Digital Footprints
Digital Footprints: A question of trust (PDF 290KB, opens in a new window)
These days, data is big business. But perhaps few of us realise fully the extent to which our personal information is collected, stored and used. Fewer still may feel that we have control over our personal data – and many of us are uneasy about the situation. More and more of our personal data is being collected. This gives rise to two fundamental questions:
- What are the implications for our individual privacy?
- How can we control and manage the use of our personal data more effectively?
Research
We commissioned new research (PDF 1.33MB, opens in a new window) to build on our earlier report, Online Personal Data – the Consumer Perspective. Much has changed since 2011, but people’s concerns about the security and privacy of their online data have increased, not decreased. Our latest report (PDF 290KB, opens in a new window) is intended to inform policymakers and the wider public about consumer perceptions of online security, and we make a series of recommendations which we believe are fundamental if consumers are to benefit from this fast-moving area of technological development, rather than suffer detriment as a result of it.
Recommendations
Companies:
- Proactively provide clear and consistent information about the consumer implications of people consenting to supply their personal data;
- All consent decisions to be “opt in” as the default position;
- To facilitate greater consumer control in terms of use of data – through clear information, options and choices;
- To always keep to a minimum the amount of data that they collect and store;
- To store data securely; use it only for the purpose intended; retain it for no longer than is necessary; and check with consumers periodically whether permission is still given to retain the data;
- To follow all relevant legislation and regulation;
- Privacy policies and terms and conditions should be informed by the ICO’s ‘privacy policy checklist’; contain an easily accessible ‘key facts section’ and be short, clearly written and avoid jargon;
- Must be transparent about what information they collect about their consumers and how they will use this information – including whether they will pass it to any third party;
- Should clearly highlight on their websites how consumers can request that their personal information be amended or deleted from the company’s records;
- Explore how best to serve and support low-confidence consumers in vulnerable situations in respect of privacy and security: tangible steps might be ensuring essential information is provided about available resources; with ISPs providing for free a basic level of internet security (antivirus/spyware) by default for all customers and taking a role in highlighting on-line scams to consumers;
- Staff should be trained and/or have access to information so that they can accurately help consumers with enquires about use of personal data.
Governments, regulators and enforcement agencies:
- Act decisively in cases of non-compliance; and
- Consider producing a Code of Practice and/or good practice guidance
Read our new report Digital Footprints: A question of trust here (PDF 290KB, opens in a new window). View Ipsos Mori’s independent research (PDF 1.33MB, opens in a new window) and the data tables (PDF 984KB, opens in a new window).