The digital universe is considered either secure or simply secure enough so that there is no need to worry about privacy. Scandinavian consumers have yet to see a major security breach that could expose the real vulnerability of data.
Health data, browser data, geolocation data, social media data, purchasing data, financial data and other personal information: every day, Scandinavians leave a data trail through their smartphone usage and online behaviour. But is this a concern for Scandinavian consumers? Not really, according to our 2022 survey, although some people want to protect themselves.
Privacy behaviour remains unchanged
When it comes to basic privacy, Scandinavians can best be described as unconcerned. Most people accept default cookie settings some of the time, and a quarter of Scandinavians (26 per cent) always accept cookie settings; but what is perhaps most telling is that only 7 per cent never accept cookies and only 9 per cent always use a web browser that limits ad tracking.
Figure 37. Online behaviour
How often do you accept all default cookie settings when prompted by a website?
How often do you use a specific web browser or search engine that limits ad tracking by default?
What’s more, attitudes do not seem to have changed much since last year’s survey, although default cookie setting acceptance shows a slight decrease (from 30 per cent of respondents to 26 per cent) and 28 per cent of respondents say they use a web browser that limits ad tracking “some of the time”, a big jump from 20 per cent last year.
Scandinavian consumers do not attach much importance to privacy when it comes to choosing which smartphone to buy. Only 6 per cent of respondents say that they consider data privacy and security features when choosing a smartphone, compared to 37 per cent who prioritise battery life and 31 per cent who prioritise camera features.
These attitudes correspond closely with general discourse in society, where data concerns are discussed only occasionally in the media and in politics. Many companies experience severe cyber-attacks, some of which are made public due to customer data breaches or services becoming temporarily unavailable; but these incidents only surface occasionally, and companies typically downplay the damage in public and instead work hard behind the scenes to regain what has been lost.
The occasional concern is still there
Despite the lack of general concern for data privacy, many Scandinavian consumers have shown occasional concerns about privacy: 38 per cent of respondents have avoided buying a device, 51 per cent have avoided using a service, and 56 per cent have avoided connecting certain functions of a device.
Figure 38. Actions prompted by privacy concerns
Which, if any, of the following have you ever done because of privacy concerns?
These responses show that privacy can be a concern for Scandinavians, or at least a factor to consider, as they navigate the online universe. Looking at regional differences, Danes are significantly more concerned and risk-averse than the neighbours in Norway and Sweden.
Tailored ads do not raise concerns
In the debate about privacy, tailored ads are a common topic of debate, since advertisers are some of the heaviest users of data for targeting specific groups of consumers or even individual consumers at a personal level. Using personal data, companies continue to invest heavily in building seamless digital customer experiences, shifting the commercial game from ‘people finding products’ to ‘products finding people’ through digital marketing and social media interactions.
As in last year’s survey, preferences vary among Scandinavian consumers: 29 per cent prefer ads to be tailored, 30 per cent prefer ads not to be tailored, and 29 per cent are indifferent.
Figure 39. Preference for tailored ads
Thinking about the ads you see when using the internet and social media. To what extent do you prefer these to be tailored to you based on your interests or online search?
At the same time, online users in Scandinavia do not feel a particularly strong sense of responsibility for keeping their data private. 65 per cent of respondents believe that the online platforms involved are responsible for data privacy, while only 27 per cent think that users have any responsibility themselves. Interestingly, 39 per cent think that the government and regulators are responsible for keeping user data private, which signals broad support for the comprehensive data privacy legislation that has been introduced by the EU General Data Protection Regulation (GDPR), which became enforceable in 2018.1
Figure 40. Responsibility for keeping user data private
Which, if any, of the following do you think should be responsible for addressing the following online threats: Keeping user data private
Indifferent shoppers, passionate health fanatics
While Scandinavian consumers do not seem concerned about companies collecting data about them, the opposite seems true when it comes to collecting health data through wearables and different apps.
There has been an increase in health monitoring, with 69 per cent of Scandinavian respondents now saying that they monitor their health one way or another through smartphones, smart watches or fitness bands, up from 62 per cent in last year’s survey.
Figure 41. Health data tracking: Yearly development
Which, if any, of these do you monitor on your devices such as smartphones, smart watches, fitness bands, etc.? (Respondents who chose at least one way of monitoring health data)
There seems to be a growing awareness of the possibilities of tracking health data, and Scandinavian consumers are being presented with more options for tracking as new technology offers advanced data collection combined with complex analytics and the expertise of healthcare professionals.
Figure 42. Health data tracking: Specific measurements
Which, if any, of these do you monitor on your devices such as smartphones, smart watches, fitness bands, etc.?
Despite the popularity of health tracking, however, Scandinavian consumers are not keen on paying for services: only 7 per cent pay for fitness or lifestyle digital subscriptions, and only 3 per cent pay for apps that deal with mindfulness or mental health.
Figure 43. Usage of paid health subscriptions: Yearly development
Thinking now about PAID services or subscriptions, which, if any, of the following do you have access to? Please also consider subscriptions paid for by other people that you can access, such as other members of your household or family, or by your job.
These responses signal that paid health subscriptions have not caught on with Scandinavian users. Part of the explanation for the unwillingness to pay could be the availability of free alternative options. Another explanation is the casual nature of some forms of health data tracking, especially step counting, calorie burn, or sleep tracking, which may be seen as nice-to-have or even enjoyable features rather than something worth paying for.
For the first time in our annual survey, we asked Scandinavian women about their use of health tracking of their menstrual/ovulation cycle, a controversial subject that raises several concerns for authorities, for example with the Danish Data Protection Agency highlighting “endless possibilities for misuse”.2
However, it is not only in Scandinavia that women’s health data are causing controversy. In the United States, concerns have been expressed following the loss of women’s rights to abortion, following a ruling by the Supreme Court on the Roe v. Wade case. There are fears that women’s health data could possibly be used to prosecute individuals in those American states where abortion has now become illegal.3
Although risks of prosecution are not a concern for Scandinavian women, there is still a level of concern, and in comparison with the male respondents, women seem to be a bit more concerned about sharing their health data. 19 per cent of our female respondents say that they would not be comfortable sharing health data recorded on devices with their doctors, and another 20 per cent are unsure or undecided.
Figure 44. Sharing health data with doctor
To what extent do you agree or disagree with the following statement? I would be comfortable giving my doctor access to the health data which is recorded on my devices.
The most common reason for being uncomfortable about sharing health data is concern about accuracy. In addition, 34 per cent fear that their data could be used without their consent, and 22 per cent worry that data may be shared with third parties. Women tend to be more worried than men about a doctor knowing and using their data in their treatment, but men are more worried than women about their data being shared with third parties.
Figure 45. Reasons for not sharing health data with doctor
You said that you would not be comfortable giving your doctor access to the health data which is recorded on your devices. Why is that?
The future of data protection
Although data privacy and protection, for now, remain a concern for only a small proportion of Scandinavian citizens, the question of securing personal data from breaches and misuse is likely to be a recurrent theme as daily life becomes increasingly digital.
Concerns about data protection are further complicated by the fact that most personal data is collected from the daily use of smartphones, with individuals not necessarily being fully aware of how data is collected and used.
Whether consumers will start to care more about data protection in the future is yet to be seen. Just as the COVID-19 pandemic brought about changes to society and workplaces that people would previously have thought impossible, a major cyber-attack or major breakdown in the digital infrastructure could also have a profound impact on digital habits and a heightened awareness of data safety among consumers.