In This Section

• Survey and Polling Data
• White Papers
• Multimedia

Digital Confidence Survey

Spring 2006 Poll Shows Americans Want Congress to Do More to Protect Them Online
Score of "57" Shows Consumers Uneasy with Network Security

57

A DCI score of 57 (out of a 100) shows that neither government nor industry has made any headway in putting consumers at ease about network security.

In May of 2005, CSIA first conducted a survey that tested public attitudes regarding information systems such as the Internet. While the survey revealed a high level of anxiety on issues like consumer privacy and identity theft, the turbulence was still too small and too far out to sea to predict an imminent effect on the American political landscape.

However, CSIA’s recently completed national survey reveals that the waves of network insecurity detected a year ago are not only having an already profound economic impact, but are also giving politicians reason to act. For example, the still prevalent but previously vague fear of identity theft has become the top consumer complaint filed at the Federal Trade Commission. In responding to their constituent concerns – only 18 percent of whom think that existing laws are enough to protect consumer privacy – the federal and state legislatures are rushing to consider data breach bills.

Battle lines are being drawn, with companies fearful of burdensome regulation on one side and consumer advocates on the other. The survey demonstrates that when voters recognize that legislation is being considered that helps safeguard their personal information, their voting decisions may well be impacted by their representative’s vote on the issue in Congress.

In 2006, government’s response to network insecurity will not only drive the willingness of consumers to spend billions of dollars on-line, but it may also become an issue that candidates will debate in November’s election.

Digital Insecurity

By every measure, Americans are not experiencing a gain in confidence when it comes to the computers and other machines that bind them. In November of 2005, CSIA first used the Digital Confidence Index. The DCI is a measure of the public’s perception of the effectiveness and safety of 6 major networks, like the Internet and the power grid, on a scale from 10 to 100.

With a DCI score of 58 in November, Americans were conveying their unease with the networks. However, all that has happened in the 6 months since is that their unease has grown marginally, as evinced by an April 2006 DCI score of 57.

Previous surveys revealed that Americans did not believe that government was doing enough to protect our information systems and networks; the current survey shows that the public believes that private industry does even less. While almost two thirds of Americans (66 percent) needs to make protecting our information systems and networks a higher priority (up 1 point from November), fully 72 percent believe that business needs to be doing more.

In May of 2005, CSIA discovered that voters were nearly unanimous in their fear of identity theft, with 97 percent ranking the issue a serious problem.

The call to action could have not been any more clear, with only 17 percent of voters expressing a belief that existing laws were enough to protect consumer privacy over the Internet.

The plea for help transcended the usual divisions in American politics: 79 percent of Democrats thought that new laws needed to be written, as did 64 percent of Republicans. Yet the call has gone largely unheeded.

Today, 95 percent of voters consider identity theft a serious problem (down 2 points in a year). Less than 1 out of every 5 4 voters (19 percent) believe today that existing laws are enough to protect their privacy.

Economic Consequences

Especially around the holiday season, the big story in the press is the amount of money getting spent in on-line retail. The current survey reinforces the point that the much bigger story is the amount of money that is not getting spent. As stories of identity theft become more common, Internet users are becoming less rather than more confident about making purchases on-line.

Today, a majority (50 percent) of Internet users avoid making purchases on the Internet because they are afraid their financial information may get stolen, an increase of 2 percent from November. Almost half (49 percent) of Internet users who are worried about their financial information getting stolen say they do not make purchases on the Internet. Meanwhile, 91 percent of Internet users who are confident make purchases. These Internet users report spending an average of 116 dollars a month on-line.

While extrapolating from a survey by definition cannot give precise figures, it does provide a sense of the scale of the problem.

The adult population of the United States is approximately 200 million people. According to the survey, 79 percent – or 158 5 million adults – use the Internet.

Forty-four percent of Internet users – 70 million people – are confident that their financial information is safe when they make purchases on the Internet.

At $116 per month each, they report making over 8 billion dollars in purchases each month.

However, 50 percent are worried about their financial information being safe and just under half of them (24 percent) don’t make on-line purchases as a result. If these 38 million people were given reason to believe that their financial information was safe and made purchases at the same rate as the other Internet users who currently have that belief, 3.8 billion dollars would be injected into the American economy per month.

