Eight months after TalkTalk’s data breach, the Culture Media and Sport Committee has published findings from its inquiry into cyber security and the protection of personal data.
The Committee heard from a range of experts and businesses, including TalkTalk’s Chief Executive Dido Harding, TechUK and the Information Commissioner on the growing threat of cyber-attacks on all businesses with an online platform or service.
And it seems businesses are found wanting. Worryingly, 90% of large companies have experienced a security breach, with 25% of companies experiencing a cyber-breach at least once a month. So it’s no surprise that consumers are increasingly concerned about data protection and cyber-security.
Data protection
The Institute of Customer Service said that over 1 in 4 people are most concerned that cyber-attacks might compromise their personal information and could result in a financial loss.
And our own research found that of the people we asked, half of them avoid using certain online services, apps and products for fear of being targeted by scammers.
Interestingly the Culture, Media and Sport Committee also received evidence from a number of individuals claiming to have fallen victim to scam calls, having been hounded by nuisance calls since their personal data had been leaked as a result of the data breach.
The problem is that when things go wrong the picture isn’t so rosy. The Committee noted that redress following a data breach is still too difficult.
In order to get compensation for damages, individuals may need to take legal action through a small claims court. This can be a long and costly process with no guarantees of success. But in some circumstances, if you fall victim of a data breach then there’s also no automatic right to terminate your contract early.
Instead when your personal data has been leaked, you’re left exposed to scams and your trust in a company has diminished as a result of a data hack, there’s not always a simple get out clause. Early contract termination is usually at the gift of the company and part of it’s original terms and conditions – often one that you won’t be aware of until it’s too late.
Next steps
So it’s positive that the Committee has acknowledged, interrogated and attempted to address these challenges – it recommended that more support and guidance should be offered to individuals to make a small claim for compensation, and that telecoms and mobile companies should provide clearer terms and conditions on the right to terminate a contract early.
But it still seems like it’s not enough. When there’s an industry-wide problem in facing the threat of cyber-attacks and hacks, why is it that consumers are still the ones facing the costs and consequences?