clip_image002Corporate data breaches and security incidents pose a growing threat to businesses around the world. Such events are increasingly common, with companies and organizations from Google to Sony to the Stanford University Hospital falling prey to data breaches, news of which was subsequently splashed across national headlines.

Incidents like these, combined with the increasing number of ways to track what people are doing online, are affecting consumer attitudes. Edelman’s new global study, Privacy & Security: The New Drivers of Brand, Reputation and Action Global Insights 2012, reveals that seven in ten people globally are more concerned about data security and privacy than they were five years ago, and a full 68% believe that consumers have lost control over how online personal information is shared and used by companies.

Businesses, however, are not doing enough to meet these concerns. A majority of people (57%) report either no change or a decline in the security of their personal information in the last five years. This is problematic, because consumers think that businesses should be grappling with these issues and that it is their responsibility to do so. The vast majority (85%) say businesses must take data security and privacy more seriously, and a plurality say businesses – as opposed to governments or individuals – are responsible for protecting the security of their personal information.

Edelman’s study also indicates that data security and privacy issues have the potential to affect a businesses’ bottom line. Customers are taking data security and privacy into account at the checkout counter; surprisingly, when it comes to smartphones, personal computers and tablet computers, data security and privacy are as important to them as a product’s design, style and size.

Businesses are also suffering from a trust deficit due to peoples’ concerns about data security and privacy, particularly in the financial and retail sectors. While 92% of people say security is important to them in when doing business with the financial sectors, just 69% trust the industry to protect their personal information – trust lags by 23 points. In online retail, the gap is even more dramatic. While security is important to 84% of those doing business with online retailers, just 33% trust them to protect personal information – a 51 point gap.

To earn people’s trust in their ability to protect data security and privacy, businesses must manage these issues like a core competency, engaging with them in a meaningful way on a daily basis. Businesses that ignore data security and privacy do so at their own peril, because consumers will abandon companies they do not trust to protect their personal information. Those that prove willing and able to manage data security and privacy effectively, however, will bring unexpected value to consumers around the world by demonstrating that they understand the importance of protecting the information people hold most valuable.

Read the full study here. We’re keen to hear your thoughts…


To many of the 400 million people who inhabit the Facebook community it has become almost second nature to freely share the minutiae of their inner-most thoughts online  for all to see. Regular status updates, photo uploads and wall posts are a great way of keeping socially connected but following the recent controversy concerning Facebook’s dilution of privacy I find myself wondering whether we should think more carefully before we share. is a new search site that can be used to find status updates. This independent Facebook search engine exposes the information that we so happily and freely post, to all those who are interested in snooping around for it. And Facebook is not alone – Google has confessed to being remarkably lax, which led to its Street-View cameras accidentally recording personal data from domestic WiFi networks.

Is Facebook leading the way for the personalised internet of the future? And if so, is this the direction that us avid social networkers want to be headed? To quote Jemima Kiss from The Guardian; “The free lunch is over; we pay wit h money, time or behavioural data”.

My advice: Now that we are all contributing to an ‘open book’ only update it if you are happy for both those you know and those you don’t to all have a look.

It used to be said that an Englishman’s castle is his home and certainly it was from a privacy point of view.

A great deal has been written on the nature of privacy in the social media age recently but the scale of the change was brought home to me by the tragedy of Ashleigh Hall, who was murdered after meeting up with a ‘friend’ she had met through her Facebook account.

The Facebook page showed Peter Chapman as a teenager when in reality he was a 35 year old registered sex offender.  As the Daily Mail headline across half the front page asked  ‘Who’s Your Child Talking to on Facebook Tonight?”.

The sheer openness of social media is at stake.  As stated a home used to be castle in the late 20th century: electronic family life took place within closed channels; the telephone was fixed and family regulated; television was a joint activity involving parental guidance; and if anything the most social form of content was music.

The level of interaction with the outside world introduced by the world wide web was unimaginable.  Today, as the web celebrates its sixteenth birthday, we don’t appear to have developed a full understanding of what this new form of privacy means.

It is easy to dismiss the Daily Mail and threats from a new order of privacy that is being ushered in by the widespread adoption of social media, but it’s impact is profound.  One reaction may be to see if we can re-engineer the old world of privacy.

Yet this is an option that could be self defeating, as clearly the need to educate and create new behaviours is at the heart of safe behaviour in a social media society.  To ignore this and pretend children are not going to access social media and networking sites would be to deny them this protection.   Yet with all the education in the world mistakes can happen.

So, should society regulate to create greater protection, should it be illegal to present an image of oneself that is patently false?

A truly adequate response requires an understanding of what privacy means in this new world, and the creation of social systems that help prepare and guide people from many aspects.

The social media industry itself must face this challenge head on and in conjunction with government, education and consumer groups otherwise the arguments for regulation take root.


NOTE: interesting that since this was drafted, further developments have meant the Mail has had to come out and apologise for the Facebook accusations (brilliantly summarised by @ruskin147 here)

The UK’s information commissioner confirmed reports yesterday of the loss of millions of customer records containing sensitive data.

This incident, one of an increasing list of digital faux pas, will no doubt be quickly overshadowed by other more pressing and global concerns and a ‘this is an industry problem’ statement which it clearly is. It does, however raise serious, if little voiced issues of trust and responsibility among telco.

Every day millions of consumers share sensitive – even intimate – details with one another via their ‘phones and other wireless devices. As I write this, Clive Woodward is connected on his laptop in the same train carriage (that note might make for interesting reading) and, whilst the interception and use of information is illegal in this country it clearly happens and the laws don’t provide for custodial sentences to help deter it.

So who’s responsible?

Customers are willingly provide ‘status’ updates through applications installed on their ‘phones either at the point of purchase or thereafter. In order to secure a contract they have to divulge potentially sensitive personal and billing information that they trust will be treated with respect and secured.

Trust in mobile operators is, in part, based on the belief that the calls, texts, pictures and other media like Facebook and Twitter updates are despatched and arrive safely. They and their hardware partners build walled gardens (Apple is notorious for this) to protect ‘the integrity of the network’ seeking to ensure that only the most appropriate applications and information are consumed. There is some merit in this – imagine for example, having to download weekly virus updates to your mobile.

How can we overcome this?
Perhaps introducing another contract variable – network security – providing, for example, a sliding scale of customer fees based on the level of security they deem necessary, effectively penalising organisations for any breaches, might underline the seriousness of this issue (not limited to mobile operators but extending far beyond) and effect the necessary changes in behaviour.