What does the public think about data governance and their own privacy? What is the public aware of and not aware of regarding data privacy issues? And what is the difference in perceptions across cultures? We will answer all these questions below using a combination of scholarly and journalistic sources and include some resources on privacy literacy.

Surveys conducted in the US, the UK and France reveal that a majority of people care little about government mass surveillance and personal data collection schemes. Rather than voicing concerns about online privacy, the public often cites security as the primary reason for approving or even wishing to strengthen government surveillance.

A survey carried out in 2013 by the British polling agency YouGov indicated that 43% of people in the UK regarde the Snowden revelations to be “a bad thing” while only 35% thought of them as “a good thing”.

Another survey conducted in France by the CSA agency states that 63 percent of French people support limitations to their individual liberty in the form of government surveillance of the data of internet users (Cann, 2015).

In the US surveys have shown similar findings. A study from the Washington Post and the Pew Research Center demonstrated that while 51 percent of Americans felt that warrantless wiretapping was acceptable in 2006, 56 percent Americans found the NSA spying program acceptable in 2013, following the Snowden revelations. The study also showed that if 45 percent of Americans agreed in 2002 that the government should have access to everyone’s email, 45 percent of people still agreed in 2013, in the post-Snowden era.

That being said, more recent Pew surveys suggest that attitudes appear to be changing, at least in the US. For instance, a survey conducted in late 2014 stated that a majority of 54 percent of Americans disapproved of NSA surveillance, while 42 percent approved it (Gao, 2015). The same survey also showed that as of 2015, about one in four Americans censor their online behavior due to concerns about NSA surveillance. Americans appear to contradict themselves further in a 2014 Pew survey, which found that “80 percent of adults ‘agree’ or ‘strongly agree’ that Americans should be concerned about the government’s monitoring of phone calls and internet communications” (Madden, 2014).

Despite such changes in attitudes, scholars and commentators have emphasized the public’s lack of concern for data privacy and the largely muted response to the Snowden revelations in 2013. This is corroborated not just by some of the survey data above, but also by other scientific articles and press articles (Stark, 2015; Rieff, 2013; Kelly, 2015; Bouie, 2013; Duportail, 2017).

If the public’s most common attitude to surveillance has been indifference, there have nonetheless been examples of public concerns. For instance, in the Indian context, citizens and businesses alike have been concerned about the abuse of the Aadhaar ID system. New tech businesses have been worried they will have difficulty attracting customers if their products require user data because users are concerned that data may be available to the government (Gurumurthy, 2017). Moreover, Joergensen (2016) found that teenagers in Denmark frequently use self-censorship on social media. The teens do not trust their data is protected, nor are they aware they have certain legal protections. Consequently, they censor themselves in order to feel protected.

The scientific literature has also underlined two other points concerning public attitudes. One relates to privacy policies and the other relates to the difference in sentiment towards governments and companies. Regarding the former, Aïmeur et. al 2016 investigated how, among other things, privacy policies would make users feel more or less secure. Their conclusion on this point was that users feel more safe or in control when a privacy policy is not an either/or question but rather allows users to choose which data they allow to be collected. Regarding the latter, Hare (2016) found that people care more about their privacy when it is collected by governments rather than private companies. This finding would appear to corroborate the public and business concern about the Indian Aadhaar ID system. However, there was also a scandal in Sweden regarding the storage of citizen data on private servers outside the country, in fact, outside the EU (The Guardian, 2017). The scandal suggests that the Swedish public has more trust in their government than in private companies.

As explained above, the majority of people has few concerns about online privacy and data protection. Scholars and pundits have struggled to fathom the lack the widespread apathy following the Snowden revelations in 2013. Such commentators as The Guardian’s John Naughton have been baffled by the complacency of the public with regards to mass surveillance. Attempting to understanding the public’s lack of interest in online privacy, some have stressed the public’s ignorance or lack of understanding concerning such matters. Others have emphasized the public’s sense of powerlessness and resulting resignation.

