February 6, 2019 — According to a global online survey commissioned by RSA Security, a global cybersecurity leader delivering Business-Driven Security™ solutions to help organizations manage digital risk, there is a growing disconnect between how companies capitalize on customer data and how consumers expect their data to be used. Consumer backlash in response to the numerous high-profile data breaches in recent years has exposed one of the hidden risks of digital transformation: loss of customer trust.
The RSA Data Privacy & Security Survey 2019 explores the nuances of ethical data use, shedding light on consumer perceptions of data privacy.
According to the study, which surveyed more than 6,000 adults across France, Germany, the United Kingdom and United States, less than half (48 percent) of consumers believe there are ethical ways companies can use their data, and 57 percent blame companies above anyone else, even a hacker, in the event of a data incident. Despite the fact that consumers harbor heightened concerns about their privacy, they continue to exhibit poor cyber hygiene, with 73 percent of users admitting that they reuse the same passwords across many sites, leaving them more vulnerable.
Key takeaways from the study, include:
- Context matters: Individuals across all demographics are concerned about their financial/banking data, as well as sensitive information such as passwords, but other areas of concern vary dramatically by generation, nationality and even gender. For example, younger demographics are more comfortable with their data being used and collected than older survey respondents.
- Privacy expectations are cultural: Consumers respond to data privacy differently based on their nationality due to cultural factors, current events and high-profile data breaches in their respective countries. For example, in the months of the GDPR being implemented, German attitudes shifted in favor of stricter data privacy expectations, with 42 percent wanting to protect location data in 2018 versus only 29 percent in 2017.
- Personalization remains a puzzle: Countless studies have demonstrated that personalized experiences increase user activity and purchasing. However, the survey results showed that respondents do not want personalized services at the expense of their privacy. In fact, a mere 17 percent of respondents view tailored advertisements as ethical, and only 24 percent believe personalization to create tailored newsfeeds is ethical.
“With a growing number of high-profile data breaches, questions around the ethical use of data and privacy missteps, consumers increasingly want to know how their data is being collected, managed and shared,” said Nigel Ng, Vice President of International, RSA. “Now is the time for organizations to evaluate their growing digital risks, doubling down on customer privacy and security. Today’s leaders must be vigilant about transforming their cybersecurity postures to manage today’s digital risks in a way that ensures consumer trust and confidence in their business.
Further findings are presented in RSA’s Data Privacy and Security Survey 2019:
NOTES TO EDITORS
Global Research Methodology
Total sample size was 6,387 adults across France (1,014), Germany (2,038), the UK (2,076) and US (1,259). Fieldwork was undertaken December 18-27, 2018. The survey was carried out online by YouGov Plc. All figures, unless otherwise stated, are from YouGov Plc. and have been weighted evenly for each country to produce an “average” value.
About RSA Security
RSA offers business-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user access control; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive and continuously adapt to transformational change. For more information, go to rsa.com.