11 March 2021
In academic circles, there’s a term for this phenomenon: the privacy paradox. We express concern about our privacy, yet our actions tells a different story.
This phenomenon is alive and well in the Nordic countries. Take our democratic process, for example. While a large number of Norwegians are sceptical about the way the authorities handle their data, most would vote online in the next government elections, if given the chance, according to our Nordic Security Barometer.
But the paradox is even more pronounced in the private sector. During the pandemic, the vast majority of Norwegians have been keen to embrace online shopping and use other digital services, even when half of the population doesn’t trust companies with handling their data. We place less trust in private enterprises, it seems.
Sigrun Bock, TietoEVRY’s Head of Cybersecurity Consulting, thinks the healthy level scepticism expressed by Norwegians can be explained by the country’s strong traditions of data privacy. A digital-savvy public is becoming increasingly aware of the risks involved when they share their data with others.“We might feel like our data is more protected when they are being handled by the national state authorities,” Sigrun says. “Our perceptions are heavily colored by what we read and hear, and trust is closely link to a business’ reputation. So when we are hearing about privacy breaches in digital services, delivered from private business, the fear is real.”
Sigrun adds that that our suspicions towards companies may reflect how we think that companies are looking to exploit our data for profit.
How do we earn people’s trust?
Consumers are used to using digital services every day, and expect that security is built-in wherever they go on the Internet or whichever app they use.
“We already have strong privacy regulations to help us meet people’s expectations . But we should not see this as a compliance exercise only. Increasing people’s trust means that every business must have a coherent set of controls at all levels to ensure resilience in their digital solutions. But we also need to understand that building trust is a continuous effort and is not a technology quick fix. It requires people and processes as well.”
What can you as a consumer do?
Even though it is the company’s responsibility to protect your personal data, we as consumers can also help. It is important that we must set our personal risk acceptance and know our rights. Sigrun believes we need to better understand not only what information you give out, but why.
“You need to know what benefits you are getting in exchange for your personal information. By accepting the privacy policy, the authority or company also express their obligation to protect your information. Read the privacy policy more carefully next time.”
She also mentions that if you are hesitating to give out some of your personal data, it is possible to turn off certain features in an application to reduce the data collection from your usage.
That said, she knows that it is hard to go about our daily lives without leaving behind a digital footprint.
“In today’s society, consumers increasingly feel that they cannot live a normal live without providing their data in exchange for different services. It is therefore even more imperative that companies take security on personal data seriously. That is the only way we can show consumers in real life that they can trust in us.”