In news that could portend grim tidings or continued job security (depending on your line of work), a recent survey of Asia Pacific consumers reveals that most feel business or government is more responsible for personal data security than they are and nearly all will sacrifice security for convenience features.
75% of respondents to F5’s recent Curve of Convenience 2020 report felt that they were not the most responsible party in terms of securing personal data. 43% felt that should fall to businesses, while 32% believe it’s a matter that the government is most responsible for. In addition, a whopping 96% responded that they will continue to use an app even when a breach has been discovered.
The survey, conducted via online polling site YouGov, included 4,100 participants from Australia, China, India, Indonesia, Hong Kong, Japan, Singapore and Taiwan.
Who is ultimately responsible for personal data security?
Given these numbers, the infographic that introduces the study – entitled “That’s not my problem” – seems quite appropriate. However, there are some factors that make the picture at least a little more complicated than a simple sense of carelessness for personal data security across the entire region.
The first factor is the diversity of cultures and types of government in the APAC region. For example, sentiments about trading specific personal data for a more seamless end user experience vary greatly by country. Residents of China are most willing to make this trade (82%), a reasonable assumption that one might make given that government surveillance already renders online privacy mostly moot there anyway. Residents of Indonesia (79%) are also adjusted to periodic internet restrictions and blackouts that are not normal in democratic countries that do not have comparable levels of religious influence on government. Other countries are much more attuned to personal data security in this area, however. The leaders among these are Japan (40%), Australia (50%) and Singapore (58%). In total, 69% of APAC respondents are willing to trade personal data privacy for some sort of improved user experience.
The 96% number refers to those who said they would continue to use an app even after becoming aware that a security breach had been discovered, but only 73% said that they even attempt to keep up with news of breaches. 27% said that they were generally not aware of personal data security breaches of their country’s government or of very popular apps that are commonly used.
The F5 findings lined up with other recent research on APAC resident attitudes toward personal data security. In a May study published by Kaspersky, only a little over half of APAC respondents expressed concern about protecting their personal data online in spite of 40% also indicating that they had suffered the effects of a data breach. 24% said they would exchange personal information for a “fun quiz,” and 20% said they would exchange it for free products or services. Over half said that they do not know how to check to see if their passwords have been leaked in a breach, and about a third did not know how to remove private personal information from public outlets.
Improving public security attitudes and awareness
While the report paints a picture of a public that is not aware enough or invested in personal data security, there is at least some merit to the common perception that businesses and government have a great deal of responsibility in this area. It has become very difficult to live a life entirely decoupled from the internet; even those that attempt to limit their online interactions as much as possible will at some point need to access financial accounts, make a purchase or payment, apply for a job, experience a period of working from home, or contact family and friends via various internet platforms. That means trusting both private and public entities to store, transmit and handle personal data. Private businesses have repeatedly been shown to not take data security seriously or deploy fully adequate measures until regulation forces their hand; likewise, government agencies often limp along with outdated devices and operating systems that are no longer supported or fully able to be secured until lawmakers take some sort of action to improve the situation.
There is still quite a bit of room for individuals to reduce their personal risk profile, however. As the survey makes clear, substantial amounts of people are still not keeping up to date with cybersecurity issues that affect them and are also not educated on how to make use of device settings and online best practices to improve personal data security. They are also still oversharing their data on various social media platforms. On the subject of what app developers can do to improve the situation, Adam Judd, Senior Vice President – Asia Pacific, China and Japan at F5 notes: “To truly integrate convenience and security, businesses should proactively involve consumers across the development of the applications, not only at the end. This is especially the case in an age where both application consumption and security vulnerabilities are multiplying by the day.”