As the UK economy adjusts to the impact of COVID-19, it has never been more important for organisations to understand what their customers want and expect.
Data protection is an important part of that picture. The past six months has seen a sharp acceleration in the use of digital services, which often rely on people trusting that their personal information will be handled fairly, lawfully and transparently.
As a regulator, we play an important role in enabling innovation and enforcing the law. That work includes helping organisations to understand what is expected of them.
That work is informed by our annual track, a survey of over 2,000 people that the ICO commissions each year.
The research is important. It helps us to understand what people think about data protection and freedom of information, as well as giving us a greater understanding of how people look to utilise their rights.
By understanding public attitudes, we are also better placed to appreciate the challenges organisations are facing. For instance, we can see trust and confidence is up for the NHS and local GPs, financial services and telecoms, broadband and utility providers.
As is so often the way, the data can be interpreted in different ways. There looks to be a good awareness of rights, such as being informed about the use of your personal information, though awareness of rights to influence that data use appears to lag behind a little.
Public trust remains fairly consistent – the proportion of people with high trust has dropped a little, but the proportion of people with low trust has reduced too.
It was interesting to see a growing belief that laws and regulations sufficiently protect personal information. This is matched with a good number of people wanting to exercise their freedom of information rights, though with work to be done to show people how to do this in practice.
Within the ICO, these results will inform our priorities, and in particular how we engage with the public and with organisations. The results are published on our website, as I know many organisations will use the data to inform their own approaches.
What is clear is that we must keep promoting the value of data protection. It is perhaps no surprise that people who have had a negative experience around their data being lost or stolen had less trust and confidence in organisations using their data more broadly: a small number of poorly performing organisations can have a wide impact on trust. By building data protection and privacy into products and services, organisations can guard against this, encouraging customer confidence and participation, and supporting the benefits of digital innovation more broadly.