Data security awareness crashes to a four-year low

Levels of awareness of the eight core obligations brand owners face when processing personal information have fallen to a four-year low, according to research commissioned by the Information Commissioner’s Office.

Although 48% of the 401 private companies surveyed knew they had to keep personal data secure, this is down from 64% in 2007. When asked about other obligations they are subject to under the Data Protection Directive, organisations appear to have forgotten the rules.

Processing information for limited purposes gained the second-highest level of awareness at just 12%, down from 31% four years ago.

Keeping data accurate and up-to-date was mentioned unprompted by only 11%, compared with 40% in 2007. The other five principles of the directive were recalled by 8% or less of the sample.