All organisations have to worry about personal data. If something goes wrong and information about individuals is leaked, hacked, misused or sold on without consent, the potential for catastrophic reputational damage and loss of trust are very real. Numerous examples over recent years highlight the risks that keep senior managers awake at night.

But how do the public view data protection and privacy? Are there any signs that people’s concerns are changing what they do, particularly online? What are the consistent themes that emerge from our research on this important topic?

First, even though the safety of their personal data matters hugely to people, privacy concerns are not top of mind. We asked people what would be most likely to make them stop using a company. Failing to keep personal information safe (72%) and selling on anonymous data (63%) are right up there among the worst things a company can do, matched only by a providing poor service (72%).

So far, so straightforward – data protection and privacy are big worries. But when we asked a similar question without providing a list of options the responses were quite different. In terms of spontaneous concerns, data usage is at best a mid-ranking issue, behind service, price and companies engaging in other illegal, dishonest and unethical behaviours. Just two per cent of people specifically mentioned either losing or selling personal information as the thing most likely to stop them using a company. People expect organisations to protect their personal data but this is not a tangible enough issue to be at the forefront of people’s concerns.

Another consistent theme is that people are unclear about what happens to their data. They are aware in general terms that their personal information is collected, stored and used by public and private sector organisations. They describe how data is required from them all the time, for example when using companies’ services, interacting with the government, and making applications for jobs or courses. In general, they see the modern world as one in which providing data on a regular basis is “just part of life”, and that this will mean some loss of privacy.

But people are much less sure how their data is used in practice by organisations. A good example is that many of us think our personal GP health records are passed on in some way: either shared with academics for research purposes (41%); shared with private companies to help them develop better treatments (38%); or sold to private companies to make money for government (34%). Overall, more than half of us (52%) think at least one of these things goes on – and yet none of them currently does. Any data used for research must be thoroughly depersonalised beforehand, and selling personal medical records should not be happening either.

The picture that emerges from across our work is one of frustrated, low-level concern. People are worried about what happens to all the data they constantly provide to different organisations. Yet they feel they have very limited control, and no real choice but to provide personal information in order to access services. And because most people have not experienced significant problems as a direct result of something going wrong with their personal data, the concern is often weak or resigned. It is very difficult for people to see what they can do to alleviate their worries about personal data privacy.

The relative fragility of people’s concerns is reflected in the massive disconnect between what they say and how they act. For example, nearly half of people across the 20 countries in our Global Trends Survey say they are willing to pay for increased levels of privacy for their data. But at same time, in the same survey, only a quarter of the same people say they have taken basic steps to increase the privacy settings on their browser. This means that three quarters of those who say they would pay for additional privacy haven’t changed a simple setting on their computer. We also find massive over claim when it comes to reading website terms and conditions before accepting them.

How should organisations respond to public concerns about data protection and privacy? It is a tricky conundrum. Typically, we find that the more people know about a confusing or technical issue, the less concerned they become. And indeed more than seven in ten people say they want to know what information government and private companies know about them. But transparency alone will not be enough – when it comes to their personal data, our research suggests that more information can lead to greater concern.

Organisations will need to think carefully about how they can increase transparency, emphasise the potential benefits of data, and ensure that the right safeguards are in place to reassure and protect the public.


A version of this article originally appeared in the Ipsos MORI Almanac.


Daniel Cameron, Research Director, Ipsos MORI Social Research Institute


Any views or opinions presented are solely those of the author and do not necessarily represent those of the MRS Census and Geodemographic Group unless otherwise specifically stated.

Gkb_promo

Geodemographics - blogs and resources

Visit the Geodemographics Knowledge Base (GKB) for expert blogs and links to useful sources of geodemographic data and knowledge.

Visit the website A white arrowA black arrow
0 comments

Get the latest MRS news

Our newsletters cover the latest MRS events, policy updates and research news.