GfK Verein / Data security

December 2013

Prof. Wildner, the majority of Germans are worried about their private lives and personal data. Do you think their concern is justified?

Yes, absolutely. Firstly because of the NSA and all of its associated entities, against which citizens can only fight to a certain extent. These organizations must be controlled much more by a democratic process, and anybody can campaign for that. Then there is an entire catalog of snooping going on, which can more or less be prevented by the individual. For example, if an app that lets you use your phone as a flashlight asks to use your current location, wishes to access your entire address book and will also go on to observe your internet use, then it should be avoided if you value your private life.

On his website, blogger and author Christian Heller publicizes almost everything he experiences, and considers the private sphere a bygone era. What do you think about this assessment?

Well, I wish Mr. Heller a lifetime of happiness and health. If he doesn’t have those, then getting a new job, having a good credit rating and making new friends can become quite difficult.

I also hope Mr. Heller never does anything in life that he will later regret. Data protection also means having the right to start afresh and leaving certain things in the past – so that not everything follows you around for the rest of your life. It’s part of being human.

If you think about all these things, sooner or later you come to the conclusion that the end of the private sphere would also mark the end of human dignity – the most valuable part of the constitution of the German Federal Republic, and with good reason. No, the private sphere is not a bygone era. Quite the opposite. We must now concern ourselves much more with protecting it. In this respect, the era of the private sphere is only just beginning.

The GfK Verein also requires personal data for the surveys it carries out. How far can respondents rely on this data not landing in the wrong hands? How do you go about strengthening people’s trust in market research?

The crucial difference between market/social research and other methods of personal data collection is the fact that the former are conducted exclusively in the interests of research. We want to find out what consumers generally desire or reject as well as what causes them to worry. Market and social research findings always represent the attitudes of a sampled universe. Recommendations are then developed as to how to successfully respond to the relevant population.

However, practically all other forms of personal data collection have the goal of taking concrete steps in relation to a specific individual. This is how tax authorities determine taxes and direct marketing companies create personalized advertising. To do this, personal data must be forwarded, disclosing the identity of individuals, e.g. to the company that makes the personalized ad.

Conversely, market and social research in Germany protects the anonymity of respondents. We also store the data as quickly as possible in a format which guarantees that any data related to individuals is superseded in favor of collective data. The entire spectrum of data protection measures comes into play when collecting data, e.g. admission, access and change controls. Every employee involved in market and social research must comply with data protection requirements in this sense.

And because this is still not well-known enough in the public sphere, both GfK Verein and I are engaging in the Market and Social Research Initiative, a not-for-profit organization that aims to raise awareness among the population of this significant difference.

What do you personally do to protect your private data?

Firstly, I look at who I’m allowing to view my data: The flashlight app I mentioned before didn’t stand a chance with me. I also never enter any competitions or respond to similar invitations, and I take care to make all of my passwords different and hard to crack. Of course, I also secure my PC with a firewall and ensure I have constantly updated virus protection software.

However, there’s always more that can be done. I don’t encrypt my emails (yet), and I do allow a great many cookies from Websites, as disallowing them means not being able to use a lot of online content at all. But I regularly delete cookies.

Ultimately – like for many others – for me it’s a compromise between practicability and comfort on the one hand and the necessity to protect data on the other.

Thank you for your time!