Cisco has released the results of a survey of consumers and their opinions on digital privacy, and the findings have led it to create what it calls the New Trust Standard, a benchmark that assesses businesses over the course of their digital transformation initiatives to determine how trustworthy they are.
If that makes it sound like the findings of the study point to a low level of consumer confidence in the protection of their online privacy, that would be accurate. The report itself highlights four key takeaways from the data, each of which it said “demonstrates the growing importance of privacy to the individual and its implications on the businesses and governments that serve them.”
SEE: Security incident response policy (TechRepublic Premium)
First, Cisco said that consumers want transparency and control over how businesses handle their data, and an increasing number said they’re willing to act to protect themselves. Eighty-six percent of respondents said they care about their data privacy and want more control, while 79% said they were willing to act by not making a purchase, expecting to pay more for privacy, and spending money to protect their data.
Second, respondents had positive views of privacy laws, but a low level of awareness of those laws, with only 43% of respondents saying they were aware of the particular laws in their country.
As for COVID-19 related privacy hiccups, consumers don’t have much patience for being asked to reduce their privacy in the name of better pandemic response, with 42% saying they want no suspension of privacy laws, and 20% saying only a very few should be suspended in specific instances.
Lastly, abuse of data handling has eroded trust, and many are suspicious of AI that uses data to automate decision making. When presented with various scenarios in which AI was using data to make a decision, 53% said they would trust an organization less that uses such software in the hiring interview process, 46% said they would trust a company less that uses it to set prices and 47% said they would lose trust in companies that use AI to make credit worthiness decisions.
That’s a dim view of privacy, by and large, which is one of the reasons Cisco released its New Trust Standard.
“Digital businesses need the ability to verify the trust and resilience of its solutions, operations and actions. This framework helps us understand the core pillars in a process that makes trust quantifiable,” said Cisco CISO Anthony Grieco.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
The New Trust Standard can be used by any organization looking to meet a new standard of data protection, and Cisco said it establishes five critical elements that organizations need to grow while staying secure and maintaining public trust:
- Implement zero-trust architecture
- Make sure you have supply chain visibility and trust each link in the production process
- Stay ahead of data rights regulations and sentiment and react accordingly.
- Be transparent about what data is collected, how that data is used, why it’s collected, how it’s protected, and if any incidents happen that users need to know about — even positive ones.
- Earn certifications and meet regulatory requirements to show that your organization is recognized for being a proper data custodian.