People, organisations don’t trust anyone with online data

A new study of mid-size businesses and consumers reveals that many are confused and lack trust when it comes to the privacy and security of their online data and behaviour. The research, which covered six countries in Europe and North America, found that people worry that hackers, their own and foreign governments, employers and even friends and family might want to access their online data, and how to stop them.

The independent study, commissioned by Kaspersky Lab with the data analysis was undertaken by Applied Marketing Research, surveyed 600 mid-sized companies with IT security professionals as well as 6,000 consumers with security software installed on their devices, split equally across France, Germany, Italy, Spain, the UK and the US.

The top unwelcome intruders were, not surprisingly, cybercriminals, with 45 per cent of businesses and 47 per cent of consumers worried about protecting their online data from malicious attack. But this is followed closely by wanting to protect it from their own government (36 per cent and 33 per cent respectively), and foreign governments and companies (30 per cent and 26 per cent). As many as one in three (29 per cent) business respondents have concerns about their employer getting to their online data, while a quarter (26 per cent) of consumers worry about their family snooping.

These concerns extended to cybersecurity, where there was widespread confusion about the information cybersecurity providers could access. Many respondents worry that their provider might gather their online data, opinions, location or browsing habits and then share this information with foreign entities. However, the vast majority (87 per cent of businesses and 82 per cent of consumers) trust their security provider to behave ethically in the collection and use of their data.

These results suggest that the current cybersecurity landscape has created for both businesses and consumers an environment of fear, uncertainty and doubt that has left many struggling to trust anyone at all online.

Commenting on these findings, Anton Shingarev, VP of public affairs at Kaspersky Lab, said: “These research results are indeed amazing. They provide further evidence that technologies and software are a black box for many companies. They don’t know how they work, what’s inside, what data is collected or how it’s stored. As a result, they don’t trust vendors. I believe this to be unacceptable, and, as an industry, we need to ensure that people understand exactly what we do and what kind of things a security provider would never do. This should be accompanied by an ongoing commitment to building resilience and security into our products, and proving their trustworthiness through transparency and accountability. All this is embedded in our Global Transparency Initiative, a program designed to help rebuild trust in information security.”

Other findings of the research include:

Privacy appears to be considered a fundamental right for everyone: 46 per cent of businesses and 51 per cent of consumers believe a cybersecurity provider should not automatically have to share a user’s private data with the government in matters of national security, but that it should depend on the circumstances.

The research also suggests that other things matter more to business and consumers than a company’s country of origin: 55 per cent of businesses and 66 per cent of consumers say their government should do business with the company that offers the highest quality products or services, even if it is a foreign company. Surprisingly, this rises to 82 per cent and78 per cent respectively when it concerns areas crucial to national security.

Commenting on the findings, Dr Milton Mueller, Professor, Georgia Institute of Technology School of Public Policy, Internet Governance Project, added: “This survey addresses the nexus between nationalism, national security and trust in internet service providers. There are surprising findings regarding consumer and business attitudes towards the role of governments in cybersecurity. For example, it was fascinating to see how many consumers believe that their government should use the best vendor for national security-related capabilities regardless of what country it is from. It was also interesting to see that consumers are more likely to fear their data will be interfered with by their own government than foreign governments.”