24 May 2017
New survey - one year to GDPR: Seven out of ten are worried about Internet security and more than one out of ten have been subject to data breaches. A new survey commissioned by software and services company Tieto also reveals that eight out of ten people in Sweden and Finland and five out of ten in Norway would now consider erasing their customer data from companies´ data registers. However, only one out of ten is aware of the possibility provided by the new data protection regulation GDPR, which steps into effect exactly one year from now.
On May 25th 2018, the new General Data Protection Regulation will come into force in the EU, giving consumers the right to get their stored data removed from companies’ data registers (“Right to be forgotten”). Businesses affected by cyber attacks and breaches where sensitive information is leaked must also inform authorities and affected customers (data subjects) of the incident within 72 hours.
To investigate how these changes are perceived by the general public, Tieto has commissioned research company SIFO to ask more than 1,000 people in Sweden, Norway and Finland about their attitudes to data protection and how companies treat personal data. The results show that over 90 percent want organisations that have been subject to data breaches where information is at risk of being leaked, to inform them of this within 24 hours. At the same time, 80 percent of Swedish and 82 percent of Finnish people state that they would consider requesting one or several companies to delete all stored customer data about them, while the corresponding figure in Norway is 48 percent. Only approximately one out of ten is aware of the new regulation making this possible.
- Cyber threats are on the rise and citizens have become more alert to how companies handle their personal data. But knowledge about the new regulation is low and very few are aware of their upcoming strengthened data protection and privacy rights. Raising awareness among the general public is an important step in order to secure correct usage of personal data and strengthen our readiness against data breaches in society, says Markus Melin, Head of Security Services at Tieto.
- The time when you could collect customer data without knowing for sure where and how it was stored has definitely passed. Going forward, companies need to know exactly what kind of data they collect and also be prepared to find and erase it swiftly if requested. The ones who cope with this transition smoothly will have a competitive advantage and win the customers´ trust. But it is an extensive task and the clock is ticking, says Markus Melin.
Read more about GDPR and data security: https://www.tieto.com/key-topics/gdpr
For additional information, please contact:
Mikko Viitala, External Communications Manager, Tieto
phone: +46 72 242 1618, e-mail: mikko.viitala@tieto.com
Excerpts from the survey (SE = Sweden, FI= Finland, NO = Norway)
Are you worried about IT security and how your personal information is treated by the digital services you use online?
Yes, for most services – 23%(SE), 28%(FI), 26%(NO)
Yes, but only for certain services – 46%(SE), 47%(FI), 50%(NO)
No, not at all – 26%(SE), 15%(FI), 16%(NO)
I don't know - 5%(SE), 10%(FI), 8%(NO)
Have you experienced that your personal data and/or password has been leaked and ended up in the wrong hands as a result of a data breach?
Yes, several times – 1%(SE), 1%(FI), 1%(NO)
Yes, at some time – 14%(SE), 11%(FI), 9%(NO)
No, not as far as I know – 83%(SE), 86%(FI), 87%(NO)
I don't know – 2%(SE), 3%(FI), 2%(NO)
How quickly would you want a company where you are a customer to inform you of a data breach where your data is at risk of having been leaked?
Immediately – 69%(SE), 62%(FI), 73%(NO)
Within 24 hours – 25%(SE), 29%(FI), 21%(NO)
Within 72 hours – 1%(SE), 3%(FI), 1%(NO)
Within a week – 1%(SE), 1%(FI), 1%(NO)
Within a month – 0%(SE), 1%(FI), 0%(NO)
Within 6 months – 0%(SE), 0%(FI), 0%(NO)
Within a year – 0%(SE), 0%(FI), 0%(NO)
Never – 0%(SE), 1%(FI), 0%(NO)
I don't know – 3%(SE), 3%(FI), 4%(NO)
Would you be willing to request a company to delete all user data they have stored about you?
Yes, in several cases/companies – 46%(SE), 34%(FI), 13%(NO)
Yes, in a specific case – 34%(SE), 48%(FI), 35%(NO)
No – 5%(SE), 6%(FI),33%(NO)
I don't know – 15%(SE), 12%(FI), 19%(NO)
Do you want companies to use information about you and your buying habits to direct new customized offers and services to you?
Yes – 7%(SE), 10%(FI), 5%(NO)
Yes, but only in certain cases – 38%(SE), 48%(FI), 44%(NO)
No, never – 50%(SE), 38%(FI), 44%(NO)
I don't know – 4%(SE), 5%(FI), 7%(NO)
What do you know about the new General Data Protection Regulation within the EU?
Nothing, never heard about it – 69%(SE), 68%(FI), 67%(NO)
I have heard about it, but don´t know about its implications – 22%(SE), 22%(FI), 26%(NO)
I am aware about it and know a bit about its implications – 8%(SE), 7%(FI), 5%(NO)
I am aware about it and know very well about its implications – 2%(SE), 2%(FI), 1%(NO)
About the survey
The survey was conducted in the TNS Sifo/Kantar´s web panels in Sweden, Finland and Norway on commission by Tieto, during may 2017. A total of over 1000 people were interviewed in the age group 16 - 79 years in each country. The web panels were recruited from a nationally representative random sample. There is no self-recruitment in the web panels.
Tieto aims to capture the significant opportunities of the data-driven world and turn them into lifelong value for people, business and society. We aim to be customers’ first choice for business renewal by combining our software and services capabilities with a strong drive for co-innovation and ecosystems. www.tieto.com