Feeds

Users don't trust websites with personal info

Big concerns, survey finds

SANS - Survey on application security programs

Only 16 per cent of people are confident that internet sites will treat their personal information properly, according to a new survey by the Information Commissioner's Office that found widespread concern about data protection laws and practices.

Four out of five of us are concerned about how our finances or health and safety will be affected if our personal data falls into the wrong hands, according to the research published today.

The survey, carried out by research firm SMSR Ltd, shows that protecting personal information is now regarded as one of the top three most socially important issues in the UK – ranked only behind concerns over crime prevention and improving education standards.

“It may be surprising to some, but it is very significant that people are so concerned about how their personal information is handled,” said Information Commissioner Richard Thomas. “No doubt they are increasingly aware of the dangers of identity theft and the serious consequences if their health, financial and other personal records fall into the wrong hands or are otherwise misused.”

Without prompting, over half (52 per cent) of the 1,000 respondents told researchers that they were concerned that their personal details may be passed on to unknown organisations. When prompted, over 80 per cent expressed concerns about the use, transfer and security of personal information.

Less than half of respondents thought that bodies collecting information on customers handled the data fairly or properly or that the data was sufficiently protected by existing laws and practices.

The research shows that only 16 per cent of respondents were confident that internet sites would treat their personal information properly, and had little more confidence in retailers or telecoms companies (20 per cent). Thirty percent of respondents were confident in the abilities of tax and benefit agencies to handle their information, with the NHS coming top with a confidence rating of 64 per cent.

Fifty-eight per cent of respondents thought that individuals have lost control over the manner in which their information is collected and processed – up five per cent on a similar survey carried out last year.

“Members of the public can also do a lot to protect their own information, by only giving it out if they are sure that a request is genuine and if they know what their information will be used for,” advised Mr Thomas. “People can also take active steps, such as shredding personal documents like bank and credit card statements and bills, and checking statements to ensure that they recognise all the transactions.”

The Information Commissioner said that he is also concerned about less obvious risks, such as excessive intrusion or decisions made on the basis of incorrect or possibly damaging information that had been held too long by companies.

Individuals can check this information under the Data Protection Act, which, in general terms, gives people the right to access information about themselves, and obliges companies holding information on individuals to comply with certain standards.

According to the research, three-quarters of respondents were aware, when prompted, that they had the right to see information held on them, and 84% were aware of the Data Protection Act – down from 90% last year. According to the research, most organisations have now recognised that good data handling benefits their business.

Over 70 per cent of respondents found that they had seen higher levels of customer trust, information management and risk management as a result of complying with the Data Protection Act.

Seventy-three percent agreed that compliance brought extra work, but that it was necessary, while 10 per cent found it a waste of resources.

“It must be in their own self-interest for organisations to stick to the key principles of the Data Protection Act, such as making sure personal information is held securely, that it is accurate and up to date and that it is used for purposes which people have been told about,” said Mr Thomas. “Mishandling information leads to an erosion of trust in public authorities and businesses.”

Copyright © 2005, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.