The transparent consumer?
Data protection put to the test

Access to personal data has never been as easy as it is today. In the multimedia age, more and more data can be requested or retrieved. Banks, insurance companies and mail order companies collect and process large amounts of personal data. The population's mistrust of institutions and companies is growing. Only 42 per cent of the population trust the registration offices to handle data carefully. Only just under a third (30 %) trust insurance companies. And the address trade has lost almost all trust (8 %). This is the result of a comprehensive representative survey conducted by the Leisure Research Institute of British American Tobacco, in which 3,000 German citizens aged 14 and over were asked about their attitudes to data security. The results were published today in the study "The transparent consumer? Multimedia and data protection".
"Loyalty cards, credit cards, health cards - the inflationary proliferation of these plastic cards, which serve as data carriers or cash substitutes, is almost impossible for individual citizens to keep track of and understand," says Institute Director Prof Dr Horst W. Opaschowski. "Citizens can hardly find their way through the institutional data jungle." Two thirds of citizens who have an EC card have not yet thought about whether they are disclosing personal data.
The population believes that health insurance companies (90%) and registration offices (89%) have the most extensive data storage. Insurance companies (87%), banks (87%), doctors (87%) and tax offices (80%) are also mentioned by the majority. And almost every second German citizen (47%) has the impression that the Office for the Protection of the Constitution has stored personal data about them.
The subjective impression of the population does not necessarily correspond to reality, but it does allow conclusions to be drawn about people's personal sensitivities. Anyone who expresses more fear of the institutional data jungle or feels excessively "recorded" and "stored" reveals personal insecurity, perhaps even ignorance. Prof Opaschowski: "This indicates a need for information and thus also a need for political action, so that ignorance does not turn into dissatisfaction."

Trust in doctors - fear of address trading

On a scale ranging from 1 (= not at all reliable) to 7 (= absolutely reliable), respondents were able to rate the extent to which they trust the individual institutions that collect personal data. Doctors enjoy the greatest trust here. 56 per cent of the population are convinced that doctors are absolutely reliable when it comes to handling private data. Only seven out of one hundred respondents expressed considerable doubts. The high level of trust in the medical profession is largely due to personal positive experiences. Trust in the police is also high: almost half of the population (49%) is convinced that the police use the stored data absolutely correctly and reliably (women: 53% - men: 45%).
German citizens give the address trade a scathing report card: Only eight out of one hundred respondents trust the address trade to use personal data correctly. Most of them rather fear personal disadvantages or an impairment of privacy. Address traders are now able to provide very specific personality profiles. Highly sensitive data from the private sphere is collected, stored - and sold on - for marketing purposes! Opaschowski: "The George Orwellian Big Brother state apparently frightens citizens less than the unmanageable exchange of data, especially in address trading."

Causes: More information deficits than legal loopholes

The British American Tobacco Leisure Research Institute got to the bottom of the causes. A representative sample of 3,000 people aged 14 and over in Germany were asked why there are repeated breaches of data protection and what the main reasons for this are. Naivety, carelessness and ignorance in dealing with one's own data are mainly responsible for the misuse of data. 42 per cent of the population accuse themselves and others of "paying too little attention" to what information and details they give to whom, i.e. that they are far too careless with their own data.
Citizens" lack of knowledge about "what happens to their data at all" is seen as equally problematic. Two out of five German citizens (40%) cite the population's lack of knowledge as the main cause of data misuse. Every second respondent with a university degree (50%) criticises the lack of knowledge among citizens, compared to only 35 percent of secondary school and primary school graduates. As knowledge increases, so does awareness of the problem.
However, data misuse is not just a question of incompetence and ignorance. The public also suspects a deliberate disregard for data protection laws and regulations (39%) on the one hand, and far too little punishment for data misuse (37%) on the other. This is a serious criminal offence and not just a harmless pastime. In the opinion of the population, deliberately inadequate controls by supervisory bodies (32%) or a lack of regulations and legal loopholes (31%) are being exploited. In particular, the rapid development of new information and communication technologies and the growing networking of data-processing organisations are making controls more difficult. Multimedia wonder worlds can quickly develop into a data jungle in which orientation and security are in danger of being lost.
However, one in four German citizens also blames the lack of public interest in data protection (26%) for the looming problems. There are hardly any broad-based information campaigns to raise awareness. One in seven Germans (14%) cites a lack of financial resources for data protection as the main cause of data misuse. Professor Opaschowski: "In order to protect the transparent citizen and consumer from themselves and others, there is certainly a need for various combinable solutions, such as more knowledge transfer, more awareness of the problem and more data protection control by competent supervisory bodies."

Quo vadis, data protection? Effective measures against data misuse

Every third German citizen (36%) is of the opinion that their personal data has already been "misused once or even several times", i.e. unlawfully passed on and used against their will. People in employment (42%) are particularly convinced of this.
At the same time, the open question was posed: "Have you ever heard of how you can protect yourself against the risks of uncontrolled use of your data stored by public authorities and other public bodies, private organisations or companies?" The responses of the population clearly indicate that data protection has so far been largely a "blank spot" in the socio-political landscape. 81 per cent of the population can only answer the question of effective protective measures against data misuse in the negative. A further four per cent help themselves with the "don't know" answer.
Suggestions about what can be done effectively in the event of data protection violations are more conventional. One in six Germans (17%) want to file a complaint with the police first. A further eight per cent want to take legal action and file a complaint. Only seven out of one hundred respondents (7%) want to involve the data protection officer. The consumer advice centres are obviously seen as having little competence: Only one per cent of respondents want to call the consumer protection agency. Professor Opaschowski: "In future, consumer protection must be much more than data protection in order to remain competent and responsible as an advocate for consumer interests."
All in all, consumers feel rather helpless and left alone. The problem of data misuse is obviously still so new and unknown that those affected are torn between helplessness and anger.
The study presented by the Leisure Research Institute of British American Tobacco provides representative basic data on this, which is urgently needed for the increasing importance of cross-border multimedia services. It provides information about people's ideas, concerns, fears and hopes with regard to the collection and use of personal data. And it wants to put data protection before data misuse and at the same time help preserve the necessary freedom for providers and users. The desirable guideline for the future can only be: secure communication in open networks.

See also directory of all publications