In one of his “Daily Show” episodes, John Oliver captures the public’s ignorance over mass surveillance by asking passersby their feelings about the government having access to “dick picks”, causing widespread outrage. The show is telling as it demonstrates that the public’s greater understanding of online privacy results in increased concern.

On the other hand, in his book The Digital Person: Technology and Privacy in the Information Age (2004), scholar Daniel J. Solove argues that Americans do in fact understand the implications of mass surveillance but conduct a rational cost-benefit analysis leading them to consider the benefits of widespread digital data collection to outweigh its costs. Since the potential security gains are great, Americans care little if their personal data is analysed by algorithms, Solove contends.

In an academic paper, Lina Dencik and Jonathan Cable (2017) explain the public’s muted response to the 2013 Snowden revelations by feelings of widespread public resignation caused by a ‘lack of transparency, knowledge and control over what happens to personal data online’. The authors speak of such a condition of “surveillance realism” which they define as a “framework for highlighting the complex ways in which citizens are embedded in contemporary forms of surveillance that also limits the possibilities for imagining alternative ways of organizing society”.

Thus, a lack of understanding over the implications of mass surveillance, feelings of resignation and powerlessness as well as a widespread “nothing to hide” attitude coupled with the belief that personal data collection helps combat terrorism and guarantee security help explain the public’s apathy concerning online privacy.

It has been pointed out that cultural attitudes concerning mass surveillance and online privacy differ across countries. A striking example is that of Europe and the US. In the wake of the Snowden affair in 2013, Americans were left largely unconcerned by their online privacy, while Europeans were more shaken by the revelations. The Germans in particular have been the most concerned about cybersecurity. Due to their historical experience with the surveillance carried out by East German secret police, the Stasi, Germans regards individual privacy as highly important. United Germany even implemented a Basic Law that imposes limits and oversight of the actions of the intelligence services. Such differences in attitudes are exposed in Marc Meillassoux’s documentary ‘Nothing to Hide’ (2016) where Germans who have lived through Communist rule are considerably more sensitive to individual privacy issues than their other European counterparts. For that reason, following the Snowden revelations, Germany has distinguished itself by pushing companies such as Facebook and Google to improve their data protection. In short, attitudes to online privacy are culturally embedded (New York Times, 2013). Another culturally defined difference is, for example, Russian users’ reception of the Snowden revelations (as described in Ermoshina, Musiani, 2017): having a long experience of state surveillance during the USSR period, Russian users have expressed a few surprises in reaction to the Snowden revelations. Analysis of forums has shown that Russian users were “ready” for this and “have always known this was happening”.

A number of scholars and journalists have made the claim that people are apathetic about data privacy and protection because due to a lack of awareness (see various examples under the heading of Public Perception). As noted before there is a physical and emotional disconnect between oneself and their data. Thus, the consequences of its use and protection are often unknown to people. To provide an example, Nancy Kim, a professor of internet studies, elucidated the problem with awareness regarding the recent Equifax breach in the United States: “ There's no blood. It would be one thing if we checked our bank accounts and they were all empty. But next year, I might be affected. Twenty years from now, my kids might be affected”. (Wood and Schwab, 2017).

The problem with awareness, however, is not a lack of awareness about our data being vulnerable. Many people are aware that some governments have the ability to access personal data and many people are aware that their data is collected by Google, Facebook, or Amazon. The lack of awareness is rather about what personal or even societal consequences could occur if personal data is collected en masse by governments and companies. With regards to government data collection, the majority do not care because they think even if their data is collected, they are not personally a concern of the government (Rosen, 2013). This sentiment has frequently been called the “nothing to hide” argument (Solove, 2011). Most of the scholars and commentators writing on issues of privacy believe this argument to be erroneous (see, for example, Meillassoux, 2016; Solove, 2011).

In the British context, Ian Clark (2016) calls for the implementation of campaigns to bridge what he calls the “Digital Divide” between ‘those who can exploit the Internet to their advantage, and those that cannot’. He claims that as most of the disadvantaged in the UK lack basic online skills, digital inequality is a significant issue concerning online autonomy. Thus, Clark calls for users to default to ‘privacy enhancing search engines’ such as DuckDuckGo and to incorporate the HTTPS protocol on website as well as ad-blockers on browsers in order to protect online privacy and personal autonomy. He also maintains that efforts ought to take to train online users to use such privacy tools as Tor Browser.

