Feeds

Users don't trust websites with personal info

Big concerns, survey finds

Beginner's guide to SSL certificates

Only 16 per cent of people are confident that internet sites will treat their personal information properly, according to a new survey by the Information Commissioner's Office that found widespread concern about data protection laws and practices.

Four out of five of us are concerned about how our finances or health and safety will be affected if our personal data falls into the wrong hands, according to the research published today.

The survey, carried out by research firm SMSR Ltd, shows that protecting personal information is now regarded as one of the top three most socially important issues in the UK – ranked only behind concerns over crime prevention and improving education standards.

“It may be surprising to some, but it is very significant that people are so concerned about how their personal information is handled,” said Information Commissioner Richard Thomas. “No doubt they are increasingly aware of the dangers of identity theft and the serious consequences if their health, financial and other personal records fall into the wrong hands or are otherwise misused.”

Without prompting, over half (52 per cent) of the 1,000 respondents told researchers that they were concerned that their personal details may be passed on to unknown organisations. When prompted, over 80 per cent expressed concerns about the use, transfer and security of personal information.

Less than half of respondents thought that bodies collecting information on customers handled the data fairly or properly or that the data was sufficiently protected by existing laws and practices.

The research shows that only 16 per cent of respondents were confident that internet sites would treat their personal information properly, and had little more confidence in retailers or telecoms companies (20 per cent). Thirty percent of respondents were confident in the abilities of tax and benefit agencies to handle their information, with the NHS coming top with a confidence rating of 64 per cent.

Fifty-eight per cent of respondents thought that individuals have lost control over the manner in which their information is collected and processed – up five per cent on a similar survey carried out last year.

“Members of the public can also do a lot to protect their own information, by only giving it out if they are sure that a request is genuine and if they know what their information will be used for,” advised Mr Thomas. “People can also take active steps, such as shredding personal documents like bank and credit card statements and bills, and checking statements to ensure that they recognise all the transactions.”

The Information Commissioner said that he is also concerned about less obvious risks, such as excessive intrusion or decisions made on the basis of incorrect or possibly damaging information that had been held too long by companies.

Individuals can check this information under the Data Protection Act, which, in general terms, gives people the right to access information about themselves, and obliges companies holding information on individuals to comply with certain standards.

According to the research, three-quarters of respondents were aware, when prompted, that they had the right to see information held on them, and 84% were aware of the Data Protection Act – down from 90% last year. According to the research, most organisations have now recognised that good data handling benefits their business.

Over 70 per cent of respondents found that they had seen higher levels of customer trust, information management and risk management as a result of complying with the Data Protection Act.

Seventy-three percent agreed that compliance brought extra work, but that it was necessary, while 10 per cent found it a waste of resources.

“It must be in their own self-interest for organisations to stick to the key principles of the Data Protection Act, such as making sure personal information is held securely, that it is accurate and up to date and that it is used for purposes which people have been told about,” said Mr Thomas. “Mishandling information leads to an erosion of trust in public authorities and businesses.”

Copyright © 2005, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.