The EU Commission commissioned a study “Confidence in the Information Society”, which was carried out by the Hungarian Gallup Organization and published last May. Based on this study the EU Commision launched the eyouguide (see earlier post). Hereunder a summary of the results:

Some Internet users in the EU have a perception of security that makes them confident that transactions over the Internet are safe. However, only 12% believe that these are completely safe, and 46% assume they are rather safe but 42% do not have confidence in these transactions.

• One out of ten European Internet users believe that online transactions are not safe at all, and 19% believe that these are “not really” safe – including those who cannot tell whether such transactions are safe or not, almost four in ten users (39%) have significant doubts regarding Internet safety.

• Users are very well informed about the existence of typical threats. Computer viruses are the best-known hazards: virtually every Internet user confirmed to be aware of this potential danger (97% on EU-27 level).

• Consequently, there are very few Internet users in the EU who say that they do not protect themselves against Internet-related security hazards1. Only a small minority of European Internet users agree that they do not implement (some) security measures because they do not feel threatened (10%), or because these are too expensive (7%) or because they don’t know how to use them (6%).

• On the other hand, almost every Internet user in the European Union applies some preventive technology aimed to safeguard computers connected to the Internet and the data they store: 96% confirm using some antivirus, spam filter or firewall application. More than a third (35%)
indicated that they (also) use alternative techniques to increase their safety while browsing the Internet.

• Risk avoidance online behaviour was also widely reported; users rarely give out personal data on the Internet (avoids as much as possible: 86%), and they rarely engage in peer-to-peer file transfers with people they don’t know (81% indicate refraining from such activity). However, only a minority (although a very significant minority) do not carry out financial transactions over the Internet (42%).

• Despite the efforts users make in order to protect the privacy of their online communications and the integrity of their systems, many users have experienced security problems in the past.
Looking at the past five years, 65% of EU Internet users reported being the victim of excessive spamming and 46% detected viruses on their computers. Considering all tested security problems, only about one in five (22%) of all EU Internet users reported that none of these problems were detected on their system.
• The security problems typically caused time loss for users, but harder-hitting damages were reported by relatively few of those who otherwise reported some security problem: Loss of nonpersonal data (e.g. damaged files, etc.) was the second most frequent result of Internet security problems (18%). Only 16% of all internet users who encountered some security problem over the past five years also report direct financial losses (e.g. money stolen, computer repair costs, loss of valuable data).

• Three quarters of Internet users believe that they personally are responsible for ensuring their protection from Internet-related security hazards (75%). However, the majority of users also believe that their Internet service providers (52%) as well as those organisations that provide online services (51%) are also accountable for securing online transactions. Considerably fewer users feel that public authorities also have a responsibility regarding problems related to online security (31%).

• The survey asked Internet users if they would be interested in participating in practical training course on Internet security. Seven percent of all Internet users in the EU would consider attending such a course if it was offered for a charge, and 24% are open to the idea if this training were free. Overall, 67% of EU Internet users would not be willing to take part in such a course, mostly because they are confident that they know enough (31%); or on the contrary, they think that their current IT skill level is insufficient to meaningfully gain from such training (17%).

1 The survey did not ask if the security products were indeed switched on, currently licensed to operate, regularly updated, etc. The survey did not ask separately the availability of anti-virus, firewall, and content filtering on the users’ computers, as the primary objective was to get an insight about the users’ perception of their safety.

The full report is available at:
http://ec.europa.eu/information_society/policy/nis/docs/eurobarometre/confidence_infosoc_analytical_report_v30_4_09.pdf