New information from the Big Brother Watch privacy group suggests that local authorities are still failing to report data protection breaches. In May 2018, the new GDPR legislation will come into force and councils will have to abide by regulations that will make the reporting of many data protection breaches compulsory.
But, aside from the impact the new laws may have, we cannot avoid the underlying issue here. With estimations that UK councils have been hit by almost 100 million cyberattacks in the last five years, the fact of the matter is that sensitive data is vulnerable in their hands.
Local authorities must hold a large amount of data about people for a variety of reasons. We understand and acknowledge this, and we get that it’s a necessity.
This does not mean that we should expect our data to be vulnerable. In fact, we ought to expect it to be secure given the kind of information councils hold about us, and the damage such data can do in the wrong hands.
We get a lot of enquiries from people who have suffered data protection breaches caused by councils, and we take on a lot of cases against local authorities and their agents for breaches. The focus should be on preventing the need for people to claim in the first place by ensuring that people’s data is secure.
Failures to report
According to the reports, more than half of the councils reviewed failed to report a data protection breach or loss, and more than 75% of them did not have mandatory training for staff to handle cybersecurity issues.
In an era where cyberattacks are so common, this is clear evidence that councils need to do much, much more.
“37 cyber-attacks a minute”
According to information from the reports there was, on average, a massive 37 cyber-attacks per minute in the last five years.
It’s clear that councils are under constant threat of cyberattacks so, to ensure the safety of our personal data, their security systems must be in shape.
Claiming for a council data protection breach
As a victim of a data protection breach or leak committed by a local authority, you have rights. We commonly represent victims claiming for data breach compensation against a council or their service agents, so we can help you.
The current state of affairs is not good enough, and only through action can we enforce the change needed to make sure that the wealth of personal and sensitive data councils often hold for us is adequately secured.