Internet users wary of online firms' data security practices

Only a quarter of internet users are confident that online businesses adequately process and protect their personal data, according to a survey commissioned by the Information Commissioner's Office (ICO).

Overall, less than half of all respondents (49 per cent) said they were confident that companies handle data correctly, underlining the growing importance for firms to ensure that all data is handled and retained securely.

But the message does appear to be getting through to companies. Seventy-two per cent of firms are aware they have an obligation under law to keep personal data secure, up an impressive 26 per cent on 2010 figures.

Despite this, data breaches continued to rise, up a shocking 58 per cent in the private sector in 2011/12 on the previous reporting period.

Information commissioner Christopher Graham said the figures made for mixed reading and urged businesses to clamp down on embarrassing data breaches to improve consumer confidence.

"I'm encouraged that the private sector is waking up to its data protection responsibilities. However, the sector does not seem to be putting its knowledge to good use," he said.

"The fact is that security breaches in the private sector are on the rise, and public confidence in good information handling is declining. Businesses seem to know what they need to do – now they need to get on with doing it."

Graham added that while the ICO's ability to fine organisations should be incentive enough to ensure data protection is taken seriously, the risk to a firm's reputation should make it a top priority.

"Companies need to consider the damage that can be done to a brand's reputation when data is not handled properly. Customers will turn away from brands that let them down," he said.

Despite the improvements in private sector awareness of data protection requirements, the ICO recently urged the government to give it the power to undertake compulsory audits of businesses, as most firms are reluctant to undergo inspections by the watchdog.