IE 11 is not supported. For an optimal experience visit our site on another browser.

On privacy, talk and actions are poles apart

People say they are concerned they're losing their privacy and don't trust the government or corporations to protect it, but then they turn around and give away all sorts of personal data. Part 2 of Privacy Lost examines the chasm between talk and action.

Do people feel their privacy slipping away?  They do.

Do people trust their government or corporations to protect their privacy? They don't.

Would they submit to having a computer chip implanted in their skin to help identify them? Many would.

That's just one of the surprises revealed by MSNBC.com's privacy survey, conducted over the past month. 

The 30-question survey, developed in consultation with researcher Larry Ponemon of The Ponemon Institute, should not be considered scientific. More than 6,500 MSNBC.com users voluntarily took the survey by last week, when the results were analyzed. The survey reflects a self-selected group that likely is more interested in privacy-related issues than the general population. Nevertheless, the results are generally consistent with numerous surveys Ponemon and other privacy researchers have conducted.

The most obvious paradox on display in the survey results are that Americans are much more trusting than they say they are.

While most people feel uneasy about their privacy, they have a lot of trouble defining just what it is and what they can do to protect it. As a result, they appear willing to tolerate many behaviors by their government and corporations that they might consider invasions of privacy.

People have almost no faith in either their government or corporations to protect their privacy, the survey indicated. When asked "Who do you trust more to protect your privacy — government or private corporations," a full 88 percent picked the third option — "neither."   

But despite this near universal skepticism, consumers expressed a willingness to share intimate details of their lives with government agencies and businesses:

  • About 40 percent of respondents said they would willingly submit to voluntary fingerprinting at their local police station.
  • 60 percent said they would carry a high-tech driver's license with an embedded ID chip or biometric device.
  • Nearly 20 percent said they would have a tiny microchip implanted under their skin that could be used to identify them and access their medical histories.

Convenience trumps privacy
"It tells me that there is not a lot of trust, that people believe their privacy is eroding, but that they value convenience over privacy," Ponemon said of the results. “It is surprising.”

There’s a degree of pragmatism in the choices, Ponemon said. Privacy-activist behaviors such as refusing to sign up for supermarket loyalty cards, toll booth E-ZPass electronic radio signal devices or express security lines at airports would result in “a very inconvenient life,” he said.

The quest for convenience was nowhere to be found when MSNBC.com users were asked to define privacy. Many wrote in a passionate tone usually reserved for defense of a fundamental human rights – or constitutional discussions of liberty itself. 

The most commonly used expression was that privacy is “the right to be left alone.” Other answers included: “the right to protect myself from improper use of my personal information”; “the ability to share only what one chooses to share”; or the paradoxical “being left alone to do what I please, when, where & how I please (within limits of the law).”

Very few people are satisfied with the state of privacy in America:

  • 7 percent said they did not think their privacy is currently being eroded.
  • 9 percent said they believed their privacy is slipping away, but "I can live with that."
  • 3 percent agreed that privacy is a relic, that no one enjoys privacy any more and "I can live with that." 
  • 80 percent indicated their sense of privacy is waning "and that bothers me." 

Anything goes? Not quite
Despite this lament, a much smaller percentage expressed a willingness to draw a hard line against disclosing certain kinds of personal information. In addition to the results relating to ID chip implants and high-tech licenses, about 43 percent said they'd accept universal ID cards, often cited as a surveillance tipping point by privacy advocates. Some 57 percent said they'd be willing to submit biometric information when entering of leaving the country.

Not all data-gathering behaviors were deemed acceptable:

  • 92 percent of users said they do not want the government tracking their Web surfing habits or reading their e-mail, electronically tracking their automobiles or eavesdropping on telephone calls.
  • 62 percent said they were concerned or very concerned about the government obtaining a list of telephone numbers they had dialed.
  • About 70 percent rejected video surveillance that created indefinite photographic records. 
  • 67 percent said they weren't willing to surrender more information or submit to intense questioning at airports — at odds with their support for biometric data collection at airports.

Consumers are savvy
While the results might seem paradoxical, Gartner researcher Avivah Litan said they actually show consumers are savvy. People don't see privacy as a black and white issue, she said, but they instead pick and chose the things they oppose.

"People's opinions are more subtle than we give them credit for,” she said. “There are nuances. ... If they have nothing to hide, they are not worried about it. They are averse to government tracking but welcome improved safety at the cost of giving up personal information."

She said she was not surprised that almost 1 in 5 respondents were willing to have a chip implanted in their skin because of the way the question was posed, she said.

"People are open to having their medical information on a chip. If you are in a car accident and can't speak, it might save your life," she said. "Now if you said, 'Would you submit to an implant the government could use to track you?’ they probably would have all said no."

The divergent results would be expected even if, in the end, those two questions would likely lead to similar outcomes, she said. A chip implant that begins with medical information could soon be expanded to include information accessible by prospective employers, government officials and even shopkeepers — perhaps you have an unpaid parking ticket, or your shoes are from last years’ fashion season, or you are infected with the AIDS virus. You would no doubt be treated differently as a result.

People with serious medical conditions have likely thought through this complex issue, Litan said, and likely have much stronger privacy concerns.

"There's probably no one with AIDS in that 18 percent (willing to have a chip implant)," Litan said.

How you ask the question
The main distinction that usually arises in privacy surveys stems from Americans’ built-in skepticism of government, Ponemon said. Americans are very wary of being tracked by their government, but otherwise behave in ways that indicate they are open to sharing their digital lives. As is generally the case with polls and surveys, the way the question is asked skews the results. If researchers ask, "Would you do this to be safer?" respondents are much more likely to say “yes” than if asked "Would you do this to be tracked by the government?"

In 2002, The Pew Research Center for People and the Press found the importance of question wording in a poll it conducted.  Simply by dropping the word “your,” from a question, its researches obtained a starkly different result.

When asked “Should the government be allowed to read e-mails and listen to phone calls to fight terrorism?” 33 percent replied “yes.”  But when asked, “Should the government be allowed to read your e-mails and listen to your phone calls to fight terrorism,” only 22 percent replied in the affirmative.

In other words, it is OK for the government to read other people’s e-mails.

Biggest threat to privacy
MSNBC.com users were asked to explain in an essay-style section what they perceive as the biggest threat to their personal privacy. Government and corporations were equally criticized.

Many expressed discomfort with collection and sharing of data by companies. The three biggest threats to privacy, said one writer, were: “Corporations storing my Social Security number. Corporations selling my information to other corporations. Corporations accessing credit scores without my consent.”

Said another, “Credit card companies sharing information and then the new companies sending checks in my name to me hoping I will be dumb enough to cash them.”

Criticisms of government practices tended to be a bit more philosophical, and nearly always invoked the privacy vs. security debate.

“Government intrusion into privacy on an ends-justifies-means rationale, willingness to violate constitutional protections to fight terrorism, general willingness to violate other people's rights if doing so makes us marginally safer,” one writer said.

Another writer said he felt most threatened by “Exaggerated worry about terrorists.”  Another said simply, “The Patriot Act.”

But not every writer felt privacy’s biggest threat came from Big Brother.

For a few, the threat was much more local. One respondent, who wisely submitted his response anonymously, said the biggest threat to his privacy was right at home: “Marriage.”

Lost laptops a big concern
The MSNBC.com survey also examined sentiment about identity theft and about the flood of lost data and lost laptops that have filled technology news sections since last year. Some 90 million notices have gone out to consumers from companies and organizations indicating personal information has been lost or stolen. About 1 in 3 MSNBC.com readers who took the survey said they had received such a notice. Of those, 39 percent said they'd received nothing as compensation for the incident, and about 60 percent of that group said they were concerned about being the victims of identity theft. 

Overall, 9 in 10 said they were concerned or very concerned about lost data, but concern about ID theft hasn’t led consumers to pull out their wallets. Only 1 in 10 respondents said they pay for a service to help them protect their privacy or their identity.

When asked to rank a list of potentially risky behaviors, consumers felt there was little difference between handing their credit cards to a waiter, using their credit card at a Web site, using a telephone to read e-mail, signing up for a supermarket discount card or using E-ZPass automatic toll payments. Online banking was judged slightly safer than many of those behaviors.

Filling out sweepstakes entries — a method commonly used by scam artists to find likely victims — was deemed a “most risky” behavior by 33 percent of respondents. But 23 percent said it wasn't risky and 21 percent rated it as mildly a neutral behavior.

Gullible Americans?
Such misplaced trust is another common trait among Americans, said Litan, who studies computer security trends and consumer sentiment at Gartner. U.S. consumers readily say they are skeptical of the government, for example, then turn around and say they are ready to provide their fingerprints anyway.

"Americans are trusting until they have a reason not to be trusting," she said.  Unintended consequences of privacy lapses are almost impossible to predict, so they are easy to discount or ignore. Faced with the choice of some immediate benefit — say, a discount or speedier passage through a toll booth – and some uncertain privacy consequence, consumers pick immediate gratification almost every time.

“People can't predict the future,” she said. “So they are trusting.”