[Security] Attitudes on Data Protection and Electronic Identity in the European Union
This report presents the results of the largest survey ever conducted regarding citizen’s behaviours and attitudes concerning identity management, data protection and privacy. It represents the attitudes and behaviours of Europeans on this subject.
The main findings of the survey are the following:
74% of the Europeans see disclosing personal information as an increasing part of modern life.
Information considered as personal is, above all, financial information (75%), medical information (74%), and national identity numbers or cards and passports (73%).
Social networking and sharing sites users are more likely to disclose their name (79%), photo (51%) and nationality (47%). Online shoppers’ actual online disclosure of personal information mainly involves their names (90%), home addresses (89%), and mobile numbers (46%).
The most important reason for disclosure is to access an online service, for both social networking and sharing site users (61%) and online shoppers (79%).
43% of Internet users say they have been asked for more personal information than necessary when they proposed to obtain access to or use an online service.
A majority of Europeans are concerned about the recording of their behaviour via payment cards (54% vs. 38%), mobile phones (49% vs. 43%) or mobile Internet (40% vs. 35%).
Almost six in ten Internet users usually read privacy statements (58%) and the majority of those who read them adapt their behaviour on the Internet (70%).
Over half of Internet users are informed about the data collection conditions and the further uses of their data when joining a social networking site or registering for a service online (54%).
Only one-third of Europeans are aware of the existence of a national public authority responsible for protecting their rights regarding their personal data (33%).
Just over a quarter of social network users (26%) and even fewer online shoppers (18%) feel in complete control.
Europeans use the following types of credentials: mostly credit cards and bank cards (74%), national identity cards or residence permits (68%), government entitlement cards (65%), or driving licences (63%). 34% of
respondents have an account they use on the Internet, such as email, or for social networking or commercial services.
To protect their identity in daily life, 62% of the Europeans give the minimum required information.
To protect their identity on the Internet, the most usual strategies are technical or procedural, like tools and strategies to limit unwanted emails such as spam (42%), checking that the transaction is protected or the site
has a safety logo or label (40%), and using anti-spy software (39%).
Authorities and institutions – including the European Commission and the European Parliament (55%) – are trusted more than commercial companies.
Less than one-third trust phone companies, mobile phone companies and Internet service providers (32%); and just over one-fifth trust Internet companies such as search engines, social networking sites and e-mail
70% of Europeans are concerned that their personal data held by companies may be used for a purpose other than that for which it was collected.
Turning to Europeans’ own data handling, 28% are prepared to pay for access to their personal information stored by public or private entities.
As regards the "right to be forgotten", a clear majority of Europeans (75 %) want to delete personal information on a website whenever they decide to do so.
Even though a majority of European Internet users feel responsible themselves for the safe handling of their personal data, almost all Europeans are in favour of equal protection rights across the EU (90%).
More than four in ten Europeans would prefer the European level of administration for enforcing regulation (44%), while a somewhat smaller number would prefer the national level (40%).
When asked what type of regulation should be introduced to prevent companies from using people’s personal data without their knowledge, most Europeans think that such companies should be fined (51%), banned from
using such data in the future (40%), or compelled to compensate the victims (39%).
A majority believe that their personal data would be better protected in large companies if these companies were obliged to have a Data Protection Officer (88%).
Europeans’ opinions are divided with respect to the circumstances under which the police should have access to personal data. In contrast, they almost all agree that minors should be protected from (95%) and warned
against the disclosure of personal data (96%); and a vast majority are in favour of the special protection of genetic data (88%).