Men More Reckless with Personal Information Online

February 22, 2012

There is still widespread naiveté about the value of personal information and the way data is aggregated according to a new survey by Usamp.

Men and women are quite willing to share personal information about relationships, education, employment, brand preferences and political and religious affiliations.

But when it comes to information like email or physical address, phone numbers, or their location, women put a higher premium on physical safety and are markedly more guarded than their male counterparts.

What users have to gain a better understanding of is the very clear risks all of this information sharing represents, and how, with the information women were willing to share, the rest of their information is fairly easily exposed.

Why all that information matters

When looking at the types of information both men and women were fairly willing to share, it is the unintended use of that information that place you at risk.

For example, it was through hard fought battles in the 20th century that we gained a number of civil rights designed to protect every citizen from discrimination based on gender, religion, race, color, national origin, age, marital or family status, physical or mental disability, sexual orientation, political affiliation, financial status, and more.

These prejudices remain, and by sharing this information freely online users enable the very types of discrimination that civil rights were established to prohibit. And users do it in a way that never places an employer or company at legal risk. A candidate will never know why they weren’t considered, they won’t even make it to the interview.

To understand how this works, Microsoft conducted research in January 2010, to expand the understanding around role of online information and reputation.

One aspect of the research looked specifically at how recruiters and HR professionals use online information in their candidate screening process.

As you can see in this table, would-be employers can now make decisions based on a number of factors long before ever inviting a candidate in for an interview process where some system of oversight could possibly identify discriminatory practices against selected candidates.

With this type of undetectable prescreening, employers can make decisions based on how people look in their photos – weight, age, skin color, health, prettiness factor, style, tattoos, and economic indicators. They can look at comments made by the candidate, friends or family members that they would never have had the right to access pre-internet. They can look at groups and organizations a person is associated with – and potentially make decisions based on political affiliations, faith, sexual preferences, even medical factors – if this information is indicated through the groups and organizations to which the candidate belongs.

Learn more about the erosion of civil rights in my blog Civil Rights Get Trampled in Internet Background Checks.

The damage doesn’t end there

It is not just would be employers or college application review boards who can and do use this information.  If 5 years ago someone posted a photo of you on a drinking binge, will it impact whether an auto insurance company accepts you, or quotes you a higher rate?  Will it impact your medical insurance rate? How about your ability to get a car, school, or home loan? The answer is likely to be YES.

A reluctance to share address, email, phone numbers and other ‘locatable’ information doesn’t matter if you’re willing to share your name, employer etc.

The study found that among the types of personal information shared, men and women are most likely to be happy to share their names (86% and 88%, respectively) and email addresses (55.2% and 42.4%, respectively). Yet unless you live off the grid, your name alone is probably enough to get your address and phone number – and sometimes your email address. It’s enough to discover if you own or rent, if you vote, have a criminal record, etc. Compounding your risks, the facial recognition tools now in Facebook and Google+, mean that even your face in a photo may be enough to collect all this information.

Does it mean you hop off the internet and hide? No. But it does mean that before sharing any information you should ask yourself who could see it? What could they do with it? Will it damage you, your child, or someone else in the future? If your information is already out there, you may want to work with websites to have any sensitive information removed.

Linda


Consumers Suspicious of Sharing Personal Data with Companies

October 20, 2011

A whopping 88% of U.S. and Canadian consumers say they believe companies are primarily collecting personal information for their own benefit, nearly that many (85%) are often concerned about how much of their information is being held by others, and 74% don’t believe they benefit from sharing information according to an October 2011 survey from LoyaltyOne.

And even though 52% of survey respondents said they believe their information is being used to provide better service, only 9% strongly agree that this is the case.

This represents a very healthy skepticism on the part of consumers and shows that between the spread of internet safety messaging, and being burned by companies, has shifted the perception of average citizens towards sharing information. According to the survey, nearly one in three (32%) consumers has been notified their personal information was stolen or compromised.

Expectations for benefits are low

The survey also found that less than half believe that sharing their personal information will give them benefits like receiving tailored offers, advanced information, communications targeting their interests, easier purchasing processes, and preferred treatment or product improvements.

Companies beware

It would seem that consumers are tiring of the constant request for personal information by companies. Nearly a quarter of surveyed users (23%) say they have chosen against making a purchase due to uncertainty over how a company would use their personal information, and this percentage jumps to 30% of respondents who have received notification of a data breach and to 37% among respondents who have actually been negatively affected by a data compromise.

