22 September 2016 (Waterloo, Ontario) – At a time when millions of people’s personal information can be exposed by a single data breach, as was recently the case with the breach of Dropbox that exposed personal information on upwards of 68 million account holders, a new global survey finds that a substantial majority—73 percent—of citizens in 24 countries have never actually been notified that their information has been compromised due to a data breach.
Financially, at least, data breaches do not seem to cause individuals much hardship. Of those notified that their data had been compromised, almost half—47 percent—reported suffering no personal financial losses as a result of their stolen information. Another 44 percent reported that the loss of their data cost them between virtually nothing ($0.01) and less than $1,000. Yet the non-tangible costs of data breaches can still be quite significant.
“Although citizens largely report minimal financial losses from personal data breaches, many of the effects may be less visible,” notes Michael Chertoff, former secretary of the US Department of Homeland Security and member of the Global Commission on Internet Governance. “Victims can experience damage to reputation and privacy. The uncomfortable truth is that the openness of the Internet also yields many opportunities for bad actors to breach users' trust.”
Supporting this notion, the survey further confirmed that the actions of cyber criminals and Internet companies contributed most to Internet users’ concerns about online privacy, among those who say they're more concerned now than they were a year ago.
“If the level of confusion and distrust among global citizens concerning how their data is treated online continues to grow, the worst case scenario we may face is the possibility that individuals will begin to lose trust and disconnect from the network all together,” said Sir David Omand, former director of the UK GCHQ and another member of the Global Commission on Internet Governance. “To address these issues, companies and governments need to do more to keep the public informed about what happens to their private data.”
The survey, conducted by global research company Ipsos, was commissioned by CIGI as part of a two-year initiative launched in partnership with Chatham House to articulate and advance a strategic vision for the future of Internet governance. The Global Commission on Internet Governance, created out of this partnership, delivered its final report, One Internet, on June 21, 2016, at the OECD Ministerial Meeting on the Digital Economy in Cancun, Mexico.
These results and additional survey data from the 2014 & 2016 CIGI/Ipsos Global Surveys on Internet Security and Trust are extensively analyzed in Look Who’s Watching: Surveillance, Treachery and Trust Online, the forthcoming book by Fen Hampson, CIGI Distinguished Fellow and Director of the Global Security and Politics Program, and Eric Jardine, CIGI Fellow and Assistant Professor of Political Science at Virginia Tech.