As every news cycle brings further revelations about the alleged misuse of personal data by social media companies and political consultants, regulators, politicians and the public are more concerned than ever with what happens to information placed online, who has it and how it is being used.
Data protection and other enforcement authorities and politicians have significant powers to conduct investigations and take action, whether by imposing penalties or restrictions or by requiring senior executives to provide answers. As recent events have shown, the mere fact of their embarking on doing so can have
immediate and severe commercial consequences. In serious cases such as, the costs of investigations are far
exceeded by the much longer lasting damage to the share prices and reputations of organisations involved.
The current press furore will subside. Lessons will be learned about how organisations should react to the reputational crises that arise from allegations about data security and usage. However, issues relating to data security and misuse will remain high on regulators’ and politicians’ agendas worldwide for some time. It is likely that attention will soon turn to the collection, use and analysis of data by a much wider range of businesses than those at the centre of current allegations. Increased public and political awareness is likely to translate into sustained levels of enforcement activity by multiple regulators and potentially protracted litigation in