What consumers are doing to avoid information exposure

To limit the amount of information shared when general respondents do make a purchase, 41% say they pay with cash – this behavior jumps to 52% among those compromised by a data breach. 43% (jumps to 55%) say they refuse to provide a salesperson with their information, and 12% (jumps to 25%) say they have canceled memberships or opted out of loyalty programs.

Unfortunately, it doesn’t look like the survey asked about another common method for refusing to provide personal information – many people simply fake information in any field that’s not tied to billing or their address (hard to get the goods if you fake these). It would have been interesting to learn how many users go this route as I suspect the percentage is fairly high.

The data presented through this survey presents a very compelling argument for companies to provide real benefits in exchange for information, quit asking for information they don’t absolutely need, and to better protect information from data breaches. We’ll see if they take heed, but I’m not holding my breath.

Linda


Smartphone Users Are Mostly Young, Minorities, or Wealthy; This Needs to be Reflected in How We Teach Net Literacy

July 19, 2011

If you don’t have a smartphone, chances are you are older, white, less affluent, and don’t have a college degree according to new research by the Pew Research Center Internet & American Life Project. No longer primarily a status symbol, smartphones have become the primary internet access point for millions of users, but there are large differences between who uses these phones, and how they use them.

It turns out the phone you use says a lot about you, for example, you are likely to have a smartphone if:

  • You’re younger than 50 – more than half of 18-29-year-olds own smartphones, followed by 45% of 30-to-49-year-olds. For those over 50 there is a steep cliff; only 24% of 50-to-64-year-olds use a smartphone.
  • You earn over $75k – nearly 60% of American’s who earn over 75k own smartphones. The percentage drops to about 37% among those earning between $50 -$74k annually. Note: smartphone penetration is slightly higher (40%) in the next-lowest income bracket, those earning $30 – $49k annually; this may be due to this group using their smartphone more often as their primary internet connection.
  • You’re a college grad – nearly half (48%) of college grads own smartphones, compared to 38% of those with some college education, 27% of high school grads, and 18% of those with less than a high school diploma.
  • You live in an urban or suburban area – geography matters; 38% of both suburban and urban residents own smartphones compared to 21% of rural residents.
  • You aren’t white – 44% of both blacks and Hispanics have smartphones; nearly 50% higher than the 30% smartphone ownership rate found among whites.

How you use your phone also says a lot about you. You are more likely to use your smartphone as your primary means of connecting to the internet if:

  • You’re younger than 30 – 42% of 18-to-29-year-olds say they most often use their smartphone for web access, which is twice as often as 30-to-49-year-olds (21%) and more than four times as often as smartphone owners 50 and older (10%).
  • You are in the lowest income bracket – 40% of smartphone owners with a household income less than $30,000 a year use their phone as their primary internet access, compared to 29% of those earning between $30 – $49k  and 17% of smartphone owners with household income more than $50k
  • You belong to an ethnic minority – 38% of black and Latino smartphone owners primarily use their phones for web access, more than double the 17% of white smartphone owners who do so.
  • You are less educated – 33% of smartphone owners with only a high school diploma primarily use their phones for web access compared to 27% of smartphone owners with some college education, and 13% of smartphone owners with a college degree.

These findings have significant implications for how we teach and implement online safety, security, privacy and digital citizenship.

Beyond simply being interesting stats, the picture painted by the data has significant bearing on how companies need to display their privacy settings and terms of use, how proposed legislation is developed, the importance of mobile security tools, and how online safety, security, privacy, digital literacy and ethics are taught at school and implemented in homes.

For companies:

  • How are you going to ensure that mobile only users can easily read your terms of use and privacy policies, and select their safety settings? The small screen experience needs to be optimized to give users easy control.
  • If the least wealthy are the most likely to use the phone as their primary access, how does the cost of mobile security apps impact their ability to protect their devices, their identities, and their sensitive information? They will need free, or very low cost, mobile security apps. Should these be offered as a bundle in their service? How will you drive awareness of this need?

For Regulators:

  • Writing legislative proposals about internet safety, security, privacy or education that does not fully cover mobile internet experiences and risks is unacceptably shortsighted. Even when using the same technologies and services as computers, mobile devices bring their own set of risks and opportunities into play and these must be addressed simultaneously.

