Consumer Privacy Survey Sponsored by ForgeRock Finds Strong Opinions for Greater Control Over Personal Data in the IoT Era

Large majorities indicate a strong desire to require consent for the collection and transmission of personal information, call for increased punishments for companies that violate consumers’ privacy

San Francisco, CA, March 27, 2018 – A new report released today by The Economist Intelligence Unit (EIU) shows that consumers around the world perceive wide ranging risks in how their personal information is collected and shared with third parties. They want greater transparency and control, as well as commitments from government and industry to protect privacy.

What the Internet of Things means for consumer privacy, sponsored by ForgeRock, is an EIU research programme that explores the concerns and priorities of global consumers stemming from the Internet of Things (IoT). It is based on a survey of 1,629 consumers from eight countries around the world. Among the findings, the survey report documents that global consumers worry that small privacy invasions may lead to a loss of civil rights:

  • 92% of global consumers say they want to control what personal information is automatically collected
  • 74% of global consumers are concerned that small privacy invasions may eventually lead to a loss of civil rights
  • 57% say the “right to be forgotten” is among the most important consumer rights regarding third-party use of personal information
  • 92% want to increase punishments for companies that violate consumers’ privacy
  • 89% cite their discomfort with the ability of third parties to access personal data without their consent

Eve Maler, ForgeRock VP of Innovation & Emerging Technology commented: “With just over eight weeks to the implementation of GDPR and the recent revelations around Facebook’s data handling policies, the topics of personal data privacy and regulation have dominated news cycles as never before. And with good reason. The survey report released today by The Economist Intelligence Unit and sponsored by ForgeRock shows that consumers are acutely aware that their personal data is at risk, and feel strongly that they should have more control over how data is collected, managed and shared. Everyone working in the IoT or industries where personal data is collected and stored need to become better informed on shifting consumer attitudes toward digital privacy. Today’s report is a must read.”

ForgeRock VP of Global Strategy & Innovation, Ben Goodman said: “What we’re seeing here in the EIU report is that consumers are getting more savvy about ‘what’s in it for me’ in day-to-day digital interactions. Going forward, businesses will need to be clearer about their answer to this question if they want to keep consumer trust (and ultimately, loyalty and share of wallet). For years, we have had ‘free’ access to social platforms where we’ve traded our personal information for access. In light of the recent disclosures around Facebook’s data handling policies, I believe we need to reconsider what we view as hacking and what behaviors should be addressed as such so we can put the proper safeguards in place. Should any situation where a company uses data in a way the customer had not anticipated or expected, be considered hacking? How personal do we get? All of these are questions up for debate, especially as IoT technologies continue to reshape day-to-day life at home, at work, and the ways we get around.”

ForgeRock VP, Industries Financial & Regulatory, Nick Caley said: “What stands out in this new EIU report is the overwhelming opinion (92 percent!) of respondents calling for increased punishments for companies that violate consumers’ privacy. This report should be a wake-up call for any organization that handles customer data, but financial services firms should take particular note. As industry stakeholders adjust infrastructure and practices to comply with Open Banking, PSD2 and GDPR, they need to keep in mind that regulators have made consent a key requirement of each of these laws. Consent is not mandated in all customer interactions, but given the distinct advantages consent brings, it’s always preferable to have it. The EIU study clearly shows that consumers expect organizations to solicit and secure individuals’ consent before they collect personal data, and rightly so.”

The internet of things (IoT) is revolutionizing industries with connected devices that can streamline processes and allow companies to create innovative operational architectures, but it is not without risk. ForgeRock was recently honored with an IoT Excellence Award from TMCnet for its innovative Edge Security offering, which supports trusted authentication and granular relationship-based authorization decisions for common IoT design patterns, including device-to-device, device-to-service, and user-to-device.

About ForgeRock

ForgeRock® is the Digital Identity Management company transforming the way organizations interact securely with customers, employees, devices, and things. Organizations adopt the ForgeRock Identity Platform™ as their digital identity system of record to monetize customer relationships, address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), and leverage the internet of things. ForgeRock serves hundreds of brands, including Morningstar, Vodafone, GEICO, TomTom, and Pearson, as well as governments such as Norway, New Zealand, and Belgium, among many others. Headquartered in San Francisco, California, ForgeRock has offices in Austin, London, Bristol, Grenoble, Munich, Paris, Oslo, Singapore, Sydney and Vancouver, Washington. ForgeRock is privately held, backed by leading global venture capital firms Accel Partners, Foundation Capital, Meritech Capital and KKR. For more information and free downloads, visit or follow ForgeRock on social media:

Facebook ForgeRock |Twitter @ForgeRock |LinkedIn ForgeRock |