TRUSTe/NCSA Consumer Privacy Index Reveals Rising Consumer Concerns and a Significant Awareness Deficit; Businesses Pay as Privacy Concerns Discourage Consumers

San Francisco – January 28, 2016 – The TRUSTe/National Cyber Security Alliance U.S. Consumer Privacy Index reveals the extent of current consumer privacy concerns with noticeably more Americans concerned about not knowing how the personal information collected about them online is used than losing their principle source of income. Released to coincide with the ninth Data Privacy Day on January 28 2016, the study found that online privacy concerns topped the loss of personal income by 11 percentage points, even as only 3 in 10 (31%) Americans understand how companies share their personal information. Likewise, the business impact of consumers’ privacy concerns remains high with 89 percent avoiding companies they don’t believe protect their privacy and 74 percent of those who worry about their privacy online limiting their online activity in the last 12 months due to their concerns.

Michael Kaiser, Executive Director National Cyber-Security Alliance commented,

“Consumers are increasingly aware, interested and concerned about their privacy and they’re acting on it. However, if Internet users knew more, they would do more. The research points to an awareness-action shortfall that belies a growing confidence in Americans’ personal ability to protect their online data.

“As the vast amounts of data being collected, exchanged and stored online increases, NCSA urges all digital citizens to own their online presence and manage their privacy. We encourage consumers to use available tools and take actionable steps to manage their privacy such as limiting access on social media, keeping all apps, software and devices updated and understanding that their personal information – just like money – has great value and thus, should be protected.”

Just 56 percent of Americans trust businesses with their personal information online, exposing a remarkably lacking level of trust. To close this gap, it appears consumers are demanding more transparency in exchange for trust and want to be able to control how data is collected, used and shared with simpler tools to help them manage their privacy online. 46 percent don’t feel they have control of any personal information they may have provided online, 32 percent think protecting personal information online is too complex and 38 percent of those who worry about their privacy online say companies providing clear procedures for removing personal information would increase trust.

Chris Babel, CEO TRUSTe added

“Consumer privacy concern is real and rising and businesses need to act now to rebuild trust with their customers before it hurts the bottom line through lost clicks, downloads and sales. With 3 out of 4 Americans who worry about their privacy modifying their online activity last year due to privacy concerns this research shows privacy is not just good practice it is simply good business.”

Interestingly given the recent introduction of the so-called ‘Right to be Forgotten’ for Europeans in the EU General Data Protection Regulation, 60 percent of their American counterparts think they also have the right to be forgotten. With the recent terrorist attacks in Paris the month before this survey was conducted, there has been a fall in the numbers who think online privacy is more important than national security (38 percent) down seven percentage points from last year’s study. 37 percent think losing online privacy is a part of being more connected

The TRUSTe/National Cyber Security Alliance U.S. Consumer Privacy Index 2016 is based on data from on online survey conducted by Ipsos with 1,000 US Internet users aged 18-75 from December 17-22 2015. The research was commissioned by TRUSTe and the NCSA, building on tracking studies conducted over the past six years by both organizations. Comparable research was also conducted in Great Britain.

Detailed findings from the 2016 TRUSTe/NCSA U.S. Consumer Privacy Index:

Overall, the research found that consumer online privacy concerns remain extremely high with 92 percent of American Internet users worrying to some extent about their privacy online – the same percentage as a year ago. 44 percent said they were frequently or always concerned and 45 percent agreed they were more concerned than one year ago.

68 percent were concerned about not knowing how personal information collected about them online is used compared with 57 percent concerned with losing their principle source of income. In comparison, the level of concern about privacy also outranked other major consumer concerns tested:

  • 44 percent for being a victim of crime in their community
  • 55 percent for not being able to access of afford healthcare they need
  • 51 percent about climate change

When those aware of activities related to online privacy were asked what had made them most concerned about their online privacy, 37 percent said companies sharing their personal information with other companies.

75 percent of American Internet users believe that they protect their privacy online very or fairly well and yet their awareness and actions tell a different story.

Of those aware of any activities that can be done to protect privacy online, a notably lower proportion in each case had actually done any of these activities in the last year.

