Despite Low Trust, Consumers Think Businesses Are Responsible for Protecting Their Data: Survey

“…56 percent of respondents said they use duplicate passwords for multiple accounts, and 41 percent acknowledged that they don’t take advantage of two-factor authentication for their social media accounts.”

Consumers are worried about data breaches and say they would stop doing business with a company that suffered one, but they aren’t taking security measures into their own hands – that’s the key takeaway from a new survey commissioned by Gemalto.Despite Low Trust, Consumers Think Businesses Are Responsible for Protecting Their Data: Survey

Polling 10,500 consumers around the world, the survey found that 69 percent of respondents felt business don’t take the issue of consumers’ data security seriously enough, with 70 percent saying they would stop doing business with a firm that suffered a data breach. At the same time, 56 percent of respondents said they use duplicate passwords for multiple accounts, and 41 percent acknowledged that they don’t take advantage of two-factor authentication for their social media accounts.

So if consumers aren’t taking strong security measures themselves, why are they so upset at businesses’ failures to protect their data? Because most consumers – 62 percent of respondents – feel that security is the responsibility of the businesses, not theirs.

As Gemalto Identity and Data Protection CTO Jason Hart put it in a report summary, “Consumers are evidently happy to relinquish the responsibility of protecting their data to a business, but are expecting it to be kept secure without any effort on their part.” Hart added that businesses thus can’t rely on making advanced security like 2FA an option – such measures need to be mandatory, or “businesses will face not only financial consequences, but also potentially legal action from consumers.”

The findings offer cause for concern in the wake of recent data from Gemalto’s Breach Level Index, which found a 168 percent increase in data breaches between the last half of 2016 and the first half of 2017, even as the use of encryption security decreased over that same period. As Hart observes, “Something has to change soon on both the business and consumer sides or this is only going to get worse.”