Consumers’ Perceptions about Privacy & Security: Do They Still Care? conducted by Ponemon Institute and sponsored by RSA is intended to understand what consumers think about privacy and information security. Specifically, how have recent mega-breaches affected consumer behavior and attitudes about privacy? Moreover, is the constant sharing of personal information online and with mobile apps diminishing the importance consumers place on their privacy?
We surveyed 1,020 consumers in the United States between the ages of 18 and 65+. Forty-nine percent of respondents say they have been victims of at least one data breach. However, 45 percent are not confident that they know of all instances when their personal information was lost or stolen in a data breach.
Based on the findings we conclude that consumers perceive a loss of control over their personal information because of data breaches, the lack of trust in the security of the mobile apps they continue to use and increased government surveillance. However, they still believe the privacy and security of their personal information is important.
The following seven findings reveal why consumers still care about privacy:
Privacy rights are believed to be at risk. Seventy-five percent of respondents worry that they will lose their privacy rights as the Internet progresses into the future and are very concerned about this happening.
Privacy and security expectations are high for financial transactions. No matter what their privacy profile is, respondents have high expectations for privacy and security when filing a tax return, making mobile payments or banking.
Privacy and security on the Internet and when using social media is important. Respondents are spending an average of 56 hours per week on the Internet and 27 hours using social networks, social messaging and other social media tools. They rate the importance of the security and privacy of these activities as very high.
Prompt data breach notification is important. Seventy-seven percent of respondents say prompt notification about the loss or theft of their personal information is either very important (56 percent) or important (21 percent).
Respondents worry about the theft of certain information. Most respondents are concerned about the theft or misuse of their Social Security numbers, passwords or PIN and payment information such as credit card number.
Strong online authentication procedures are very important. Fifty-four percent strongly agree or agree that the websites they use have strong authentication procedures that can be trusted to safeguard their sensitive or confidential information. They also do not trust systems or websites that only rely on passwords to identify and authenticate users or consumers (62 percent). Similarly they do not trust systems or websites when identity and authentication procedures appear too easy (62 percent of respondents).
Biometric authentication methods are viewed favorably. Seventy-eight percent of respondents say they would prefer authentication procedures that verify their identity without requiring them to share personal information such as a name, address, email and so forth.