nCipher Security Blog

Americans, data, elections, encryption and the matter of trust

Peter Galvin | Chief Strategy Officer More About This Author >

It was a massive tech fail. A systemic disaster. A debacle.

When we hear such words, we tend to assume there’s been yet another cybersecurity breach. This time, however, it was something different. But it didn’t do much to increase the public’s trust in digital technology. In fact, it seemed to do quite the opposite.

A vote of no confidence

The setting was Iowa. The timing was Feb. 3, and then Feb. 4, and then Feb. 5, 6….

The culprit was a smartphone app that didn’t enable caucus chairs to report voting results. The backup hotline system didn’t work well either, requiring long holds and some hang-ups. That prevented the campaigns and media from receiving and reporting those results to the public. At least one candidate apparently viewed this as an opportunity to get free air time. Others were furious. Meanwhile, the delay helped feed conspiracy theories. And the situation created further distrust of political institutions, electronic voting and digital technology in general.

A new control system

We’re just two months into 2020. But at least one other significant event impacting consumer trust in digital technology occurred this year. This one is largely seen as a positive development. I’m referring to the California Consumer Privacy Act. The CCPA took effect Jan. 1 of this year. This newly enacted rule gives California residents greater control over their personal data. Under CCPA, these individuals can request – and expect to receive – the data organizations have on them. California residents can demand organizations delete their data. People who live in California also can forbid organizations from sharing their data with third parties.

A nation divided

Our research indicates such measures may engender consumer trust in technology and organizations using it. We surveyed more than 1,000 Americans as part of our research effort. Forty percent said their trust is higher when they can request their data be deleted. Forty-one percent said a feeling of personal data control equates to a greater sense of trust.

Twenty-eight percent believe they have more control over their data than they did a year ago. We learned that 26% feel they have less control of their data, or none at all. And 46% think they have the same personal data control as a year ago.

As in politics, the nation is divided in this arena.

A lack of trust

More than half of the survey group said they were willing to accept personal data security risk to do online shopping (60%) or banking (55%) or to make digital payments (54%). More than half (54%) said they are not willing to do the same for the convenience of online voting.

A third (33%) said they are less confident about U.S. election security now than they were during the last presidential election year. More than half the country – 59% -- said they are unsure or definitely will not trust the 2020 election results.

The nCipher results also suggests that Americans are pretty evenly divided on whether electronic voting (30%), paper ballots (35%) or a combination of the two (30%) are best. At least that was the breakdown prior to the Iowa caucuses, when paper ballots saved the day.

A Means of Protection

At this time in which government and other organizations clearly need to build trust in how they handle and secure data, it may be useful to revisit advice from our former leaders. President Theodore Roosevelt famously said: “Speak softly and carry a big stick.” In today’s digital world, it’s important to secure and safeguard the privacy of personal data. Encryption and key management in this scenario can act as the big stick.

Nearly half (49%) of Americans said they trust that a company is safeguarding their personal data when it uses encryption. About a third said encrypted ballots (31%) and/or encrypted voter registration data (33%) would increase their trust in election security. Strong data security in the form of encryption can build – or rebuild – trust in our governments and democracy, in businesses, and in the technologies that Americans use every day.

A Form of Activism

Americans can play their part in cybersecurity and personal data privacy by practicing good password hygiene. But, as most of us know, that’s not always easy.

Nearly three-fourths (74%) of Americans said it is somewhat, very or just plain frustrating when they have to log in to applications at work multiple times a day. More than three-fourths (78%) said they have had to change their password because they forgot it on at least a few occasions. More than a fourth (28%) said they use the same passwords for work and personal uses.

These types of challenges helped inform Entrust Datacard’s decision to release its Passwordless SSO Authentication solution, which turns employee smartphones into biometrics-protected virtual smart cards that allow instant proximity-based login to both workstations and applications. The solution eliminates passwords and puts an end to the risk of bad actors stealing user credentials and compromising critical information.

Outside of the workplace, the average person can more effectively – and securely – shoulder the burden of passwords by using a password manager app. And Americans can protect themselves and their neighbors by following security and data privacy best practices.

A Word of Truth

There is at least one part of this FDR inaugural address that applies here. “This is preeminently the time to speak the truth, the whole truth, frankly and boldly.”

The truth is that we must all do our part to protect and secure data and devices. Doing so will go a long way in building trust in our always-on, data-driven world.

Please click here for more information about nCipher’s security solutions. If you’re attending RSA, visit nCipher and Entrust Datacard at booth S-2139.

You can also follow nCipher on Twitter, LinkedIn, and Facebook.