PRAGUE – Avast , a global leader in digital security and privacy, released its first Digital Wellbeing Report today. The Covid-19 pandemic has had an unprecedented impact on the wellbeing of internet users across the world, with an unparalleled spread of misinformation, cybercriminals abusing unaware internet users with scams and cyber attacks, and several governments implementing authoritarian tactics. In the Digital Wellbeing Report, Avast reveals that people living in countries with more digital freedom are less at risk of cyber attacks, yet have the same lack of transparency in privacy policies as those living in countries with a less free internet.
“Our findings indicate that where governments around the world restrict their citizens’ online freedom, there is a corresponding increased risk of people falling victim to cyber attacks. This is often tied to a lower GDP in these countries which leads to the use of older systems which are more prone to attack, and the use of free and potentially illegal content which often is less secure. However, the distinction isn’t cut and dried – people in countries with more digital freedom still face frequent attacks, and our findings show that there is still work to do when it comes to privacy protection – in free and in unfree countries,” said Ondrej Vlcek, CEO of Avast. “To solve the problem of digital freedom, innovation is needed in the field of cybersecurity and digital trust solutions that will create more safety and transparency for all.”
For the Digital Wellbeing Report, Avast combined its own data on cybersecurity risks and privacy challenges with Freedom House’s “Freedom on the Net” report 2021, which assesses how much freedom people have using the internet in a country, based on the existence of surveillance and restrictions such as blocked social networks, censorship, or deliberately manipulated online discussions and disrupted ICT networks. Avast defines digital wellbeing as a combination of digital freedom, cybersecurity and privacy, with the ability of an internet user to utilize the internet in an open, regulated, private, secure, and informed way.
Amidst concerning global trends that include rising cybercrime and malicious activity, and governments around the world adopting increasingly authoritarian tactics, today wellbeing and free expression online are increasingly under threat across the globe. For the report, Avast compared data including risks of falling victim to cyber attacks, users’ computer system age, and presence, transparency and readability of privacy policies to data of Freedom House’s Freedom on the Net report, which assesses the online freedom of countries by looking at aspects such as whether their government blocked social media platforms, deliberately disrupted ICT networks, or arrested, or physically harmed a blogger or ICT user for political or social content.
“This vital report illustrates that cyberattacks go hand in hand with online repression. We’re proud that Freedom House’s Freedom on the Net report informs Avast’s work to strengthen digital wellbeing,” said Mike Abramowitz, President of Freedom House.Less digital freedom, higher cyber risks
The report found that people living in Free countries are at a lower risk of falling victim to a cyber attack (30%) than people in countries that are Partly Free or Not Free (both 36%). This could be related to factors that include a higher rate of violation of user rights, prohibition of encryption services, large scale state surveillance, data collection and the presence of backdoors used for state surveillance, showing an indirect correlation between the Freedom on the Net Index score of a state and the risk ratio of encountering a cyber-attack. Moreover, countries that are Not Free often have a lower GDP per capita which can lead to a higher use of torrent sites to access free content, games, movies via unsecure sources, which in turn can expose users to a high number of online risks.
Risk of falling victim to a cyber attack in the top ten Free countries (no. 1 being most free) | Risk of falling victim to a cyber attack in the lowest ten countries Not Free (no. 1 being least free) |
Iceland 33.2%Estonia 30.8%Canada 26.9%Costa Rica 27.6%Taiwan 36.6%Germany 24.1%France 27%United Kingdom 24.4%Georgia 33.6%Italy 23.9% | China 46.8%Myanmar 33.7%Vietnam 43.3%Saudi Arabia 33.9%Pakistan 40.2%Egypt 44.7%United Arab Emirates 36.1%Ethiopia 43.2%Venezuela 37.5%Uzbekistan 32.9% |
Avast’s researchers further observed a correlation between the age of operating systems being used and the risk of citizens to cyber-attacks. By comparing the ranking in the Freedom House Freedom on the Net Index to Avast’s internal data, it can be inferred that in wealthier countries, such as those found higher up in the Index including Germany, France and the UK, users tend to have up-to-date operating systems, which can better guard them against cyberattacks. Conversely, users in countries that scored lower on the Freedom on the Net Index, like Indonesia, Turkey, and Belarus, have on average a lower GDP per capita and tend to use more outdated operating systems, which increases the risk of a cyberattack. The researchers found that only 28% of users in Free countries are still using outdated operating systems. By contrast, 38% percent of users in Partly Free countries are using outdated systems, and this figure is even higher in Not Free countries as ranked by the Freedom on the Net Index (41%).Research shows that privacy policies aren’t enough
The report published today also found that privacy policies in general can be found more often in Free countries, with websites in Free countries (as designated by the Freedom on the Net Index) more likely to have in place privacy policies (70%) than websites in countries considered Partly Free and Not Free (52% and 47%). However, the report also found that even though privacy policies are more prevalent in Free countries, there does not seem to be a direct correlation between the vagueness and readability of those policies and the level of online freedom in those countries. In other words, it appears that the mere presence of a robust privacy policy in a country may not be enough to guarantee enough privacy protection to its citizens.
“Privacy regulations such as GDPR in Europe and CCPA in California require that users are informed about how their data is used, which is supposed to create more transparency for the user. However, if privacy policies are written in a vague and unreadable way, this goal is essentially missed,” said Ondrej Vlcek.
Average readability of English privacy policies in top ten Free countries (higher is better) | Average readability of English privacy policies in lowest ten countries Not Free (no. 1 being least free) / (higher is better) |
Iceland 49%Estonia 48%Canada 45%Costa Rica 46%Taiwan 45%Germany 49%France 46%United Kingdom 48%Georgia 48%Italy 44% | Myanmar 47%Vietnam 49%Saudi Arabia 46%Pakistan 48%Egypt 48%United Arab Emirates 46%Ethiopia 48%Venezuela 48%Russia 46%Bahrain 46% |
Metrics: <46% very difficult to read; 46%-58% difficult to read; Please note that data for the least free country, China, and the tenth least free country, Uzbekistan were not assessed and therefore not included in this table.
This study further builds on Avast’s Digital Citizenship Report published in September 2021, which explored post-pandemic online behaviors, and is part of Avast’s efforts in understanding how our life online can be improved.