Another finding from the survey is that it is not only on-line shopping that is suffering as a result of government and industry inaction, but on-line banking as well. Barely a third of American adults believe that banking on-line is as safe as banking in person. Sixty-four percent believe that banking on-line is putting one’s financial information at risk.

The Rise of a Political Issue

In 2004, California – always at the regulatory vanguard – passed a data breach law. In 2005, the law got national attention when ChoicePoint was compelled by the California law to disclose that the personal financial records in the company’s database had been compromised, resulting in hundreds of cases of identity theft. Since ChoicePoint, the media has been filled with reports of more examples of data breach, resulting in the finding that half of American adults have heard such news stories. However, these facts on their own do not explain the potential that data security has to become the first network security issue of political consequence.

The key circumstance arises from the fact that strong interests are lining up on both sides of the issue – corporations afraid of burdensome disclosure requirements on one side and consumer activists on the other. The survey shows that the electorate is ready to take sides as well. Americans choose California-strength disclosure even when presented with the caveats that they will be bombarded with worthless notices and that prices will rise as companies pass along the cost of compliance. Seventy-one percent of respondents agree that Congress should pass a law like California’s compared to only 21 percent who think that California’s is too strict.

While Democrats are the most likely to support stronger data security (78 percent), 68 percent of Republicans favor a law like California’s while only 25 percent think it’s too strict. Voters who support stronger data security are prepared to hold candidates accountable.

Among those likely to vote in the 2006 elections, 46 percent say that a candidate’s opposition to a law like California’s would give them serious doubts.

While this does not rise to the level of the silver bullet a challenger would use to take out an incumbent, it is nonetheless a number that suggests that the issue will get more than a passing mention on the campaign trail. If a Member of Congress votes against a strong data security bill this session, the survey suggests that the Member’s opponents will bring up the issue in the fall campaign.

Holding Business and Government Accountable

Three surveys over the course of a year has shown that the public’s concern regarding cybersecurity issues is not only enduring but consequential. An issue like data security is showing potential for elevating the salience of protecting America’s information systems in a way that issues like spam never could. Not only is identity theft perceived by the public as more serious problem, but there are legitimate interests opposed to legislation like California’s. The most recent survey clearly shows that voters will care very much how government responds to the challenge of protecting sensitive personal information.

A Digital Confidence Index score of 57 (out of a 100) shows that neither government nor industry has made any headway in the past 6 months when it comes to putting consumers at ease when it comes to network security. For industry, the consequence has been billions of dollars lost in on-line revenue even as the growth in on-line sales has grown. For government, the open question is how will voters respond if decisive action is not taken on the data security legislation coursing through Congress.

See the full analysis.

Survey Methodology

From April 20 to April 27, 2006, Pineda Consulting conducted a national telephone survey of drawn from a random digit sample of telephone numbers selected from telephone exchanges in the United States. Of the 1,150 respondents who completed the survey, 926 are likely voters and 906 are Internet users. The total margin of error for the survey is plus or minus 2.89 percent. The margin of error for the various demographic subgroups is higher.

Calculating the Digital Confidence Index Score

The answers of each respondent on the battery of 6 network effectiveness questions and the battery of 6 network safety questions were added together. Both batteries employed a scale between 1 and 10, so the value of the respondent’s answer was added to the total. If the respondent did not know enough to assess or refused to answer, 5.5 (the midpoint between 1 and 10) was added to the total. Once each question from the two batteries was considered, each respondent had a total between 10 and 120. The total was then divided by 12, giving each respondent’s average response to the two batteries (a number between 1 and 10). Finally, the average was multiplied by 10, removing the decimal point and resulting in a number between 10 and 100 — the Digital Confidence Index Score.

About Pineda Consulting

Pineda Consulting is a strategic research and communications firm located in Pasadena, California. The firm’s principal is André Pineda, the former Deputy Commissioner of Corporations for the State of California. Pineda’s polling experience includes Peter D. Hart Research Associates, where he worked on the NBC/Wall Street Journal Poll, and Greenberg Research, conducting polls for Fortune 500 clients like BP. Pineda’s current clients include the California Chamber of Commerce and SmartPower, a nationwide clean energy marketing campaign. More information about Pineda Consulting can be found at www.pinedaconsulting.com.