By Julian Bajkowski

The federal government’s privacy and data watchdog has delivered the biggest stocktake of community attitudes to privacy issues in five years, revealing people are more worried about the conduct of online services and social media providers than identity theft and fraud.

The report from the Office the Australian Information Commissioner has found that almost half (48 per cent) of 1000 people it surveyed in its longitudinal study “suggested that using online services and social media sites pose the greatest risk” to their privacy.

That figure is more than double those who rated Identity Fraud and Theft (23 per cent) as their chief concern which was rated as the second biggest concern.

There is now also a strong public expectation that private sector organisations provide data security protection similar to that of the public sector, where personal information sharing is controlled by strict laws and regulations.

The research by the OAIC is confirmation of a growing perception that although there has been a huge uptake in the use of social media, the industry has still not earned the kind of public trust given to other service providers that handle monetary transactions or sensitive data.

“In the last five years we have seen a significant change in how people communicate and interact online,” said Australian Information Commissioner Professor John McMillan. “People’s attitude to the importance of personal privacy protection is changing at the same time.”

Two of the social media industry’s biggest challenges remain are its slow reaction times to deal with offensive or malicious incidents and an increasing imperative find new ways to make money from social traffic to maintain growth – sometimes by proposing to share or exposing data that users don’t necessarily feel comfortable with.

But the rise of social media to the top of the anxiety agenda has by no means extinguished previous major concerns over financial losses and identity fraud stemming from lax privacy protection.

Although Identity Fraud and Theft (essentially stealing someone’s identity credentials) ranked second it was immediately followed by ‘Data security / Data breaches’ (or the loss of personal information) on 16 per cent and then ‘Financial details / information’ on 11 per cent as the issues of biggest concern.

The common link between those concerns is that they all factor into criminal exploitation of personal information and data – which in turn underpins the growing industry of online and electronic payments and internet banking fraud that either steals money or uses stolen financial instruments to fraudulently obtain goods or services.

If combined, the otherwise discrete identity and data security concerns add up to 50 per cent of top worries, putting them just above social media concerns.

Put simply, people are still deeply concerned over being ripped off and see privacy as a structural safeguard against being plundered.

The enduring levels of electronic fraud and identity theft have propelled regulators, including the OAIC, to push for the local introduction of mandatory data breach notification rules where individuals who have had their personal and financial details stolen are required to be told by the organisations which have been compromised.

While mandatory changes were on the legislative runway to clear the Senate this year, the change of government in September has since caused the Privacy Amendment (Privacy Alerts) Bill 2013 to lapse, a situation that will now require the laws to be reintroduced.

“At this stage we don’t have a bill before the Parliament for mandatory data breach notification in Australia,” Privacy Commissioner Timothy Pilgrim said at the launch of the new privacy survey in Sydney.

Mr Pilgrim said there was now a significant move around the world, including the US and the European Union, for the introduction of similar measures.

The Privacy Commissioner also noted that while there had been strong initial self-reporting under voluntary data breach notification guidelines put in place in 2008, these then tapered off. However the since flagging of the introduction of a mandatory notification scheme, self-reporting had risen to levels above those previously experienced.

Legislation is not the only challenge facing the OAIC and its goal of providing empirical, longitudinal evidence to inform privacy policy.

Good research does not come cheap, and while the privacy attitudes survey ran annually from 2001 to 2007, resource constraints and the changing machinery of government resulted in the research being rested until this year   when private industry sponsorship was successfully sought.

The Commonwealth Bank of Australia wasted little time stamping its credentials onto the independent research as the ‘primary’ sponsor of the OAIC privacy survey, while law firm Henry Davis York stumped-up as a ‘key’ sponsor and Intel-owned security computer security outfit McAffee also chipping in.

Given the ongoing financial strains in Canberra, the innovative research funding model is sure to be of interest to those controlling tightening purse strings.

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at editorial@governmentnews.com.au.  

Sign up to the Government News newsletter