A recent Ponemon study reveals that consumers are growing more concerned about their privacy, especially as it relates to free online usage of social media and search tools. Sixty percent report wanting more government regulation to address privacy risks and seventy four percent felt that they had no control over the personal information being collected about them. To find out more about current public sentiment about privacy and what people can do to better protect themselves, we talked to Todd Hindman, Vice President of Data Breach Response Services and Strategic Alliances at IDX.
What trends has IDX seen in regard to privacy compromises?
Privacy is taking on more weight across all industries. Originally people were most concerned with privacy as it related to healthcare and HIPAA regulation. Now identity risks are considered a subset of privacy, and it affects all sectors. In particular, a 50 million user compromise of Facebook in 2020 heightened everyone’s awareness that it can happen anywhere at any time. People are beginning to understand that the free tools you use come at a price to your privacy. Information is collected on consumers and then bought and sold. Individuals are now the product; so while you might not be paying for the app or platform, they are certainly profiting off of your information. The business model of some of our largest companies—Google, Facebook/Instagram and others— do just that. As of now, a few states have data privacy laws to protect consumers such as California’s CCPA. We will likely see more in the near future.
How has consumer sentiment changed?
According to the Ponemon study, 86% of consumers are very concerned about their privacy when using free online tools like Facebook and Google. This is new, brought on by heightened awareness of the risks associated with these platforms. We also see that two-thirds of consumers (68%) are more concerned about the privacy and security of their personal information than they were three years ago. Three-fourths of consumers (75%) in the over 55 age group have become more concerned about their privacy over the past three years.
There is also the increased digital threat due to more Americans working from home and downloading more apps and platforms, of which we will continue to feel the effects in the coming months.
What has led to more people worrying about privacy now?
Consumers have heightened concerns when their devices pick up on conversations they are having and start serving ads to them; or their search history follows them around the internet. Our research found that 64% of consumers say they think it is “creepy” when they receive online ads that are relevant to them, but not based on their online search behavior or publicly available information. Almost all consumers (92%) believe search engines are sharing and selling their private data, 78% believe social media platforms are and 63% of consumers think shopping sites are as well. Similarly, 86% of respondents say they are very concerned when using Facebook and Google and 66% of respondents say they are very concerned when shopping online or using online services.
What should companies do to protect their customers and their employees?
It’s critical to understand that your own employees can be your weakest link. The lion’s share of incidents stem from human fumbles—clicking on a phishing link, falling for a business email scheme or sharing the wrong information. Training is critical. The other piece of it is that you should be proactive: buy insurance, prepare for a breach, and plan for your response. The best way to protect customer and employee privacy is to anticipate that incidents will happen.
We want to thank Mr. Hindman for his thoughtful opinions on cyber/privacy risk. This is very much on the minds of policyholders and their cyber insurers. To learn more about privacy risk, trends please visit the recent NetDiligence® Cyber Summit webinar.