“Something is happening here, but you don't know what it is, do you, Mr Jones?”
Bob Dylan's lyrics come to mind with the findings of Deloitte’s second Data Nation survey of consumers’ and citizens’ attitudes towards how companies and public sector organisations collect and analyse their personal data. For it reveals a 10% drop in people fully aware of what is being done with their information.
Peter Gooch, privacy practice leader at Deloitte said this shows that people are: “More aware that something is happening with their data, but they don't know what that is and there is increased nervousness.
“There is no real sign of a tipping point, where people see their own data as an asset that can be exploited. Consumers recognise their data as an asset to the extent that they want to protect it, but not to the extent of exploiting it.
"This almost lines up with the path that organisations have followed, going from protection to exploitation, from information security to analytics. Consumers might follow the same journey, but it will happen in pockets," said Peter Gooch.
Harvey Lewis (pictured), Deloitte Analytics research director, said the survey illustrates the “power of transparency”.
Companies and public sector organisations that spell out how user data is to be collected and analysed are much more likely to build confident, long-term relationships with consumers and citizens, he said.
“The most significant change was the 10% fall [from 45%] in people saying they were fully aware of what data is being used for," said Harvey Lewis.
"If, as an organisation, you are transparent, people are much more likely to be confident in all the things you do with their data. This is key in terms of the ethics [of data analytics]. It is no longer acceptable to work with this data behind closed doors," he said.
The Deloitte UK 2013 Data Nation report is based on research from a UK survey carried out by Ipsos MORI, supplemented by research carried out by Deloitte’s Insight team. The survey of 2,006 teenagers and adults was conducted with face-to-face interviews during March and April 2013.
It would take British internet users 31 hours to read the privacy policies of all the websites they visited in a year
Data Nation 2013: Balancing growth and responsibility
That the research was done before the Edward Snowden revelations about US and UK secret services’ monitoring of internet traffic makes it more comparable with last year's survey, said Lewis, and more likely to reveal bedrock attitudes to data privacy.
The research found it would take British internet users 31 hours to read the privacy policies of all the websites they visited in a year.
The survey indicates that people are not confident in the way that companies collect, use, handle and share data. Just 38% believe companies will keep their data safe, while only 22% are confident their details will not be sold on to other organisations.
Generations Y and Z (18-34 and 15-17 years old in this survey) are prolific data generators, but they are the least likely to understand the consequences of the digital trails they leave behind.
Nearly one-third (28%) of these generations perceive that companies have little or no information about them, or simply don’t know how much data is collected. This compares with 19% for Generation X (35-44 years old) and 14% of baby boomers (45-64 years old).
Lewis said: “The British public is still not confident in how companies use and handle their personal data. Organisations need to make it easier for individuals to understand why this information is collected and what benefit they will receive.
"Businesses are more likely to get maximum benefit from data if every customer interaction is based on the principles of transparency, trust and informed dialogue.”
For more on the ethics of data analytics
- Data ethics: Author warns of ethical pitfalls of data collection
- Deloitte spots analytics trends, ethics and open data
- MIT researchers discuss ethics of big data in public cloud
The 'cookie law': One year on
The research also looked at the amended Privacy and Electronic Communications Regulation or "cookie law", one year on from its implementation.
While this law was designed to give internet users greater awareness of the digital information that organisations keep on them, Deloitte’s research suggests a key tenet of this regulation has come up short. Over half (57%) of internet users usually ignore notices about cookies or have not seen them and just 4% said they know a great deal about the cookie law.
Gooch said: “To a large extent, this lack of knowledge can be attributed to the time when users are first made aware of cookies, which is normally when a user first arrives on a website.
"The majority of consumers won’t read about cookies at this point, since they’re likely to be focused on the original reason they accessed the page."
Some telecoms companies have done cookies well, he added.
“And, from a web user interaction point of view, websites that are aimed at children have tended to do a good job. They make it very clear and easy to understand. There's a lot that can be learned from them in terms of customer engagement with the online journey.
"Take a leaf out of that book," Gooch said.
Read more on Data quality management and governance
Should we be worried that half of UK organisations don’t have a policy for the safe use of AI?
Deloitte launches EMEA-wide initiative to close cyber security gender gap
Tripartite tactics at SAP: target product, target partner, target industry
Deloitte sponsorship helps progress of Bletchley cyber school