“50% of UK consumers don’t feel commercial organisations care about their privacy” reports Thales eSecurity

Thales eSecurity – the specialist in critical information systems, cyber security and data security – has just announced the results of its research on the EU’s General Data Protection Regulation (GDPR). Based on a study conducted by Censuswide and sponsored by Thales eSecurity, the report captures the perceptions of consumers and businesses on the preparedness levels of organisations in Europe and the United States for the May 2018 GDPR compliance deadline, as well as the potential business impact.

Half of UK consumers don’t believe commercial organisations care about their privacy, and many are prepared to take legal action against businesses that don’t comply with the GDPR. At the same time, businesses are concerned that the new data privacy regulations will have a negative impact on their operations and international relations.

Intended to improve personal data protection and increase accountability for data breaches, the GDPR is perhaps the most comprehensive data privacy standard to date. It presents a significant challenge for organisations that process the personal data of EU citizens, regardless of where those organisations are headquartered.

50% of UK consumers surveyed claim not to trust anyone with protecting their personal information. Perhaps as a result of recent high-profile breaches, only one-in-five (20%) of UK consumers trust financial institutions with their information, while just 23% said they trusted healthcare providers.

Retailers are only trusted by 6% of consumers in the UK, and perhaps with good reason. Thales eSecurity’s 2017 Data Threat Report reveals that two-in-five retailers globally have experienced a data breach in the past year, and that a third had suffered more than one.

More worryingly, perhaps, 70% of UK consumers believe their information has been made available for sale online by cyber criminals.

However, with the EU GDPR’s implementation now just six months away, three quarters of UK consumers (76%) feel that increased regulation will improve the privacy of their online data.

Taking back control

The research revealed that more than a third (37%) of UK consumers had heard of the GDPR and that almost two-thirds (57%) of these could explain it to some degree.

Aware of the GDPR, and what it means for the privacy of their information, consumers appear to be willing to take a stand against those organisations that fail to comply with the regulation, with three-in-five (58%) of UK respondents claiming they would at least consider legal action as an option.

More than three-quarters (79%) of respondents said they would consider taking their business to another company if the one they were dealing with didn’t comply with the GDPR, while 69% suggested they might report a non-compliant organisation to the relevant industry watchdog. Three quarters of UK consumers (77%) suggested a failure to comply with the GDPR would negatively impact their perception of an organisation.

Business impact

The Thales eSecurity survey has revealed a number of reasons why organisations may have more to fear from the GDPR than just consumer action and financial penalties:

*63% of UK-based organisations believe that implementing measures to become GDPR-compliant will increase the level of complexity and red tape within their business

*Almost half (49%) are concerned that the GDPR will hinder their organisation’s innovation to some degree

*One-in-five (21%) expect the GDPR to have a negative impact on relationships with their international partners

*Interestingly, while around one-in-five UK businesses (22%) believe the GDPR will lead to fewer data breaches, almost a third (32%) are concerned that its implementation will actually result in an increased number of breaches

Despite these concerns, more than a third of UK organisations (37%) remain optimistic that the GDPR will have no effect on their business operations whatsoever.

Jim DeLorenzo, solutions manager for the GDPR at Thales eSecurity, observed: “As a result of recent and ongoing data breaches, digital privacy remains front of mind for consumers. With the deadline for enforcement of the GDPR fast approaching, law firms and compensation companies will begin to focus their efforts on fighting for consumer rights. Organisations could find themselves facing multiple legal challenges in addition to the hefty fines levied by the GDPR, some of which will undoubtedly achieve national media attention. The GDPR is a change of legislation that well and truly places the onus on organisations to put their houses in order. The clock is ticking.”

*Download your copy of the Thales eSecurity report here

**Thales eSecurity commissioned the survey among 2,000 consumers in the UK and Germany (1,000 in each region) and 1,500 C-Level executives in the UK, the US and Germany (500 in each region). The research was conducted online by polling company Censuswide, an international research organisation, in August 2017

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts