The privacy, security and dependability requirements of the citizen are, therefore, much broader than the pure protection of personal data and the continued accessibility of critical services. Any transaction that is performed in the Information Society, any process that is established electronically and any service that is offered over ICT must be trustworthy, i.e. dependable and inherently secure. This can also mean that the citizen can justifiably trust (in the sense of ‘depend on’) that certain information flows do not happen - or by design only happen in a way where citizen retains control. In a privatized, decentralized and dispersed communications environment, the number of central control organisations will significantly decrease. 

Nevertheless, citizens should be able to determine whom they are willing to trust (for what purposes, and to what extent), but there can also be a large set of parties involved in services and processes, such that a trust decision might be highly complicated or even impossible for citizens to make.
...
One should not assume that stakeholders do not care about their security merely because they do not understand the consequences of certain actions. The perception of risk can vary significantly from actual risk and, in the short term, convenience may lead some early adopters to make hazardous decisions.