Which?, the magazine published by The Consumers' Association, has called for changes to the upcoming Data Protection Bill in an effort to give more rights to consumers.
The new Bill, part of an adequacy arrangement bringing UK law in line with the EU's GDPR, will enshrine the right to be forgotten and will require users to give explicit consent for their data to be collected.
Despite that, Which? wants the legislation to give consumers who have been victim of a data breach more power to ‘seek redress' - i.e. sue the companies who lost the data in the first place.
Research by the firm found a general lack of understanding of current data protection rules, ‘including who is responsible for protecting consumers' data and how consumers can seek redress if things do go wrong'.
Around 20 per cent of people said that they do not know how to go about claiming compensation via the courts in case of a breach. A similar figure told Which? that they do not know who is responsible for helping them when data is lost.
Because of this, Which? has put out a statement urging the government to amend the Data Protection Bill so that ‘independent organisations acting in the public interest' can provide assistance to groups of consumers, helping them to seek redress as a collective.
The MD of home products and services at Which?, Alex Neill, said, "Data breaches are now more commonplace and yet many people have no idea what to do or who to turn to when their personal data is compromised.
"The government should use the Data Protection Bill to give independent bodies the power to seek collective redress on behalf of consumers when a company has failed to take sufficient action following a data breach."
Banks, law firms and financial software suppliers in the UK, US and Russia targeted
Rolls-Royce chief digital officer Neil Crockett plans to use big data for efficiency and profit
Tackling security and global connectivity in logistics
AMD's Ryzen roadmap on track