Shostack + Friends Blog Archive

 

75% of Britons Want to Know

The European Commission has done an “E-Communications Household Survey,” and found that overwhelmingly, “UK internet users want to be informed of data losses” [link to http://www.itweek.co.uk/itweek/news/2188900/uk-internet-users-informed no longer works]:

Most UK residents want to be informed if their personal data is lost or stolen after a corporate security breach, the latest E-Communications Household Survey from the European Commission (EC) has revealed.

Eighty-four percent of UK respondents said they would want to receive information of a breach resulting in data losses. Three-quarters of this group wanted to be informed in any circumstance, while a further nine percent only wanted to be made aware if the lost or stolen data put them at risk of financial damages.

Across Europe, it’s 64% [link to http://www.scmagazine.com/uk/news/article/654558/study-uk-citizens-demand-notification-data-breaches/ no longer works]. Someone should do a survey here, and let the folks at US PIRG know the results. As Dissent covers in “Breach notification proposals in Congress” [link to http://www.pogowasright.org/blogs/dissent/?p=385#more-385 no longer works], the main bills, S.495 and S.1178 would both include ‘sweep under the rug’ provisions. If the public in the US wants to know about mistakes at anything like the rate that people in the EU would like to know, then these bills are seriously off-target in their particulars.