EU27 survey of electronic identity, privacy and data protection

 

FINAL REPORT  [4 June 2012]  

Pan-European survey of practices, attitudes and policy preferences as regards personal identity data management

    Authors: W. Lusoli, M. Bacigalupo, F. Lupiañez, N. Andrade, S. Monteleone, I. Maghiros  

This study presents the results of the largest survey ever conducted in Europe and elsewhere about people’s behaviours, attitudes and regulatory preferences concerning data protection, privacy and electronic identity, both on the Internet and otherwise in their daily lives.

The report draws conclusions in direct relation to four key Digital Agenda areas: Authentication and Identification, e-Commerce, Social Networking Sites, and Medical Information as Personal Data.

The survey was conducted in the 27 Member States of the EU between the 25 November and 17 December 2010. 26,574 Europeans aged 15 and over resident in each EU Member States were interviewed. The methodology used is that of the Standard Eurobarometer.

On June 16, 2011, top-line results from the survey were published in the Special Eurobarometer 359 and announced through an European Commission press release.

The survey was a long time in the making, starting in 2008.

Desk research and design Focus groups with young people     [February 2008] Validation workshop        [April 2008] Survey pilot     [August 2008] Focus groups in  7 countries           [February 2010] Validation workshop         [April 2010] Survey      implementation
  Two discussion groups of people 15-25 years old in ES, FR, DE, UK. 16 experts from disciplines cognate with survey topics. Scenarios with people up to 25 years old, online, in  UK, ES, FR, DE. Two discussion groups in each country, with 8-12 participants. 10 experts from disciplines cognate with survey methodology and design.  

 

Highlights

The study finds that personal data disclosure is increasingly prevalent in the European society, largely due to the expansion of the Information Society. In turn, most services provided in the digital economy rest on the assumption that this data and associated electronic identities are collected used and disposed of according to existing legislation. The survey shows very clearly how Digital Europe is shaping up.

About two thirds of EU27 citizens use the Internet frequently, more than one third uses Social Networking Sites (SNS) to keep in touch with friends and business partners and almost 4 out of 10 shop online. In both of these contexts, people disclose vast amounts of personal information, and also manage a large and growing number of electronic identities. However, there are equally significant differences among Member States and considerable digital exclusion, mainly due to socio-demographic differences in affluence, education and age.

Europeans know that if they want to benefit from using the Internet to its full potential they have to disclose their data (biographical, social, financial or medical) and manage online identities. Almost three in four Europeans accept that revealing personal data, so as to benefit from online services, is part of everyday life. While nearly all disclose biographical data (i.e. name, nationality, online account identity) to access a service, users shopping online also disclose address information and financial information and users of social networking sites disclose more social information but not financial.

There is significant use of business-issued rather than public-issued credentials for all Internet transactions, especially for eCommerce; in part, this depends on the fact that although many countries issue credentials these are seldom directly usable online for commercial purposes. This implies that: A transaction system based on the use of third-party credentials, rather than on direct disclosure of bank or credit related information, and in general other ways of pegging ‘virtual identity’ to real identity may enhance accountability and be useful to stimulate cross-border shopping. b) The offer of interoperable, easy to use national and cross-border systems with similar look and feel and more uniform protection of the rights of consumer and their personal data across the EU contribute to making it easier to transact cross-border.

But online users are also very much aware of risks in transacting online and are naturally concerned. The perception of risk is greater for more ‘mature/active’ users but it does not seem to curb abuse and misuse – such as data loss and identity theft. Providentially, these are still uncommon in Europe.

People trust institutions more than companies, especially medical institutions, to protect the data they are entrusted with; they are slightly less sanguine about whether Governments and Banks are to be trusted and concur as to the perception that private companies such as Internet service providers, e-shops and telephone companies are not to be trusted with their data.

 

Contacts

Wainer Lusoli, Wainer.Lusoli(at)ec.europa.eu
Ioannis Maghiros, Ioannis.Maghiros(at)ec.europa.eu