European Commission - Press release
Data Protection: Europeans share data online, but privacy concerns remain – new survey
Brussels, 16 June 2011 – Three out of four Europeans accept that revealing personal data is part of everyday life, but they are also worried about how companies – including search engines and social networks – use their information. These are the main conclusions of a new Eurobarometer survey on attitudes towards data protection and electronic identity, released by the European Commission today. The report reveals that 62% of people in the European Union give the minimum required information so as to protect their identity, while 75% want to be able to delete personal information online whenever they want to – the so-called right to be forgotten. There is also strong support for EU action: 90% want to have the same data protection rights across Europe.
“Most people are used to giving out personal data to shop online or use social networking sites. But they're equally worried about how this data will be used, and don't always feel in control," said Vice-President Viviane Reding, the EU Justice Commissioner. “That’s why when I modernise the data protection rules, I want to explicitly clarify that people shall have the right – and not only the ‘possibility’ – to withdraw their consent to data processing."
Neelie Kroes, Vice-President of the European Commission responsible for the Digital Agenda said: "Many people are reluctant to shop online because they are worried about privacy. This is holding back the development of Europe's Digital Single Market, and hampering our economic recovery. They also have some very real concerns about ensuring the security of their identity online which I will be addressing shortly with a proposal for legislation."
The survey results come as the Commission prepares to reform EU data protection rules (see IP/10/1462) and SPEECH/11/183). The aim is to protect individuals' data in all policy areas, including law enforcement, while reducing red tape on business and guaranteeing the free circulation of data within the EU. The Commission plans to come forward with specific proposals before the end of the year.
The survey shows that 60% of Europeans who use the internet (40% of all EU citizens) shop or sell things online and use social networking sites. People disclose personal data, including biographical information (almost 90%), social information (almost 50%) and sensitive information (almost 10%) on these sites. 70% said they were concerned about how companies use this data and they think that they have only partial, if any, control of their own data. 74% want to give their specific consent before their data is collected and processed on the Internet.
The key principle of EU data protection rules is that users have to give consent before their data is used. This information cannot then be passed on without the user’s approval and companies cannot use it for purposes other than what was agreed.
People's most frequent concerns are about fraud when shopping online (mentioned by 55%), information being used without their knowledge on social networking sites (44%), and data being shared by companies without their agreement (43%).
When it comes to protecting personal information, people have greater trust in public authorities – such as hospitals (78%), governments (70%) and EU institutions (55%) – than in private companies such as shops (39%), Internet providers (32%) and online services (22%).
42% are using existing tools and strategies to limit unwanted emails and 23% are changing the security settings of their browser. This implies that people are unlikely to take proper care of their personal identity data online when simple tools are not available or are difficult to use.
58% of Internet users read privacy statements online, but not all of these understand them. Overall, 62% of users either do not understand, do not read, cannot find, or ignore such privacy statements. When users do read them, they are more cautious with their information. One of the key goals of the data protection reform is to strengthen rules so that service providers increase transparency about how a service operates (what data is collected and further processed, for what purposes, where and how it is stored) and ensure appropriate security measures.
Finally, the survey reveals marked differences in attitudes towards sharing personal information between younger generations – who are more relaxed about disclosing data, and older ones – who are more likely to have privacy concerns.
On 4 November 2010, the Commission set out a strategy to strengthen EU data protection rules (IP/10/1462 and MEMO/10/542). The strategy aims to protect individuals' data in all policy areas, including law enforcement, while reducing red tape for business and guaranteeing the free circulation of data within the EU. This policy review will be used by the Commission with the results of a public consultation to revise the EU’s 1995 Data Protection Directive (95/46/EC).
EU data protection rules aim to protect the fundamental rights and freedoms of natural persons, and in particular the right to data protection, as well as the free flow of data. This general Data Protection Directive has been complemented by other legal instruments, such as the e-Privacy Directive for the communications sector. There are also specific rules for the protection of personal data in police and judicial cooperation in criminal matters (Framework Decision 2008/977/JHA).
The right to the protection of personal data is explicitly recognised by Article 8 of the EU's Charter of Fundamental Rights and by the Lisbon Treaty. The Treaty provides a legal basis for rules on data protection for all activities within the scope of EU law under Article 16 (Treaty on the Functioning of the European Union).
The Commission’s Justice, Information Society and Media departments, and its Joint Research Centre, asked for the Eurobarometer survey on data protection and electronic identity in the European Union, and the Communication department co-ordinated the work.
For more information
The Eurobarometer survey on data protection and electronic identity in the European Union:
Justice Directorate General Newsroom:
Homepage of Vice-President Viviane Reding, EU Justice Commissioner:
Digital Agenda website:
Homepage of Vice-President Neelie Kroes, Commissioner responsible for the Digital Agenda:
Follow Neelie Kroes on Twitter:
Matthew Newman (+32 2 296 24 06)
Mina Andreeva (+32 2 299 13 82)