Security & Privacy
Americans Distrust Institutions to Protect Data but Follow Lousy Personal Security Practices
- By Dian Schaffhauser
A recent report by the Pew Research Center has found that while Americans don't trust institutions such as government agencies or major corporations to protect their personal data, they also don't follow cybersecurity best practices in their own lives.
The results came from a survey of 1,040 adults in spring 2016 across the country. Two-thirds of respondents (64 percent) have experienced some form of data theft or fraud; four in 10 (41 percent) have experienced fraudulent credit card charges; a third (35 percent) have received notices that sensitive information has been compromised; and other problems have included takeover of e-mail or social media accounts, compromise of Social Security numbers, loans taken out in their names or impersonation in filing fake tax returns.
Nearly half of Americans (49 percent) said they feel their personal data is less secure than it has been in the past. People 50 and older are especially likely to feel this way compared to those who are 18 to 49 years old (58 percent versus 41 percent).
A similar number of respondents said that organizations that collect their personal data can't keep it safe from misuse. At the top of the list, 51 percent of individuals who use social media sites said they have no confidence in those types of organizations to protect their personal data. The federal government generated nearly as much mistrust; 49 percent said it's not to be trusted with data.
But even as distrust grows regarding how well institutions can safeguard data, the respondents admitted that they don't necessarily follow cybersecurity best practices in their digital lives. For example, even while best practice is to use a password management program to maintain and track online passwords, 86 percent of people memorize passwords and 49 percent write them down on a piece of paper. Only 12 percent use a password management program, while 18 percent save passwords in their internet browser and 24 percent save them on a computer or mobile device. Researchers found little difference in these practices even among those respondents who had experienced a data breach.
Mobile security is another area of conflict. More than half of adults who get online (54 percent) said they'll use public hotspots for sensitive activities, such as online banking, despite the possible insecurity of those WiFi networks. Twenty-eight percent of smartphone owners said they don't use screen lock or some other kind of security feature to access their phone. About one in 10 said they never install updates to their smartphone apps or operating system.
The news about personal safety isn't all bad, however. The survey found that more than half of respondents (52 percent) said they use two-step authentication on some of their online accounts. And a majority also said they use different passwords for different sites or place security features on their phones.
The topic of encryption and whether government agencies should be able to break into or bypass encrypted communications showed some divisions. In 2016, when the FBI obtained a court order to force Apple to unlock the iPhone belonging to one of the people responsible for the mass shooting in San Bernardino, Pew did a survey that found that 51 percent of Americans believed Apple should be required to unlock the iPhone.
In this more general survey, however, Pew found that 46 percent of respondents agreed that the government should have access to encrypted communications when investigating crimes. A similar number said tech companies should be able to use unbreakable encryption. And 4 percent said their opinion would depend on the circumstances. The research organization found that response varied by gender, age and political affiliation.
The complete report is available on the Pew Research Center website here.
Dian Schaffhauser is a senior contributing editor for 1105 Media's education publications THE Journal and Campus Technology. She can be reached at email@example.com or on Twitter @schaffhauser.