Most members of the UK public have expressed a wish that they would like to see the data on UK citizens deemed by the Investigatory Powers Tribunal to have been unlawfully collected by GCHQ and MI5 for over a decade physically deleted. This is the central finding of a OnePoll survey conducted on behalf of security and privacy advice and comparison site Comparitech.com.
According to the study involving 1,000 members of the UK public, 70% said they would like to see their illegally gathered data deleted, while a further 45% of respondents felt that some form of compensation was also in order.
“While almost half of those surveyed said they should be compensated for any nefarious activity they may have been subjected to, a far healthier 70% thought that the UK Government should now delete all personal data it has acquired through illegal means,” said Lee Munson, security researcher for Comparitech.com.
“Whether or not that happens remains to be seen – or not, as the case may be – but what’s clear is that the British public still doesn’t have a grasp on the data privacy and wiretapping laws.”
One third of the UK public said the case had decreased their trust in the UK Government, while a whopping 68% said it had decreased their trust in online platforms such as social media and e-mail. When asked if they were more concerned about hackers stealing their private information or the Government illegally collecting it, 51% of those surveyed were more concerned about hackers, 14% were most concerned with the Government and almost a third (31%) said they were equally concerned about both.
“These statistics clearly show that the public is constantly fighting a battle of who to trust in regards to their privacy,” continued Munson. “For now, the best advice is to trust no-one when it comes to leaving a trail of personal information online. People should arm themselves with the tools and knowledge necessary to help keep their personal information safe. For the powers that be who have yet to decide what to do with the data that has been illegally collected so far, the public has spoken – delete it.”
In fact, 38% of those individuals questioned felt so strongly about privacy that they would consider paying for products that increase their online privacy.
Insufficient cyber awareness among employees
Recent UK Government research has found that 75% of large UK organisations suffered staff-related security breaches in 2015, with 50% of the worst breaches caused by human error.
With nine out of ten large organisations experiencing some kind of security breach, threats to the UK legal sector are a near certainty, and especially so considering the valuable information held by law firms.
Legal IT specialist SproutIT continuously evaluates high end products and solutions to be able to transfer its in-depth knowledge to the UK legal sector such that it can help in reducing the risk of data breaches and cyber attack.
Matt Torrens, managing director of SproutIT, said: “Pound for pound, there’s probably no more effective countermeasure than a good security awareness programme. We’ve found that there can be a weak link in the training of staff around the subject of information security awareness, with some firms not providing any training at all and most offering only a short e-learning course once every year. Training has to be regular from the Boardroom through to the front line to ensure that everyone is given the simple, practical guidance they need in order to make the right decisions when managing daily risks.”
Nick Wilding, general manager of cyber resilience for AXELOS, added: “All businesses need to ensure that each of their employees, regardless of their role or degree responsibility, are aware of the cyber risks that they face. This is particularly true in the legal world, where companies hold hugely valuable information about clients on their systems. One data breach could destroy a firm’s reputation.”