Irish DPC reports massive increase in reported data breaches
| Date breaches up by 70% compared to previous year
The Irish Data Protection Commission (“DPC”) has reported a huge rise in new reporting of security breaches, an increase of 70 percent last year compared to 2017.
The Commission, one of Europe’s top data protection watchdogs, takes the leading role in investigating data breaches by companies like Facebook, said companies notified it concerning more than 4,700 data security incidents during 2018.
The DPC stated in a report that as of December 31 it had 15 ongoing investigations of multinational tech companies. Ten of the investigations concerned Facebook or its subsidiaries, Instagram and WhatsApp.
Increase attributed to GDPR
The massive increase in self-reporting is directly related to the introduction of the GDPR, in which the reporting is a mandatory requirement. The previous Data Protection Act only required companies to report problems on a voluntary basis.
Under the GDPR, companies that violate the regulation by leaking people’s personally Identifiable Information (“PII”) face financial penalties of up to 4% of their global annual revenue.
Facebook, for example, revealed in September that hackers gained login details for about 50 million accounts, with some of those accounts belonged to Europeans. The new GDPR rules forced Facebook to come clean about the hack in a timely fashion, and the agency moved quickly to launch a formal investigation to see if the tech giant failed to abide by EU data privacy rules.
Irish DPC first on the scene
Like a lot of other U.S. companies, Facebook’s European headquarters are located in Dublin. This means the authorities in Ireland are usually the first to be involved in enforcing Europewide laws against them.
The Irish DPC is among the first EU data agencies to report its annual figures for 2018. It reported a rise of 56 percent in data complaints, which represents up to 4,100 in 2018 from the 2017 total of 2,600.
Helen Dixon, the regulator’s leading commissioner said:
The rise in the number of complaints and queries demonstrates a new level of mobilisation to action on the part of individuals to tackle what they see as misuse or failure to adequately explain what is being done with their data,
Ms. Dixon added that the agency, which has a growing staff of more than 100, was feeling “very optimistic about the improvements we will see in Ireland in personal data handling practices over the next few years.”
Sources and credits: Irish Data Protection Commission