Changes to Regulations on Data Protection

Changes to Regulations on Data Protection

As of April 6th 2010, the Information Commissioners Office will have the power to charge fines of up to £500,000 to any business or organisation that is responsible for a breach in the Data Protection Act 1998.

It will be interesting to see how businesses react to this. Indeed, over the last few years the small to medium sized company has received very little help from the government with regards to helping grow the economy. Now they are threatening them with fines if they make any data related mistakes. Sounds to me like a parent expecting great things from its children without offering any support whatsoever – or indeed actively finding obstacles to try and stunt their development.

But I imagine that most businesses won’t react hysterically come the 6th of April. Indeed, regulations on data protection have always existed it’s just that no maximum penalty had been indentified. To some degree I think the ICO hopes that putting an actual figure on the maximum fine is enough to frighten business owners into taking some action. The reality is that businesses yet to put any preventative measures in place won’t do so until they or someone they know is affected.

I’ve just finished reading an excellent book called ‘Risk’ by Canadian journalist, Dan Gardner. The book talks about why people overreact to risks that are minimal and under-react to those that are very real. One of the key concepts in the book surrounds the way the brain functions and in particular the two parts of the brain responsible for determining our judgement of risks. Scientists call them the ‘Head’ – the very rational part that makes judgements based on facts – and the ‘Gut’. The ‘Gut’ makes judgements very quickly by looking to ‘Examples’ that it can draw experience and cues from. I won’t go into this process in too much detail – I advise you to read the book - but I will leave you with an example that the author cites showing ‘Gut’ overriding ‘Head’ in an all too familiar circumstances.

In California, earthquakes are a common occurrence. Indeed, many companies make a profitable living by selling earthquake insurance to home owners and businesses alike. The interesting thing about earthquake insurance, however, is that typically people tend to buy it or upgrade it straight after an earthquake strikes – when the premiums are at their highest. What makes this interesting is that the probability of an earthquake occurring is lowest immediately after a quake, while the danger rises as time passes. Thus, what people do is exactly the opposite of what reason says they should do.

We take irrational actions like this because straight after an unfortunate incident our memories are raw, vivid and easily recalled – something referred to as the ‘availability heuristic’. And this is why something rarely gets done until it’s too late.  

Share this post

Join our cloud community

Join our cloud community Sign up for email updates