Latest Data Protection Index results highlight privacy laws are evolving fast

The latest research findings of the UK Data Protection Index from The DPO Centre and The Data Protection World Forum, highlight the ever-shifting privacy landscape. For the first time, Data Protection Officers (DPOs) were asked whether they think the political agreement between the EU and US announced on the 25th March 2022, proposing a new Trans-Atlantic Data Privacy Framework, would make it to a legal agreement. Interestingly almost two thirds (64%) said they believed it would.

Highlights of the Data Protection Index Q2 2022

62% of respondents believe that the UK will maintain its adequacy status with the EU

74% believe the UK’s data protection laws promote UK economic growth

Only 50% of DPOs’ have a high level of confidence in their company’s own data protection compliance. Confidence has now declined for the third quarter running

Only 20% of respondents believe the UK’s proposed International Data Transfer Agreement (IDTA) framework, will significantly promote growth

Confidence in the effectiveness of the ICO (Information Commissioner's Office) has declined with only 39% of respondents awarding a score of 8 or more out of 10, down 4 percentage points compared with Q1 2022, this is substantially below June 2021’s high of 50%

Rob Masson, CEO of The DPO Centre, said: “As the economic recovery from Covid stumbles due to the adverse effects of other world events, it is not surprising that within these results we see confidence in some areas has improved, but in others it has waned. For privacy in the UK however, DPOs still strongly believe that UK data protection laws promote economic growth (74%), but a lack of such positivity is apparent in other areas. We are, it seems, in a period of transition, as the UK government pushes forward with its new direction for data, but continues to be light on the detail.”

In this edition of the survey, there were also questions on the use of Artificial Intelligence (AI) in DPO roles today. 40% of DPOs scored the use of AI or Machine Learning (ML) in their organisation within the next 3 years as ‘likely’ (indicating 7 or above). Overall, when asked about issues DPOs see as their organisations' biggest challenge when trying to comply with GDPR over the next 12 months, AI and ML and big data implementation saw a quarter-on-quarter increase, with 10% rating this as their top issue, compared to just 4% back in Q3 2021.

Finally, when asked whether an organisation-wide malware encryption attack (where access to core systems have been lost) would result in the organisation paying a ransom, regardless of their DPO’s advice, 27% said they believed their organisation would pay a ransom, up 3 percentage points compared with Q1 2022.

The full report of the latest UK Data Protection Index survey is available to download via The DPO Centre’s website.

Notes to Editors

This quarter, we asked our panel of 513 DPOs questions about a range of topics, including about how they perceive UK's data laws compared to those in other countries, the levels of compliance within their own organisations, and their confidence in the effectiveness of the Information Commissioner’s Office (ICO). For the first time, we have also asked DPOs for their thoughts on the proposed Transatlantic Data Privacy Framework announced in March 2022, as well as the use of Artificial Intelligence (AI) and machine learning within their organisations

The DPO Centre is the UK’s leading independent data protection officer resource centre, offering expert advice and ensuring organisations have access to the level of knowledge and expertise they require to comply with the highest standards of privacy and data protection.    

Follow The DPO Centre on LinkedIn https://www.linkedin.com/company/dpo-centre/  

For an interview with CEO, Rob Masson contact Louise Ahuja la@dpocentre.com 

  


About The DPO Centre

Founded in 2017 by Rob Masson, The DPO Centre is the UK’s leading independent data protection resource centre, offering expert advice and ensuring organisations have access to the level of knowledge and expertise they require to comply with the highest standards of privacy and data protection.  Follow the DPO Centre on LinkedIn https://www.linkedin.com/company/dpo-centre/ The DPO Centre’s services include: • Providing outsourced Data Protection Officers on a ‘fractional’ basis (so 1 to 8 days per month) that become integral and trusted members of the client’s team • Interim and overflow resources to support and extend existing compliance teams • EU and UK representation as required by Article 27 of the GDPR • and a full range of privacy and data protection consultancy and training services to companies across all sectors in the UK.