People believe that privacy violations should be punished — and quite stringently. There are interesting survey results in a new report by Chris Hoofnagle, Jennifer King, Su Li, and Joseph Turow, How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?
The report focuses primarily on comparing the attitudes of the young with older people and concluding that there isn’t much of a divergence. I blogged about it here.
There is other data in the report worth talking about that I fear will be lost in the headlines about how the young are similar to the old. And this data is quite interesting:
“If a company purchases or uses someone’s personal information illegally, about how much—if anything—do you think that company should be fined?”
The vast majority of people of all ages (69%) said the fine should be greater than $2500. They were given choices of $100, $500, $1000, $2500, and more than $2500.
“Beyond a fine, companies that use a person’s information illegally might be punished in other ways. Which ONE of the following ways to punish companies do you think is most important?”
“The company should be put out of business.” — 18%
“The company should fund efforts to help people protect privacy.” — 38%
“Executives who are responsible should face jail time.” — 35%
“The company should not be punished in any of those ways.” — 3%
“It depends.” — 2%
“Don’t know/refused.” — 4%
Originally Posted at Concurring Opinions
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.