For parents:

For Schools:

  • Blocking technology is not the answer, yet far too many schools still think this is the best course of action. We need to teach students to be capable digital citizens on all internet devices to be prepared for the workforce environment they will step into. You must figure out how to embrace and incorporate technology.
  • Recognizing that the way youth use technologies, the amount of time they spend on technologies, and the economic divide in the use and access of technologies is critical in effectively incorporating technology as a learning tool – particularly for minority youth. To learn more, see my blog Minority Youth Spend 13 Hours A day With Media – 4 ½ More than White Youth – What Does this Mean for Their Future?
  • Kids can readily use technologies, but that does not mean they understand the real risks or consequences that can accompany these tools. It is absurd that teaching internet safety/security/privacy/digital literacy/ethics is not mandatory in every school. To help you address this shortfall, the LOOKBOTHWAYS FOUNDATION has begun creating the K-12 NetSkills4Life curriculum, made freely available to schools, families, organizations and the public. The first two online interactive lessons for 6th graders are in place, and we will be rolling out more lessons for all grades as quickly as we can and funding is available.

Linda


Felt Spammed by Retailers in the Two Months before Christmas? You’re Right.

January 22, 2011

Major online retailers in the US sent 4.6 email promotions to each of their customers in just one week in the lead up to Christmas last year according to Chad White, research director at Responsys and author of the Retail Email Blog.  In the 8 weeks leading up to Christmas, these companies averaged just over 4 emails sent to each customer each week.

If you’re like me, you had half a dozen or more stores each spamming you with 32 emails over the two month period.

And, if you’re like me, it was a real irritant to have to clear so much junk out of your inbox.

I actually got to the point that I began ‘unsubscribing’ to every site that sent more than one email per week, as the only means of reducing the ‘noise’.

After the Holiday rush, I’ve complained to the retailers that hounded me and let them know it is rude to spam good customers. If the spam bothered you too, lend your voice and be heard. With any luck the message will sink in before the run up to the 2011holiday season and we’ll all have one more thing to be grateful for.

Linda


As Debit Cards Use in Online Shopping Increases, So do Risks

March 3, 2010

Debit cards are rapidly growing in popularity according to a new study by Javelin Strategy & Research. While 70% of consumers used a credit card to make purchases in 2009, 51% used a payment service like PayPal and a surprising 55% used debit cards – which potentially carry significantly higher risks as debit cards do not provide the inherent protection that credit cards carry.

Online users largely unaware of the increased risks of using debit cards for purchases.

When using a credit card, you are using an extension of credit from the bank. The most you can be liable for is $50 if it is fraudulently used. If the card is stolen or abused, it is the bank’s money was stolen – it did not come out of your checking account.

Stolen or abused debit cards on the other hand, charge or debit your account at the moment of the transaction – and getting it back is far from guaranteed.

According to the Electronic Funds Transfer Act, notification of the theft of your debit card (or your debit card number and PIN) is given within two business days of discovery of the loss or theft, you may only be liable for $50. If you do not notify them within the two-day limit, you could lose up to $500. The kicker is that you may not know within two days that abuse has occurred – do you check and reconcile your account balance daily?

Finally, If you don’t report any unauthorized transaction that appears on your statement within 60 days of receiving it, you risk unlimited loss on transfers made after the 60-day period. The result can be that you lose all the money in your account plus your maximum overdraft if you have one.

In spite of the increased risks, the study reports that debit card purchase volume rose 21.3% between 2008 and 2009, equaling a jump from $47 billion to $57 billion USD, and debit card purchase volume is expected to increase 42.5% to $67 billion by the end of 2010.

Looking at projections for 2014, debit card purchase volume is expected to grow 123.4% from its 2008 level to $105 billion USD.

How debit card numbers are stolen online

There are a variety of ways in which debit card numbers and PINs can be stolen online. If your computer is infected with malware, you may be the one providing this information to thieves directly. If the site you purchase from is unethical, or one of the workers in that company is a thief, it may be stolen as part of your transaction. Or, if the ecommerce site is hacked, your debit card information can be stolen by the hackers.

In some attacks, millions of credit and debit card numbers have been stolen in single hacking incidents. For the credit card users, this can represent a real hassle – and a $50 loss. For the debit card users, the financial impact can be devastating.

The safest course is to use a credit card, or a Payment Service for online transactions.

Should you choose to use your debit card, check with your bank to understand exactly what protections they afford – some banks do provide better protections for their debit card holders than the law requires. Then, vigilantly monitor your account for unauthorized activity so that you can report any problems within the required reporting windows.

Linda