally to the rise of reports is the rise in fines. Compared to fines issued last year, the ICO has significantly stepped up its enforcement action with the fines issued to British Airways (£183 million) and Marriott International (£99 million) over data breaches.