For users interested in protecting their privacy, regardless of the reason, there are a number of projects to assist one in doing so (all resources and tools can be found here).

Surveillance Self-Defense Project This project was developed by the Electronic Frontier Foundation, a key civil society actor in data protection and cybersecurity. This guide is commonly cited as one of the most reputable and up to date in terms of countering surveillance. It engages with a variety of tactics to make the subject approachable, such as using videos, detailed guides, vocabulary definitions, questions and “tips to go further.” It also attempts to reach the greatest number of people with designated “playlists” (i.e. for an academic researcher, journalism student, mac user, online security veteran etc.).

Security in-a-box: digital security tools and tactics This project was jointly developed by Front Line Defenders and Tactical Technology Collective, along with other activists and experts. It is also frequently referenced as an essential and reputable guide for cybersecurity. The project has three main components: tactic guides (digital security theory and basics), tool guides (how to install tools to put tactics in place), and community guides (specific tools and tactics for groups who face particular digital threats). Sections are clearly structured and include concrete examples. The project is meant to have a worldwide impact since it is available in many diverse languages: Amharic, Arabic, Bahasa, Burmese, Chinese, English, Farsi, French, Khmer, Macedonian, Portuguese, Russian, Spanish, Thai, Tibetan, Turkish, and Vietnamese.

Cyber-security Self-Defense Class This guide is part of the larger Futurography project, which is a cooperation between Slate Magazine, New America, and Arizona State University. It explores varied subjects such as nanotech, synthetic biology, and cybercrime self-defense. The 13 lessons each explore a particular tactic or strategy to improve personal security and are written in a very accessible way for the general public. Topics include: how to setup a password manager, how to make a smartphone more secure, and the importance of protecting others.

Email Self-Defense This is one of the most specific guides in that it focuses on just one tool in depth. It teaches users how to encrypt their emails in order to avoid surveillance. It is separated in categories by user systems (Linux, Windows, and Mac). There is also an element of increasing awareness since it also tells people how to engage their friends in encryption technology. This project was developed by the Free Software Foundation which promotes computer users' rights, and the development of free (as in freedom) software.

Aïmeur, E., Lawani, O., & Dalkir, K. (2016, May). When changing the look of privacy policies affects user trust: An experimental study. Computers in Human Behavior, 58, 368-379. https://doi.org/10.1016/j.chb.2015.11.014

Ballon, P. (2017, September 1). Why privacy matters in push for smart nations. todayonline.com. Retrieved from http://www.todayonline.com/commentary/why-privacy-matters-push-smart-nations

Bennet, A. (2016, March 2). Actually, British voters don’t mind mass surveillance. Retrieved from http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/12179248/Actually-British-voters-dont-mind-mass-surveillance.html

Bouie, J. (2013, June 11). Why the Public Doesn't Care about Surveillance. The American Prospect. Retrieved from http://prospect.org/article/why-public-doesnt-care-about-surveillance

Cann, Y. (2015, April 13). Loi de renseignement : 63% des Français favorables à une limitation des libertés individuelles pour lutter contre le terrorisme . Atlantico. Retrieved from http://www.atlantico.fr/decryptage/63-francais-favorables-limitation-libertes-individuelles-pour-lutter-contre-terrorisme-yves-marie-cann-2089085.html

Chandler, A. (2015, April 6) What It Takes to Make People Care About NSA Surveillance. The Atlantic. Retrieved from: https://www.theatlantic.com/national/archive/2015/04/naked-selfies-and-the-nsa/389778/

Clark, I. (2016, March) The digital divide in the post-Snowden era. Journal of Radical Librarianship, [S.l.], v. 2. Available at: https://journal.radicallibrarianship.org/index.php/journal/article/view/12

Dencik, L. Cable, J. (2017). Digital Citizenship and Surveillance. The Advent of Surveillance Realism: Public Opinion and Activist Responses to the Snowden Leaks. International Journal of Communication, 763–781.

