The Australian Information and Privacy Commissioner has said businesses have a responsibility to make privacy more straightforward for individuals.
“To be clear. Businesses and agencies do have the primary responsibility here to make privacy easy and empowering to manage,” Timothy Pilgrim told a Privacy Awareness Week industry debrief in Sydney today.
The Office of the Australian Information and Privacy Commissioner released its Australian Community Attitudes to Privacy Survey 2017 yesterday which highlighted growing concern among citizens about the privacy of their personal information.
Nearly 70 per cent of the 1800 Australians surveyed said they were more concerned about privacy than five years ago, and eight in ten believed privacy risks increased when dealing with an organisation online.
Six in ten respondents said they would avoid dealing with a private company due to privacy concerns, the report states. Addressing this fear could prove a competitive advantage to businesses that do it well, Pilgrim said.
“Organisations that move beyond compliance and into privacy by design will have a distinct advantage in addressing this cosumer concern,” he explained.
Despite citizens’ concerns, the survey indicated disparity between worry and mitigating action.
The majority of Australians do not regularly read privacy policies on websites, and 43 per cent do not regularly adjust privacy settings on social media acocunts. Around a quarter have rarely or never asked an organisation why they need our personal information, something Pilgrim called “a basic privacy right”.
Brands that addressed this contradiction could put themselves at an advantage, Pilgrim said.
“It doesnt take the psychologist to see that the apparant contradiction between rising concern but static action is part due to a sense of being overwhelmed by the issue,” Pilgrim said.
“So businesses that make privacy choices easy to control and understand will be trusted brands. The fact is many privacy notices are too long and too complicated. They’re meant to be about communication not mitigation so that’s one area we can improve immediately.”
Health service providers were the most trusted type of organisation among those surveyed, followed by financial institutions and state and federal government agencies.
The industries recording the lowest levels of trust included social media and e-commerce.
Australians believe the biggest privacy risks facing the community were online services, including social media sites (mentioned by 32 per cent of respondents); ID fraud and theft (19 per cent); data security breaches (17 per cent) and risks to financial data (12 per cent).
The majority of Australians – eight in ten – were uncomfortable about businesses sharing their information with other businesses. Far less (49 per cent) were similarly uncomfortable about government agencies sharing their information.
“These figures have ramifications for innovative data uses, which rely on data sharing and secondary use…These perceptions of data sharing and secondary uses may suggest a disconnect between community expectations and data innovation.”
Pilgrim said this implied individuals would be more comfortable if the economic or social case for the sharing of data could be made, and “a positive sign of the reasonableness and community mindedness of Australians”.
It was down to the private sector to “build upon in making a social licence case for innovative data use”, Pilgrim said.
The survey is the longest-standing and most in-depth study of how Australian attitudes to privacy have evolved, having been conducted in various forms since 1990.
With the extension of the Privacy Act 1988 to cover the private sector, the survey was broadened to its current scope in 2001.