TrustArc research details privacy attitudes 12 months on from GDPR enforcement

TrustArc has unveiled the findings of an online study conducted by Ipsos MORI, the global research and consulting firm, on behalf of the data privacy management business. The survey polled individuals aged 16-75 in the UK about a number of issues surrounding the EU’s General Data Protection Regulation (GDPR) one year on from 25 May 2018 when it came into effect.

More than one third (36%) of adults aged 16-75 trust companies and organisations with their personal data more than they did prior to the GDPR. There are positive sentiments towards enforcement activity. Half (47%) of respondents have exercised some of their GDPR privacy rights. 57% are more likely to use websites that have a certification mark or seal to demonstrate GDPR compliance.

“The research tells a tale of two reactions regarding the impact of the GDPR on consumer privacy attitudes,” explained Chris Babel, CEO at TrustArc. “On a positive note, more than one third of the respondents we questioned trust companies and organisations with their personal data more since the GDPR came into effect a year ago, while there’s also favourable feedback on enforcement efforts. However, companies shouldn’t interpret this to mean that their work is complete. Providing more transparent ways in which to demonstrate GDPR compliance and ensuring they respond to privacy rights requests in a timely manner will go a long way towards further improving consumer trust and increasing website use and online purchasing.”

Trusting companies with personal data is increasing
36% of respondents trust companies and organisations with their personal data more since the GDPR came into effect one year ago (rising to 44% among 16 to 24-year-olds and 41% among 25-34 year olds). Only one-third or less of those aged 35-44, 45-54 and 55-75 report being more trusting. Women, at 38%, expressed more trust in companies and organisations than men at 33%

Understanding GDPR compliance is challenging
25% of respondents are confident they can tell if a company or organisation is GDPR compliant versus 33% who are not confident. There were some differences based on geographic location, though, with respondents in Northern Ireland indicating confidence to the tune of 33%, which was significantly higher than those in Wales at 17%

Privacy certifications can influence behaviour
57% of respondents would be more likely to use websites than have a certification mark or seal to demonstrate GDPR compliance versus 9% who are not. There were notable differences based on geographic location. Respondents in Scotland were significantly more likely to be confident (67%) than those anywhere in England. 56% are more likely to do business with companies and organisations that have a certification mark or seal to demonstrate GDPR compliance versus 8% who disagree. Agreement is higher among households with larger incomes (65%).

Young adults are most positive about how well GDPR enforcement has worked
34% of respondents agree that the regulatory enforcement of the GDPR privacy regulation has worked well versus 14% who disagree that this is the case. There were significant differences based on age with younger respondents more likely than older respondents to agree this regulation has worked well (46% of 16 to 24-year-olds agree compared with 28% of those aged 55-75)

Respondents are exercising GDPR privacy rights
47% of respondents have exercised their GDPR privacy rights by sending one or more of eight requests to a website, company or organisation. When asked which of these eight rights respondents had exercised in the past 12 months, the results were as follows:

*Opting out of/unsubscribing to e-mail marketing = 35%

*Opting-out of/not consenting to install cookies = 23%

*Restricting use of personal data = 13%

*Erasing personal data = 10%

*Correcting personal data = 6%

*To request access to personal data = 5%

*To request to transfer personal data = 3%

*To make a privacy complaint to a regulator = 3%

There were significant differences based on respondents’ gender with 52% of females and 42% of males exercising their rights in this respect. 43% of respondents claimed not to have exercised these privacy rights in the past 12 months. Exercising these rights increases progressively with age: 32% of 16-24-year-olds, 33% of 25-34 year-olds, 45% of 35-44 year-olds, 46% of 45-54 year-olds and 52% of 55-75 year-olds.

For a summary of the survey questions and responses access the GDPR Consumer Research Survey

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts