Australians are caring more about data privacy but don’t know how to protect themselves
The Office of the Australian Information Commissioner (OAIC) has said data privacy is now the number one consideration for Australians when choosing a digital service, with 97% of those it surveyed saying this factor trumps cost and reliability.
In its 2020 Australian Community Attitudes to Privacy Survey, which was shaped after questioning 2,866 adults, the OAIC said 59% of respondents had experienced problems with how their data was handled in the previous 12 months. The survey was conducted from February to March this year, with additional research performed in early April.
The report [PDF] said 70% of respondents considered the protection of their personal information to be a major concern in their lives. Identify theft and fraud was the biggest privacy risk identified, with 76% of respondents pointing to this as a major concern. The category of data security and data breaches was second, with 61%; digital services, including social media sites sat at 58%; smartphone apps at 49%; and surveillance by foreign entities was flagged as a major concern by 35% of respondents, while that figure was 26% when they were asked about Australian entities.
“Our comfort with certain data practices depends on the type of information collected, the purpose behind it, and the level of trust in the organisation involved. Australians appear more comfortable with data practices where the purpose is clearly understood — for example, law enforcement using facial recognition and video surveillance to identify suspects,” Commissioner Angelene Falk said in her foreword.
The report says that there is a strong understanding of why individuals should protect their personal information, but respondents were less sure how they could do this, with 49% admitting they did not know how to protect themselves due to a lack of knowledge, lack of time, and the difficulty of the process.
As well as greater control over their personal information, Australians want to be protected against harmful practices, with 84% believing personal information should not be used in ways that cause harm, loss, or distress. 84% of respondents also wanted increased rights around certain issues such as asking businesses to delete information.
Additionally, 64% of respondents believed they should have the right to ask a government agency to delete their personal information, 78% wanted the right to seek compensation in the courts for a breach of privacy, 77% wanted to know when their personal information is used in automated decision-making if it could affect them, and 77% of respondents wanted the right to object to certain data practices while still being able to access and use the service.
Only 20% of respondents, however, read privacy policies and were confident they understood them.
“Concerns regarding data privacy are driven by a belief that many companies routinely use personal information for purposes that make Australians uncomfortable,” the report said.
The OAIC said that when comparing the results to those provided in 2017, fewer Australians are taking measures to protect their privacy, with a lower number of people asking public or private sector organisations why they need personal information. There were also fewer people that chose not to use an app on a mobile device because of concerns over handling personal information, as well as fewer people adjusting privacy settings on a social networking website than in 2017.
The survey also revealed Australians trust social media the least with their personal information, and that the federal government is generally more trusted than businesses with the protection of personal information.
62% of respondents said they were particularly uncomfortable with businesses tracking their location through their mobile or web browser. The same percentage of respondents also said that databases of information that keep what they have said and done online made them uncomfortable.
“Australians are increasingly questioning data practices where the purpose for collecting personal information is unclear, with 81% of Australians considering ‘an organisation asking for information that doesn’t seem relevant to the purpose of the transaction’ as a misuse,” the report said.
Falk said her office would use the findings of the survey to inform its input into the review of the Privacy Act 1988 and its priorities for the coming years.