  • 60 percent were aware that they could delete cookies, cache or browsing history to help protect their privacy online; yet just 53 percent did
  • 43 percent were aware that they could turn off smartphone location tracking; yet only 29 percent did
  • 43 percent were aware they could change the settings on their social media accounts; yet only 24 percent did
  • 33 percent were aware they could read privacy policies; yet just 16 percent did

Despite this ‘privacy awareness deficit’ the business impact of consumer concerns remains high. 74 percent of American Internet users who worry about their privacy online have limited their online activity in the last year due to privacy concerns. Specifically in the last 12 months:

  • 51 percent have not clicked on an online ad
  • 44 percent withheld personal info when asked for it
  • 32 percent have not downloaded an app/product
  • 28 percent stopped an online transaction

Among all online adults, 36 percent have stopped using a website and 29 percent have stopped using an app in the last twelve months because they did not trust them to handle personal information securely. 47 percent of adults who have stopped using either a website or app said that this was because they were asked to provide too much information. Interestingly 19 percent said they continued to use a website they didn’t trust to handle their personal information responsibly, with 31 percent of those who reported doing this saying it was because it was the only website that sold a particular product or service.

Trust remains a significant issue with 56 percent of American Internet users trusting most businesses with their personal information online. Healthcare providers (74 percent) and financial organizations (72 percent) were most trusted to handle personal information responsibly. Social Networks (35 percent) and advertisers (25 percent) were the least trusted.

There is more that businesses can do to lower consumer concern and improve trust. Among those who worry about their privacy online, the two top ways to lower privacy concerns were companies being more transparent about how they are collecting and using data (35 percent) and having more easy to use tools available to protect personal information (35 percent).

Importantly, American Internet users want control when providing personal information online.

  • 45 percent said they wanted control over who has access to their personal information
  • 42 percent wanted to know how this is used
  • 41 percent wanted to know about the type of info collected.
  • 23 percent want to be able to delete personal info collected about them

About NCSA’s STOP. THINK. CONNECT. Privacy Awareness Campaign
The National Cyber Security Alliance’s (NCSA) privacy awareness campaign is an integral component of STOP. THINK. CONNECT. ‒ the global online safety, security and privacy campaign. Data Privacy Day is the signature event for the campaign and is officially organized by NCSA in North America. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Cisco, ESET and TRUSTe are Leading Sponsors of the 2016 privacy awareness campaign. Intel is a Contributing Sponsor. Lockheed Martin and Passcode are Participating Sponsors. Supporting Sponsors include CPDP2016, ExpressVPN, ForgeRock, Mozilla, Privacy Ref, Privacy Salon, PRIVATIZE ME and PRIVATE WiFi. The hashtag for NCSA’s privacy campaign efforts is #PrivacyAware.

About TRUSTe

TRUSTe powers privacy compliance and trust by enabling businesses to use data across their customer, employee and vendor channels. We have nearly 20 years’ experience and a team of over 150 professionals dedicated to providing data privacy management solutions and services, including assessments, certifications and our SaaS-based Platform. The Data Privacy Management Platform provides control over all phases of privacy; from conducting assessments and implementing compliance controls to managing ongoing monitoring. Companies worldwide rely on TRUSTe to minimize compliance risk and protect their brand. For further information see

About The National Cyber Security Alliance

The National Cyber Security Alliance (NCSA) is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with the U.S. Department of Homeland Security (DHS) and NCSA’s Board of Directors, which include representatives from ADP; AT&T; Bank of America; BlackBerry; Cisco; Comcast Corporation; ESET; Facebook; Google; Intel; Logical Operations; Microsoft; PayPal; PKWARE; RSA, the Security Division of EMC; Raytheon; Symantec; Verizon; and Visa. NCSA’ s core efforts include National Cyber Security Awareness Month (October), Data Privacy Day (January 28), and STOP. THINK. CONNECT., the global online safety awareness and education campaign led by NCSA and the Anti Phishing Working Group, with federal government leadership from DHS. For more information on NCSA, please visit

Research Methodology

The TRUSTe/National Cyber Security Alliance U.S. Consumer Privacy Index research was conducted by Ipsos using an online survey among a representative quota sample of 1,000 adults aged 18-75 in the US from December 17-22, 2015. Among these, 864were aware of activities related to data privacy, 847 were aware of activities that could be done to protect online privacy, while 960 said they ever worry about their privacy online. 418 said they have stopped using a website or app in the last 12 months because they did not trust it to handle their personal information securely, while 185 report they have used a website even if they did not trust the company or service to handle their personal information responsibly. Survey data were weighted by age, gender, region and working status to known offline population proportions.

Comparison data for the US for the previous four years is available from research conducted online by Ipsos between November 28 and December 5 2014. Harris Interactive on behalf of TRUSTe from December 11-13, 2013 among 2,019 U.S. adults age 18 and older, from January 7-9, 2013 among 2,166 U.S. adults age 18 and older and from January 17-21, 2012 among 2,415 U.S. adults age 18 and older. These surveys can be accessed here and form part of TRUSTe’s ongoing consumer privacy research program.

NCSA Media Contact
Tola St. Matthew-Daniel Thatcher+Co.

For media inquiries, please contact: