Consumers Hold Firms Accountable For Breaches

Consumers demand better data protection or their business goes elsewhere: Unisys Security Index

Consumers are increasingly willing to take action against organisations if their personal information is compromised by a security breach, Unisys found.

More than 10,000 people in 12 countries, including 1,000 from the United States, were surveyed by Lieberman Researcher Group and Newspoll in the latest Unisys Security Index. While there were some variations between countries, the overall trends of consumers punishing organisations for breaches by closing accounts or taking legal action was consistent across all 12 countries, according to Unisys.

Courting bad publicity

About 87 percent said they had changed the password protecting the account with the organisation after a breach while 76 percent said they would close the account altogether. More than half, or about 53 percent, of the respondents said they are willing to sue the organisation after the data was compromise.

Nearly 65 percent of the respondents said they would publicly expose a company for not safeguarding personal data in the event of a breach.

“In a world where communities such as Facebook and Twitter provide the opportunity to instantly broadcast dissatisfaction to a broad audience, this threat seems more real than ever before,” Unisys said.

Legal action is becoming more common. A class-action lawsuit was filed against Sony after attackers breached the entertainment giant’s various cloud services, including PlayStation Network, Qriocity and Sony Online Entertainment. The US Department of Defense was hit with a $4.9 billion (£3.1bn) class-action lawsuit after computer backup tapes containing the personal information of nearly five million current and former US soldiers was stolen from health care data provider Tricare.

The publicity around the high-profile attacks and the dissemination of private data by hacker groups over the past year have “elevated the concern” consumers feel about safeguarding their identity, Steve Vinsik, global security solutions leader at Unisys, said in a video released in conjunction with the survey results.

Consumers are “more willing than ever to take stringent security measures”, whether it is highly complex passwords or biometrics to secure their data online, Vinsik said, adding that it was “incumbent” upon organisations to come up with something that is easy to use but makes them more secure.

More than half the respondents said they would be willing to provide biometric data, such as facial recognition and fingerprints, to secure their identity information online. Over 59 percent said they would be willing to use biometrics at airport security checkpoints or when conducting transactions with the bank or other financial institutions. The number dipped slightly to 53 percent for users willing to use biometrics in order to receive benefits or services from government agencies, according to the Security Index.

However, less than a quarter of US consumers, or 21.3 percent, were willing to use biometrics to log in to social-networking sites. Younger people were more willing than older users to use biometrics to access sites like Facebook, according to Mark Cohn, CTO for Unisys Federal Systems.

There may be a “perception” among consumers that social-media sites were “less careful with their data, or that the risk was simply not worth the reward”, according to Unisys.

The latest report echoed the results from the previous Index from May that found 70 percent of respondents concerned about identity theft.