House of Commons (UK) Report: Cyber Security: Protection of Personal Data Online

Posted July 18, 2016
Written by Mark Heyink

Your attention is drawn to a report of the House of Commons Culture, Media and Sport Committee in the United Kingdom addressing Cyber Security: Protection of Personal Data Online.

This can be accessed at the following link:

This report, published on the 20th June 2016 uses as a focus the TalkTalk cyber-attack and responses to the cyber-attack which were considered by the Committee. However, its considerations are far wider and the recommendations made in the Conclusion and Recommendations are far-reaching.

What the conclusions and recommendations emphasise is the Information Commissioner's Office should take a far more rigorous approach to the protection of personal data. It indicates that there needs to be a "step change" in consumer awareness of online and telephone scams and discusses how this might be achieved. It also addresses the importance of someone (in the context of South Africa the Information Officer) taking full day to day responsibilities for cyber security. Allied to this it recommends that to ensure that cybersecurity receives sufficient CEO attention a portion of a CEO's compensation should be linked to effective cybersecurity.

With regard to sanctions, several recommendations are made to increase penalties and strengthen the hand of the Information Commissioner's Office in dealing with delinquent processors of information. This is largely in line with the stricter approach which is evident in the GDRP.

Coinciding closely with the publication of the report is the commencement of the new Information Commissioner in the UK, Elizabeth Denham, on the 18th July 2016. It will be interesting to follow her approach, and certainly those persons appointed to the Information Regulator's Office in South Africa would be wise to consider the example that she will set. Elizabeth Denham is a hardliner on privacy and in view of the strengthening stance to privacy globally, it is likely that she will take the recommendations referred to above to heart in seeking to protect the personal information of UK citizens.

©Mark Heyink 2016



  • 08 August 2018 - 13:41:00
    On the 25th July 2018 as a result of announcements that were made by Facebook relating to its future revenues the market value of Facebook dropped by US$ 148 billion (or R1,95 trillion). This is almost half of South Africa’s total GDP in 2016.

    While there may be several reasons for the decline in Facebook’s revenue which led to the sell-off of shares, one of the three primary factors for the decrease in projected profitability of Facebook is the focus on privacy and security

  • 08 August 2018 - 13:36:00
    As I wrote in a previous article, South Africa according to the PWC Global economic crime and fraud survey of 2018 suffers the second highest number of cybercrimes of all the countries in the world. While I have no statistics to support this I would suggest that internet banking fraud must rank as one of the primary attack vectors for cybercriminals.

    The Ombudsman for Banking Services of South Africa (Ombud) reported that for the first time in 2017 internet banking fraud was the category of crime that was most prevalent of the disputes that the Ombud has been requested to deal with. No less than 1377 internet banking complaints were closed by the Ombud in 2017. It is clear that significantly more citizens are victims of internet banking fraud as not all of the matters have been referred to the Ombud.