When it comes to Americans’ feelings about offshoring personal data, much depends on the type ofinformation and where it’s being sent, according to a recent surveyby the Ponemon Institute.
“Anecdotally, people seem to have pretty mixed feelings. Youtalk to one person and they say they hate the idea of sending theirpersonal information offshore; another person will say it doesn’tmake a difference to them at all,” says Larry Ponemon, whoconducted the survey of more than 1,200 Americans. “This researchis empirical validation that the public has mixed feelings.”
When asked about an American company sending basic information such as name, address orphone number to another country, only 42 percent of the survey’srespondents were opposed to the idea. But as the nature of the datagoing offshore became more sensitive, so did respondents: 64percent did not want employee records offshored; 69 percent wereopposed to credit card information leaving our shores; 74 percentwere against sending banking data abroad; and a whopping 83 percentdidn’t want their health records leaving the country.
Where the information is going is as important as what it is. Canada, Ireland, India and Wales received thehighest overall trust rankings out of a total of 47 countries.
“I was surprised about India. I expected people to say it’s adeveloping economy and could be dangerous, especially with somepublicized incidents of data exposure and theft there,” saysPonemon. “Yet, we found degrees of touchiness. As the type ofpersonal information grows more intimate, the percentage of peoplewho want to keep it at home rises that most people felt prettycomfortable with information being sent there. They have a trackrecord; they’re an English-speaking culture that, for the mostpart, seems dedicated to good security.”
At the bottom of the trust index were the Philippines, Mexico,Haiti and Russia. Political unrest both in the Philippines (a largecall centre location) and Haiti may have tarnished the image ofthose countries, says Ponemon. Russia’s well-known high piracyrates and the recent publicity surrounding Mexico’s border securitymay have triggered negative feelings about data traveling to thosenations, Ponemon posits.
The bottom line for CIOs? Factor the cost of public concern intoyour ROI when making a business case for offshoring. Although only9 percent of respondents would pay more to ensure that theirpersonal information was not sent offshore, the impact of an actualsecurity breach could be costly.
“If you have a privacy meltdown, and, oh, by the way, ithappened in the Philippines, watch out. It can be a pretty largecost,” says Ponemon. “You’ll need to do a lot more explaining upfront if you choose to send data to a country that people deemdangerous. Factor trust into the equation.”