Full Disclosure - silicon.com launches data breaches campaign

Today silicon.com launches its Full Disclosure campaign with the aim of making businesses and government take data security more seriously by improving the reporting of serious information security breaches.

A number of high-profile data breaches have eroded public faith in the ability of organisations to protect sensitive personal information and only a change in the law to force companies to come clean about data breaches will restore it.

silicon.com's Full Disclosure campaign - what we are asking for...

silicon.com wants the government to review its data protection legislation and improve the reporting of information security breaches in the public and private sectors.

We are calling for greater public debate and for the government to consider legislation that would require organisations that suffer information security breaches to alert their customers, if there is a chance the breach has put individuals' sensitive personal data at risk.

We want to hear your views about this campaign and the issues it raises. Make your voice heard by leaving a Reader Comment below or by emailing us at editorial@silicon.com.

Over the last year silicon.com has reported on a number of stories, such as laptop thefts and Data Protection Act breaches by banks, which show there is still much to do to improve the way the organisations treat information they hold about the public.

As the information commissioner Richard Thomas recently pointed out, there is a "frankly horrifying" roll-call of banks, retailers and government departments that have admitted serious security lapses.

And these - while serious - are surely only the tip of the iceberg, because in the UK there is no requirement for companies to reveal that a breach has taken place. That means many more incidents are taking place unknown to customers.

One episode illustrates the problem. Last year silicon.com chronicled the case of a still-to-be-named UK retailer which suffered a security breach that led to thousands of customers having their credit cards reissued.

While the customers had to go through the trouble of getting new cards, the identity of the retailer remained a secret - much to the fury of customers who contacted silicon.com.

This lack of accountability risks eroding customer trust in the use of online services such as e-tailing and internet banking in the UK, while the cost of identity fraud continues to rise.

But there is an alternative. California already has legislation in place that makes companies warn their customers if a data breach involving their info has taken place. Yet in the UK there is no law offering this kind of protection to the public.

This is why silicon.com is launching its Full Disclosure campaign, which calls on the government to consider similar protection for UK consumers.

If a company suffers a security breach that puts customers' sensitive personal data at risk, it should be obliged to warn its customers that their information may have been compromised so they can act accordingly to protect themselves.

This is not about naming and shaming - this is about giving the public confidence that when they entrust their personal information to an organisation it will act as a responsible guardian of that data. Reinforcing that trust will encourage more people to interact online, providing an important boost to the online economy.

silicon.com editor and site director, Tony Hallett, said: "Businesses and government need to regain the trust of the public by showing they are serious about protecting our sensitive information. By calling for companies to own up to serious data breaches, silicon.com's Full Disclosure campaign is an important step towards making organisations more accountable. Remember - it is our data that we entrust to them."

Let us know what you think of the Full Disclosure campaign. Make your voice heard by leaving a comment below or emailing us at editorial@silicon.com.