Views of Millennials and Older Adults Remarkably Aligned on Data Privacy Issues

The Internet Innovation Alliance (IIA) has released a survey showing that Millennial Americans – like older generations – are concerned about the privacy of their online personal information and whether online technology and social media companies are taking the appropriate steps to safeguard the personal information of consumers.

As revealed by the survey, three-quarters (74%) of all U.S. adults worry that their financial and personal data will be hacked. Three out of four (75%) are not in favor of their online data being used to make content and advertising more relevant, or for commercial purposes (76%). And, of note, a very strong consensus exists among Americans (72%) for a single, nationwide online data privacy law. These trends are common across different demographic groups of consumers; rural and urban, younger and older, and consumers of different races share similar views on online privacy.

In partnership with the Millennial Action Project, Icon Talks and the Hispanic Technology & Telecommunications Partnership (HTTP), IIA commissioned an independent market research survey to help inform policymakers at all levels about the views of U.S. consumers concerning their online data privacy. CivicScience, a leading independent polling and market research firm, designed and conducted the comprehensive survey of more than 8,0000 consumers in the United States in April 2019. The survey is representative of the population by demography and geography.

According to the CivicScience report, “It’s rare to find a topic on which the vast majority of Americans agree, let alone when it’s a question of national policy, yet current public opinion on data privacy issues is remarkably aligned.”

The findings related to Millennials are of particular interest:

  • A strong majority of Millennials – two-thirds (67%) – are worried about their personal financial information being hacked from the online / social media companies they use.
  • Seven out of 10 (69%) Millennials are not okay with their online data being collected and used even if it makes online searches, advertisements and content more relevant.
  • A very strong majority – nearly three-quarters (74%) – of Millennials are concerned with how tech / social media companies are using their online data and location information.
  • The majority of Millennials (64%) believe a single, nationwide data privacy law is necessary, while an even larger percentage of older adults (75% 35-54, 77% 55+) think so, too. A mere 10% of Millennial Americans disagree that there should be a single, national privacy policy.

Millennial Americans, which represent more than a quarter of the nation’s population,[1] are deeply concerned about the privacy of their online personal data. Not surprisingly, the concerns of Millennials track those of millions of Americans who have seen numerous data breaches and are aware of the misuses of their personal data by some companies in the internet ecosystem.

“It’s been assumed by some that Millennials are okay with the unrestrained online collection and use of their data, because they grew up with the internet,”[2] said former Rep. Rick Boucher, Honorary Chairman of IIA. “These data show otherwise: The views of Millennials are remarkably aligned with older adults on data privacy issues. Americans of all ages want Congress to act by crafting a single, nationwide framework for safeguarding their online personal information.”

Beyond what the survey found, IIA’s white paper, “Concerns About Online Data Privacy Span Generations,” focuses on other important privacy issues, from the large amount of personal information collected from internet users,[3] to the privacy abuses, data breaches, and misuses of personal information that continue to dominate the news.

Comprehensive, Uniform Data Privacy Legislation Needed

A single, comprehensive federal law focusing on consumer online privacy does not exist in the United States today. Instead, a patchwork of federal and state laws, which were mostly developed before the widespread deployment of broadband, address consumer online privacy.

The Federal Trade Commission (FTC) has administered a technology-neutral framework for online privacy across all sectors for more than 20 years. In 2016, the Federal Communications Commission (FCC) adopted privacy rules that collided with the FTC’s long-established privacy regime and applied only to internet service providers (ISPs).[4] Recognizing the imbalance that the FCC’s new rules created, Congress overrode the regulations in a Joint Resolution adopted in April 2017.[5] Because of widespread concerns, state legislatures have been taking steps to adopt state-specific laws addressing consumer online privacy[6] – but the internet does not stop at the border of any state. “Privacy protections should be federally legislated and federally enforced,” commented Boucher.

“The CivicScience report shows that Americans have serious privacy concerns, and they’re waiting for lawmakers to address them,” added Boucher. “Now is the time for Congress to adopt federal legislation ensuring that all companies in the internet ecosystem abide by a common set of rules to protect consumer data online.”

[1] U.S. Census Bureau, Millennials Outnumber Baby Boomers and Are Fare More Diverse, Census Bureau Reports, Press Release (Jun. 25, 2015).
[2] Sarah Landrum, Forbes, “Here’s Why Millennials Are The Most Data-driven Generation,” Article (Aug. 29, 2017).
[3] See, e.g., The Institute for Information Security & Privacy at Georgia Tech, Peter Swire, Online Privacy and ISPs:  ISP Access to Consumer Data is Limited and Often Less than Access by Others (2016) (Online Privacy Study).
[4] In the Matter of Protecting the Privacy of Customers of Broadband and Other Telecommunications Services, WC Docket No. 16- 106, Report and Order, 31 FCC Rcd 13911 (2016).
[5] Joint Resolution, Pub. L. No. 155-22 (2017) (“Resolved by the Senate and House of Representatives of the United States of America in Congress assembled, That Congress disapproves the rule submitted by the Federal Communications Commission relating to ‘Protecting the Privacy of Customers of Broadband and Other Telecommunications Services’ (81 Fed. Reg. 87274 (December 2, 2016)), and such rule shall have no force or effect.”).
[6] See, e.g., California Assembly Bill No. 375, California Consumer Privacy Act of 2018.