Duportail, J. (2017, September 26). I asked Tinder for my data. It sent me 800 pages of my deepest, darkest secrets. The Guardian. Retrieved from https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold

Erlanger, S. & Ewing J. (2013, June 14). Differing Views on Privacy Shape Europe’s Response to U.S. Surveillance Program. New York Times. Retrieved from: http://www.nytimes.com/2013/06/15/world/europe/differences-on-privacy-shape-europes-response-to-us-surveillance.html

Gao, G. (2015, May 29). What Americans think about NSA surveillance, national security and privacy. Pew Research Center. Retrieved from http://www.pewresearch.org/fact-tank/2015/05/29/what-americans-think-about-nsa-surveillance-national-security-and-privacy/

Gurumurthy, A. (2017, April 3). Big brother getting bigger? The privacy issues surrounding Aadhaar are worrying. firstpost.com. Retrieved from http://www.firstpost.com/tech/news-analysis/big-brother-getting-bigger-the-privacy-issues-surrounding-aadhaar-are-worrying-3700365.html

Hare, S. (2016, October). For your eyes only: U.S. technology companies, sovereign states, and the battle over data protection. Business Horizons, 59, 549-561. https://doi.org/10.1016/j.bushor.2016.04.002

Hill, K. (2013, June 10). How Americans' Views On Surveillance Have Changed Over The Last Decade (Or Rather Not Changed). Forbes. doi:https://www.forbes.com/sites/kashmirhill/2013/06/10/how-americans-views-on-surveillance-have-changed-over-the-last-decade-or-rather-not-changed/#7c94a25f4f3c

Joergensen, R.F. (2014, October 21). The unbearable lightness of user consent. Internet Policy Review, 3. DOI:10.14763/2014.4.330

Kelly, S. (2015, April 7). Invisible surveillance and indifference: We’re being watched, but does anybody care? The Monthly. Retrieved from https://www.themonthly.com.au/today/sean-kelly/2015/07/2015/1428374986/invisible-surveillance-and-indifference

Madden, M. (2014, November 2014). Public Perceptions of Privacy and Security in the Post-Snowden Era. Pew Research Center. Retrieved from http://www.pewinternet.org/2014/11/12/public-privacy-perceptions/

Meillassoux, M. (Director). (2016, October). Nothing to Hide [Motion picture]. France.

Naughton, J. (2013, October 20). Edward Snowden: public indifference is the real enemy in the NSA affair. The Guardian. Retrieved from https://www.theguardian.com/world/2013/oct/20/public-indifference-nsa-snowden-affair

Rieff, D. (2013, August 22). Why Nobody Cares About the Surveillance State. Foreign Policy. Retrieved from http://foreignpolicy.com/2013/08/22/why-nobody-cares-about-the-surveillance-state/

Rosen, Rebecca, C. (2013, June 11). Why Should We Even Care if the Government is Collecting our Data? The Atlantic. Retrieved from:https://www.theatlantic.com/technology/archive/2013/06/why-should-we-even-care-if-the-government-is-collecting-our-data/276732/

Smith, C. (2016, September 20). The Snowden effect: Three years after Edward Snowden’s mass-surveillance leaks, does the public care how they are watched. Index on Censorship, 45, 48-50. doi:10.1177/0306422016670343

http://whqr.org/post/we-might-not-see-effects-equifax-breach-years#stream/0

Solove, D.J. (2011, May 15). Why privacy matters even if you have ‘nothing to hide’. The Chronicle of Higher Education. Retrieved from http://www.chronicle.com/article/Why-Privacy-Matters-Even-if/127461/

Stark, L. (2015, December 2015). The emotional context of information privacy. The Information Society, 32, 14-27. http://dx.doi.org/10.1080/01972243.2015.1107167

Wood, M. and Schwab, K. (2017, September 20). We might not see the effects of the Equifax breach for years. whqr.org. Retrieved from http://whqr.org/post/we-might-not-see-effects-equifax-breach-years#stream/0