John Nicolson (East Dunbartonshire) (SNP)

- Hansard -

Copy Link

-

Wednesday’s cyber-attack on TalkTalk has illustrated the problems faced by a Government who have failed to protect the interests of consumers through their lightweight regulation of telecoms. For the third time in less than a year, the 4 million customers of TalkTalk have had their confidential details compromised and, once again, the Government and TalkTalk have fallen short in their response.

TalkTalk has attempted to downplay the impact of the attack on its website, stating that the core system was not affected, but that ignores the broader use of personal data in fraud and identity theft. It is estimated that the value of a credit card number to a criminal increases by 500% when combined with the personal details of the individual. Although credit card numbers expire and can change, self-evidently people’s names, addresses and dates of birth do not. Once a criminal has those details, they can use them for numerous purposes. TalkTalk is clearly not taking that seriously enough.

In the United States, AT&T was fined £17 million for failing to protect customer data. In the United Kingdom, the ICO can only place fines of up to £500,000. For a company that received an annual revenue of nearly £1.8 billion, a fine that small will clearly not be terrifying. The regulation of telecoms must be strengthened to protect consumers.

Does the Minister agree that telecom providers must be held fully responsible for failing to protect confidential data? Regulation needs to be strengthened to ensure that; I am afraid that free counselling from TalkTalk is meaningless twaddle.