Cybersecurity Frontier Insights Findings: User Perceptions of Trust and Privacy on the Internet
Oct 22, 2020
Last week we shared that the Center for Digital Acceleration was launching our most recent Cybersecurity Frontier Insights research into user perceptions of trust and privacy in India and Ghana. Here are the findings from that report, which can be downloaded here.
Since the creation of the internet more than 30 years ago, our lives, economies, and societies have changed dramatically and the restrictions of the COVID-19 pandemic have accelerated change even more. As we’ve developed seemingly endless new methods of online communication, commerce, and civic participation, the international development community has become more acutely aware of a growing digital divide: those who are poor, rural, remote, illiterate, female, or living with disabilities in emerging markets risk being excluded from the benefits of digital transformation. Therefore, especially in recent years and months, we’ve seen valiant efforts from governments, private companies, and the development community to bridge digital gaps aiming to enable more people to access and benefit from online services. However, as access and use has increased, so has the number of digital risks, with data breaches, fraud, surveillance, and cybercrime on the rise globally.
This is a problem not only because these are bad things to encounter. It’s a problem because trust underpins adoption and these digital harms risk undermining trust in digital services more broadly. If you think using a website, tool, or application exposes you to fraud or surveillance or crime, you’re probably not going to use it, right? If you are digitally savvy and/or in a developed community, you’ll probably find another way to accomplish your task—but if you are a very new user, who maybe struggles with digital or even basic literacy, encountering such threats might be enough to erode your confidence to the point of disengaging with online services altogether.
Photo credit: Adobe Stock.
This lack of trust poses a stark challenge to national governments, international donors, and private companies seeking to promote digital inclusion. If the risks associated with online access outweigh the benefits, unconnected or newly connected people may fail to see the value of digital adoption at a time where economies are becoming more digitized, leaving them even further behind.
Match Investment with Trust
To fully realize the potential benefits of internet access, we must match our investments in digital infrastructure, tools, and services with an equal investment in digital trust. To date, most efforts to sustain trust focus on supply-side interventions to mitigate digital risk. A mobile tech company might repair a coding vulnerability that accidentally exposes people’s data; an enterprise may require employees to use two-factor authentication to sign in or a social media giant might develop an algorithm to identify disinformation. These UX/UI and backend interventions to strengthen online security and privacy are important but represent only half the equation. What’s missing is the demand side: how users understand the challenge themselves.
We lack quality data on how user trust of the internet is shaped by their perceptions of privacy and security online, so in an effort to begin to fill this gap, DAI interviewed urban youth in Accra, Ghana, and Chennai and Delhi, India, on the issue. The findings were illuminating: more detail is contained in the full report, but here is a summary of what we found:
1. Perceptions of privacy online are significantly conditioned by factors—perceived or real—in the offline environment, particularly factors such as the attitudes of authority figures (including religious leaders), family members, and significant others. Socioeconomic, political, and cultural influences will often lead people to create distinct online “identities” to protect their offline reputation.
2. The existence of mis/disinformation is widely known, yet people’s perceptions of what is often dubbed “fake news”—and of how much risk it presents to them personally—vary by geography and depend on how well they understand how digital platforms operate.
3. Tactics to protect privacy and security online differ depending on whether users own their smartphone or share it, whether they are male or female, and their digital literacy. Users might invent codenames for contacts of the opposite sex, for example, or change mobile application settings, or limit the types of information they share on digital platforms.
4. Offline gender gaps and dynamics influence perceptions of security and privacy online, affecting what digital services women can use and how they use them compared to men. All participants voiced concerns about the offline consequences of online behavior, but those perceptions most acutely limit what women do online, which risks exacerbating the online gender gap and leaving female internet users even further behind.
Photo credit: Adobe Stock.
Based on these findings and the existing literature, we offer the following recommendations to stakeholders:
1. The digital development community should adopt a 10th Principal for Digital Development focusing on advancing digital and media literacy for the user.
2. The community should drive coordinated, cross-sector action to develop and adopt universal (but “localizable”) digital and media literacy curricula in an open-source, dynamic fashion.
3. Technology companies, especially global platform providers such as Facebook and Google, should guard against assuming Western norms apply universally by increasing investment in localized design research and robust user testing when developing privacy solutions for global audiences and marginalized groups.
4. The international development community should fund additional research to better understand privacy and security from a user’s perspective, taking particular account of women’s views, and exploring diverse geographic, socioeconomic, and demographic settings.
5. Regulatory bodies should engage a diverse group of stakeholders from across the public and private sectors, academia, and civil society to develop fair, innovation-friendly, yet protection-focused privacy and security policies that strengthens an open, interoperable, inclusive, and secure internet.
To fully realize the potential benefits of internet access, we must match our investments in digital infrastructure, digital tools, and digital services with a commensurate investment in building digital trust.
This complementary approach is likely to yield a more authentic form of digital inclusion, in which internet users are informed, empowered participants in the digital world, able to make their own educated assessment of how to engage with and what to trust online.
This research was envisioned as a means to kickstart the conversation around how to build digital user trust. Our launch events involved some rich discussions from esteemed speakers from the U.S. Agency for International Development, U.K. Foreign, Commonwealth & Development Office, the Alliance for Affordable Internet, GSM Association, BBC Media Action, and The Ghana Chamber of Communications—Recordings coming soon! Download our full report and help us continue the conversation on social media using the #DigitalDAI hashtag.