New survey – one year to GDPR: Seven out of ten are worried about Internet security and more than one out of ten have been subject to data breaches. A new survey commissioned by software and services company Tieto also reveals that eight out of ten people in Sweden and Finland and five out of ten in Norway would now consider erasing their customer data from companies´ data registers. However, only one out of ten is aware of the possibility provided by the new data protection regulation GDPR, which steps into effect exactly one year from now.

On May 25th 2018, the new General Data Protection Regulation will come into force in the EU, giving consumers the right to get their stored data removed from companies’ data registers (“Right to be forgotten”). Businesses affected by cyber attacks and breaches where sensitive information is leaked must also inform authorities and affected customers (data subjects) of the incident within 72 hours.

To investigate how these changes are perceived by the general public, Tieto has commissioned research company SIFO to ask more than 1,000 people in Sweden, Norway and Finland about their attitudes to data protection and how companies treat personal data. The results show that over 90 percent want organisations that have been subject to data breaches where information is at risk of being leaked, to inform them of this within 24 hours. At the same time, 80 percent of Swedish and 82 percent of Finnish people state that they would consider requesting one or several companies to delete all stored customer data about them, while the corresponding figure in Norway is 48 percent. Only approximately one out of ten is aware of the new regulation making this possible.

– Cyber threats are on the rise and citizens have become more alert to how companies handle their personal data. But knowledge about the new regulation is low and very few are aware of their upcoming strengthened data protection and privacy rights. Raising awareness among the general public is an important step in order to secure correct usage of personal data and strengthen our readiness against data breaches in society, says Markus Melin, Head of Security Services at Tieto.

– The time when you could collect customer data without knowing for sure where and how it was stored has definitely passed. Going forward, companies need to know exactly what kind of data they collect and also be prepared to find and erase it swiftly if requested. The ones who cope with this transition smoothly will have a competitive advantage and win the customers´ trust. But it is an extensive task and the clock is ticking, says Markus Melin.