By Rashmi Knowles, Chief Security Architect at RSA – the security division of EMC
This year is already stacking up to be a seminal year in online privacy. News stories about the issue have fuelled debates about how much access governments and businesses should have into their private activities, communications and behaviours of citizens and customers.
The Information Commissioner’s Office recently revealed a 7.1% increase in the number of data complaints made between 2013 and 2014; Edward Snowden has urged people to upgrade their security measures in order to protect confidentiality; and earlier this year, the introduction of the “right to be forgotten” ruling whereby Google must delete inadequate, irrelevant or no longer relevant data from its search results when a member of the public requests it.
A recent worldwide survey, commissioned by EMC, looks to better understand consumer perception around privacy and the importance of protecting individuals against the benefits of convenient online commerce and social media.
The study found that there was a global divergence of views around transparency, fairness, safe online behaviour and trustworthy use of personal data. In the UK specifically, 59% of respondents felt that they have less privacy now, compared to a year ago, whilst 52% reported that they have experienced a data breach. But are consumers willing to forfeit their benefits of being in a connected world for the assurances of privacy?
The answer is largely no. People want the convenience and benefits of this fast moving technological world we live in, but without sacrificing privacy. Three distinct, yet intertwined privacy paradoxes emerged as particularly significant, each with powerful implications for consumers, businesses and technology providers as they consider the issue of digital privacy.
The first is the “We want it all” paradox – Although people are using digital technology more frequently and place considerable value on the benefits offered, few say they are willing to trade their privacy for these benefits. This paradox applies not only to everyday consumer benefits, such as searching for nearby shops or restaurants by entering your GPS location, but to more critical benefits to citizens, such as protection from terrorist or criminal activity.
The second is the “Take no Action” paradox - While more than half of consumers have experienced a data breach where their privacy was potentially compromised, they are not taking basic measures to protect their information, such as changing passwords regularly and using password protection on mobile devices. Most believe it is the responsibility of the government, not the individual, to protect consumers’ privacy through the creation of laws and regulations. Further to this, we are seeing a widespread lack of confidence in the organisations charged with protecting privacy, whether they are businesses or governments. Although consumers view these institutions as possessing adequate skills for protecting privacy, they believe there is a lack of transparency needed to safeguard the privacy of individuals, suggesting an erosion of trust in institutions and businesses.
The final paradox is “Social Sharing” – It is not new news that social media has exploded in popularity over the last few years and an overwhelming majority of consumers are actively sharing information via social media channels. More than 400 million Tweets were shared daily in 2012 and more than one billion share personal information on Facebook. Despite this, people have claimed that they do not trust the abilities and ethics of the relevant institutions to protect individuals’ social personas. The vast majority of consumers (84%) claim they don’t like anyone knowing anything about them or their habits, unless they make a decision themselves to share that information.
Whilst each paradox is a generalised concern to digital privacy, people have different attitudes and varied behaviour depending on the type of activity involved. There is a high level of future apprehension across all types of digital data, with the greatest concern pertaining to social data. The next biggest worry was the privacy of citizen and financial data, followed closely by consumer data. Privacy outlook is somewhat less pessimistic for medical data and employee data.
For consumers, the realisation that everyone is vulnerable hopefully reinforces the importance of increasing their awareness of privacy issues and to take personal action to protect their own privacy. For businesses, the imperative is to understand the range of customer perception. Consumers are likely to engage in more online activities with institutions that demonstrate greater privacy protections – something that businesses and governments must not ignore. The rise in cloud computing and the use of big data to address society’s most urgent challenges will be accelerated with the protection of information assets and trust in the cloud. The winners and losers will be determined by those that demonstrate the most relevant and practical privacy practices to ensure the safety of data.