Some research by Carnegie Mellon University on our attitudes to privacy could lead to some interesting conclusions for Who Sees What?

You might be forgiven for assuming that when companies reassure you about their privacy policy it is, well, reassuring. Not so, says Carnegie Mellon University. A series of clever tests have shown that we have just the opposite reaction. In one experiment,

Subjects completed an online survey where they were asked a series of personal questions, such as “Have you ever tried cocaine?” Half of the subjects completed a frivolous-looking survey – How BAD are U?? – with a picture of a cute devil. The other half completed the same survey with the title “Carnegie Mellon University Survey of Ethical Standards” complete with a university seal and official privacy assurances. The results showed that people who were reminded about privacy were less likely to reveal personal information than those who were not.

So, if a company or organisation says it takes your privacy seriously, this has the effect of adding legitimacy to these concerns and making you less likely to give out information. Social networking sites seem to have clocked onto this. Their aim is to get people to disclose as much personal information as possible, so their privacy settings are confusing and low profile. Their message is that privacy doesn’t really matter – and it works.

This raises an interesting question for us here at Who Sees What? Our aim is open-minded, informed debate about how the NHS should balance privacy alongside ease, practicality and research. But just by asking people to think about privacy and security, are we inevitably making people more concerned about their medical information than they would be otherwise?

The NHS may find itself in a similar catch 22. There is broad consensus that the NHS should do its best to inform patients about what is happening to their records and who can see them. But if they want to avoid privacy concerns, should they follow facebook’s example by keeping as quiet as possible about the use of medical records, and make them confusing to understand? At least some would find this conclusion hard to stomach.