The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Tuesday, April 25, 2006
Unisys and the Ponemon Institute have undertaken what it describes as a global survey of privacy preferences, particularly focusing on credentialing and identity management. The results suggest, not too surprisingly, that consumers are prepared to trade privacy for convenience. Here's the press-release:
Unisys Majority of Consumers Worldwide Would Relinquish Some Privacy for Convenience, Says Unisys Global ID Management Study Majority of Consumers Worldwide Would Relinquish Some Privacy for Convenience, Says Unisys Global ID Management Study Research to support Unisys call for standardized identity authentication practices and new definition of security at 15th World Congress on IT
BLUE BELL, Pa., April 25, 2006 – While privacy remains a major concern of people around the world, new research from Unisys Corporation (NYSE: UIS) debunks some of the traditional myths concerning protection and use of identity credentials. The results show that a majority of consumers would share personal data if they knew the end user will securely protect their information and they can perceive a clear benefit in convenience gained.
In the first global survey of its kind, the Unisys research also found that most consumers (71 percent) worldwide are willing to have a multi-purpose identity credential that many organizations would accept to verify a person’s identity before providing access to secure records or locations. The most important functions cited for a multi-purpose credential are to prove identity for access to transportation channels (such as airplanes, trains and buses), enter public locations (stadiums, airports and others), cross borders (customs), and access Internet accounts.
“Of course people demand and deserve their privacy,” said Mark Cohn, vice president of homeland security solutions, Unisys Corporation,” but when there are visible benefits of sharing information, most people will give up some privacy for convenience. It’s clear there can be voluntary adoption with ID authentication between parties who trust each other.”
The research also pointed to preferable methods of technology for identity verification, revealing that more than two-thirds (67 percent) of consumers worldwide would support using biometrics such as voice recognition or fingerprints. When comparing biometrics to other security devices such as smart cards and tokens, 66 percent also favored biometrics as the ideal method to combat fraud and identity theft. This finding shows a slight increase from previous research that Unisys conducted in September 2005, which found 61 percent of consumers worldwide favored biometrics as the preferred method to fight fraud and identity theft.
Additional identity management findings from the current study include:
- Banking institutions are the most trusted by consumers to issue and manage a multi-purpose identity credential (cited by 46 percent of respondents), followed by a government agency established to issue identity cards (45 percent). In contrast, law enforcement (police) are the least trusted (40 percent) to issue identity credentials, followed by a private company established to issue identity cards (38 percent).
- More than 68 percent of individuals believe it is important that the credential can operate across international borders.
- North American and Asia-Pacific consumers are willing to share more personal data than Europeans and Latin Americans.
- People in North America, Europe and Asia-Pacific are more willing to share sensitive personal information with a government organization rather than a business. In contrast, respondents in Latin America are more willing to share personal data with a business rather than government.
The Ponemon Institute, a leading independent firm that specializes in privacy and security research, conducted the survey on behalf of Unisys.
“I’ve studied identity management and privacy issues for more than 20 years and this is the first time anyone has looked at consumer preferences so broadly from a global perspective,” Dr. Larry Ponemon, chairman of the Ponemon Institute and a noted security expert, said. “I’m surprised by these findings, which imply that consumer education on privacy perhaps has made a positive impact. While clearly a concern, privacy might not be as big of a roadblock to identity authentication as some pundits claim.”
The current research is part of a broader analysis of identity authentication that Unisys will spearhead at the upcoming 15th World Congress on Information Technology (WCIT 2006). Unisys also will present policy proposals to WCIT delegates on the need for standards around procedures and practices in global identity authentication. The Congress is expected to draw 2,000 business, government and academic leaders from 80 countries. WCIT’s goal is to explore pertinent issues in security and privacy, digital access and healthcare, and to make specific, actionable policy recommendations to the global IT community. A biennial global event, the 15th Congress will take place in Austin, Texas, May 1-5, 2006.
Unisys President and CEO Joseph W. McGrath will keynote at WCIT 2006, as well as participate in a dialogue of government and private sector leaders who will discuss how to redefine security to address rapidly changing security and privacy requirements of individuals, businesses and governments worldwide – including the need for international uniform standards for identity authentication.
About the research and the Ponemon Institute
The research consisted primarily of a Web-based survey of randomly chosen consumers in 14 countries: Australia, Argentina, Brazil, Denmark, Canada, France, Germany, Japan, Korea, Mexico, Taiwan, Thailand, the United Kingdom and United States. The Ponemon Institute sent invitations to 16,683 adult-aged individuals throughout the world, via e-mail or letter, from which it received 1,661 usable responses, resulting in an overall 9.96 percent response rate. Of these respondents, 464 are North Americans, 427 are Europeans, 450 reside in Asia-Pacific, and 320 are Latin Americans. The Ponemon Institute also conducted an additional 262 direct interviews (either in-person or via telephone) in four countries to validate the Web-based survey findings.
The Ponemon Institute is a “think tank” dedicated to advancing responsible information practices in businesses and government. To achieve this objective, Ponemon Institute conducts independent research on privacy and information security, educates leaders from the private and public sectors, and verifies the privacy and data protection practices of organizations. The Institute is headquartered in Michigan. For more information, visit www.ponemon.org or contact (800) 887-3118.
Unisys is a worldwide technology services and solutions company. Our consultants apply Unisys expertise in consulting, systems integration, outsourcing, infrastructure, and server technology to help our clients achieve secure business operations. We build more secure organizations by creating visibility into clients’ business operations. Leveraging Unisys 3D Visible Enterprise, we make visible the impact of their decisions – ahead of investments, opportunities and risks. For more information, visit www.unisys.com.
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.