Nigel Miller was quoted in the Drapers Multichannel Trends Report 2017, published on 14 April 2017, on the challenges fashion retailers face to protect customer data:
“Until relatively recently, people could keep a data breach quiet – but now there’s more focus on letting the regulator and those affected know. If you experience a breach that’s of reasonable seriousness, there will be a legal obligation to tell the Information Commissioner.
Criminals can hack into a system and put a freeze on it, then tell the business to pay a certain amount or they will lose all of that data. Unless they have good backups in place, people often pay up.
Many breaches happen because of human error on the part of someone at the company. The big thing the Information Commissioner looks for in those circumstances is how the data was being protected. Was it encrypted? If not, you might get some regulatory action.
Be careful to manage the legal risk, as well as the PR. You don’t want to expose yourself to more liability than necessary.”
If you are a registered user of Drapers, you can access the full article by clicking here.