According to a new survey commissioned by software and services company Tieto, seven out of ten are worried about Internet security and more than one out of ten have been subject to data breaches. The study also reveals that eight out of ten people in Sweden and Finland and five out of ten in Norway would now consider erasing their customer data from companies' data registers. However, only one out of ten is aware of the possibility provided by the new data protection regulation GDPR, which steps into effect exactly one year from now.
On 25th May 2018, the new General Data Protection Regulation will come into force in the EU, giving consumers the right to get their stored data removed from companies’ data registers ('Right to be forgotten'). Businesses affected by cyber attacks and breaches where sensitive information is leaked must also inform authorities and affected customers (data subjects) of the incident within 72 hours.
To investigate how these changes are perceived by the general public, Tieto has commissioned research company SIFO to ask more than 1,000 people in Sweden, Norway and Finland about their attitudes to data protection and how companies treat personal data. The results show that over 90% want organisations that have been subject to data breaches where information is at risk of being leaked, to inform them of this within 24 hours.
At the same time, 80% of Swedish and 82% of Finnish people state that they would consider requesting one or several companies to delete all stored customer data about them, while the corresponding figure in Norway is 48%. Only approximately one out of ten is aware of the new regulation making this possible.
"Cyber threats are on the rise and citizens have become more alert to how companies handle their personal data. But knowledge about the new regulation is low and very few are aware of their upcoming strengthened data protection and privacy rights. Raising awareness among the general public is an important step in order to secure correct usage of personal data and strengthen our readiness against data breaches in society," said Markus Melin, Head of Security Services at Tieto.
"The time when you could collect customer data without knowing for sure where and how it was stored has definitely passed. Going forward, companies need to know exactly what kind of data they collect and also be prepared to find and erase it swiftly if requested. The ones who cope with this transition smoothly will have a competitive advantage and win the customers' trust. But it is an extensive task and the clock is ticking," said Markus Melin.