Data Loss and ID Theft Fears Altering Consumer Purchasing Behavior
With the headlines announcing almost on a weekly basis another data breach at businesses, educational institutions and medical facilities, a recent study shows consumers are modifying their purchasing behavior, including online buying, out of concern for the security of their personal information.
The "2007 Consumer Survey on Data Security" conducted by the Ponemon Institute, found that 62 percent of the respondents have been notified that their confidential data has been lost.
The high percentage of individuals that have been notified of a data loss event has contributed to increased security concerns, as the vast majority of those notified reported concern about the event. "Our research clearly shows that data breaches are affecting consumersâ€™ trust in the organizations with which they share their data and, ultimately, their buying behavior,â€ said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. These data breaches have had a direct impact on consumer buying behavior, including reluctance to use their credit or debit card to make a purchase with a Web merchant they donâ€™t know, and unwillingness to provide their Social Security number online.
â€œThere a few big picture items in the study for financial institutions to ponder. One is that the average consumer has a different view of data breaches, and where theyâ€™re occurring. Financial institutions and brokerages are held to a higher standard, than say a retailer like TJX,â€ Ponemon noted. â€œFor whatever reason, consumers tend to hold certain groups to a higher standard.â€
Second implication Ponemon sees, â€œConsumers are aware that some data is more valuable than others, so they tend to know that social security numbers, and drivers license numbers, and other highly sensitive information like credit card and debit card numbers have greater value than other pieces of information. Those are the â€˜holy grailâ€™ pieces of information, and consumers tend to hold banks and other financial institutions to a higher standard, because they have given the institution this type of information.â€
â€œItâ€™s clear to us that consumers are getting smarter. Three or four years ago when we asked the same questions, (pre-data breach notices) they were less aware of the difference of say your social security number and the valuation of it, say compared to your mailing address.â€
One other note Ponemon made regarding the types of data breaches, â€œIt appears to us that many companies, including financial institutions, assume that if data is lost, say a tape falls off a truck, that it would be viewed by consumers as better than say if a criminal stole the information.â€ He added that if a criminal steals the information, and uses it in identity theft schemes, it would have longer, more costly implications for the firm.
â€œBut what we found was that consumers donâ€™t see it that way. The consumers feel more anger with a company who loses the information through negligence than if stolen by a criminal.â€
The study finds that a majority of respondents are changing their purchasing behavior due to heightened security concerns:
- 62 percent of respondents have been notified that their confidential data has been lost.
- 84 percent of those respondents reported increased concern or anxiety due to data loss events.
- 62 percent of respondents said that they would be more upset with a company that lost their information due to negligence than if that company lost their information as the result of theft.
- 36 percent of respondents stated that they would not use their credit or debit card to make a purchase with a Web merchant they donâ€™t know.
- Respondents who have received notification are more cautious when sharing their credit card (43% vs. 32%) and debit card (44% vs. 32%). In other words, the findings suggest that breach notification may affect consumer behavior.
- 45 percent said they would not provide their Social Security number on a website.
In addition, the study identified the top five consumer data privacy concerns: medical records, pharmaceutical history, credit card number, debit card number, social security number. A majority surveyed stated that they would be most concerned if their healthcare provider, pharmacy or employer lost their information. In this wide open world where information can very easily be copied, sent or shared, and over 100 million consumers have been notified of a breach of their personal information. Unfortunately, this has led consumers to have significant concerns about the security of their data, especially sensitive financial and medical information.