A new poll from The Associated Press-NORC Center for Public Affairs Research and MeriTalk finds that Americans have a very pessimistic overall view of online security and privacy, believing that things like location data and even private text messages are likely to be exposed.
The poll also finds that there continues to be a strong appetite for federal regulation of data collection and use among Americans, even as they show a preference for private industry’s current handling of online security and privacy measures.
Faith in online security and privacy at low ebb in the face of breaches, dark web activity
The AP-NORC poll surveyed over 1,000 Americans in late June using its AmeriSpeak Panel, a survey tool designed to query a representative cross-section of the country’s population. The poll is considered accurate within 4.3 percentage points.
One of the leading takeaways is that almost two-thirds of Americans do not believe that their social media activity is secure. Social media remains concentrated in the hands of several gigantic Silicon Valley players, all of which have experienced a long string of difficulties with public confidence that date back years. Twitter took a notable blow last year when high-level employee access was hijacked by a teenager, and more recently it has been fielding lawsuits alleging that it fails to do enough to stop sex trafficking and child exploitation on the platform.
Facebook has experienced a string of smaller breaches since the Cambridge Analytica scandal, with a leak of over half a billion user records taking place in April. And while TikTok has a better overall record in terms of data breaches, the platform continues to weather questions about its commitment to online security and privacy given its relationship with the government of China and its handling of the personal data of minors.
Roughly the same amount feel that location data is not being protected, an issue most closely related to the targeted advertising industry. Though this data is often included in the information leaked in breaches, there are also substantial concerns about it simply being handed off to third-party data brokers as part of an app or platform’s normal operations. And about half of those surveyed said that they do not believe private text messages are adequately secured.
In spite of this inherent distrust of the ability of private companies to handle online security and privacy, 56% of respondents said that they trust the private sector more than they do the federal government in this area, and only 23% said that they are satisfied with current government efforts. Nevertheless, sentiment for federal-level privacy regulation remains strong as about 75% would like to see the US government establish a national standard for companies that are collecting, processing and sharing personal data. 71% additionally feel that keeping individual sensitive personal data safe should be considered a national security issue, with a relatively even bipartisan political distribution of this view.
In general, government involvement in technology development is also a majority and bipartisan view. The vast majority of both political parties feel that technology is key to America’s ability to remain competitive in the global economy, and 60% of all respondents say that the government should be actively involved in this area of economic development with measures like broadband internet access and technology investments.
There is also a strong majority support for harsher punishments for cyber criminals. There is something of an age skew, with adults under 40 supporting this at a rate of 85%, but younger people still have a strong majority base with 70% in favor. Still, it is not clear if survey respondents understand that the majority of major cyber crimes are perpetrated by foreigners that are usually operating outside of the effective reach of the US legal system.
Lack of trust in the federal government
Some of the pessimism about government ability to address online security and privacy comes from general lack of trust in the federal government, which is very low. Only 9% of respondents say they trust the government to spend money in the public interest, and only 15% feel that the government is making decisions that support them either “all” or “most” of the time. Only 22% feel that the government is able to deliver services to the public without discriminating on the basis of race, age, gender or other characteristics.
The seeming contradiction between lack of trust in the government and desire to increase government regulation and spending may be explained by near-term optimism. While Americans tend to not be happy with the present state of government, survey results indicate they are optimistic for improvements in the future. More than half of respondents see the government playing more of a role in improving the lives of citizens in the next 10 years. Respondents were particularly looking for improvements in health care along with online security and privacy.
Paul Bischoff, privacy advocate with Comparitech, takes a nuanced view of these results. He sees this poll as yet more indication that a federal bill addressing online security and privacy is both inevitable and coming soon, but also wonders if these new security standards will be misdirected: “The US is certainly overdue for national data protection standards. Given that such regulation has bipartisan support, we’ll most likely see something like Europe’s GDPR or California’s CCPA enacted nationwide. That being said, I think a lot of Americans conflate privacy with security … Because our adversaries are hidden, we instead blame tech companies and the government for not protecting us better. I’m not convinced raising security standards through government mandate will necessarily have a positive effect. Cybersecurity threats are so broad and evolve so quickly that no government regulation would be relevant for long, and it couldn’t possibly address every threat … Regulation won’t solve the lack of cybersecurity talent needed to fill all the vacant roles out there, either.”