Slightly over half of Americans are cool with connected cameras in their offices that use facial recognition to help prevent theft. However, the number of people who approve falls to merely 27% if the device in question is a connected home thermostat that’s not recording video, but is merely tracking who’s at home and where they are.

These were some of the findings from a Pew study on Thursday that tracked how people feel about scenarios involving privacy in a connected era. They ranged from sharing data about grocery purchases in exchange for discounts to uploading medical records to a secure site that their doctor recommended.

For the most part, consumers were happy to give up data for a discount and for a direct benefit to themselves. But in cases in which the data went to a third-party or involved overt promotions, people started getting uncomfortable. Surprisingly age didn’t matter, nor did gender when it came to evaluating privacy in general.

The findings are based on a survey of 461 U.S. adults and nine online focus groups of 80 people. Based on their responses, it was clear that nearly everyone seemed to have a slightly different opinion about sharing their personal information (although many of those surveyed used the word “creepy.”

For more about privacy, watch:

What’s missing from the privacy conversation, though, is an understanding by consumers about what personal information they are giving up, what it will be used for, and the actual risks. And today, none of this is spelled out in any sort of English that a consumer can understand.

It’s basically hidden in a lengthy user agreement written in legalese that you must click on if you want to use an app or get hired for a job, or get that discount on peas at the grocery store. The real work should come in standardizing a set of tools that shows people what data they are sharing and where it goes, and then also figuring out how far we really want to make such sharing. What rights do people have if they want to keep their privacy and still have the ability to search the web? Or apply for a job? Or walk down a public street without being inadvertently tagged in a stranger’s photo?

Let’s start a bit more simply. Let’s just talk about what companies want when they ask for data. Many of the respondents in the Pew survey seemed confused about motives.

Companies want access to consumer data for two reasons: marketing and product development. But inevitably both companies and consumers open themselves up to a third risk of unintended access involving hackers or governments seeking information. So when people told Pew that they hated sharing information with companies, they meant that they disliked marketing like email spam and irrelevant ads.

An Internet-connected refrigerator may track your milk consumption and offer you a coupon for another brand. Or a connected car may share your daily commute information with local coffee shops along the way so they could send you pitches. Consumers are leery of this sort of privacy invading marketing in their future.

Get Data Sheet, Fortune’s daily technology newsletter

Collecting consumer information to help with product development gets a little more interesting and pernicious. Consumers may have little idea that this is happening because that information may not ever get shared or communicated back to them. It can be as benign as a company like Whirlpool recording all the snafus a customer has with one of its Internet-connected ovens and then sending the data back to be analyzed for flaws in the manufacturing process. But it might also be something like a video camera automatically grabbing images of faces and using them to train a computer to perform better facial recognition. In both of these cases, the advantage of having enormous pools of consumer data is huge, and companies will do anything to collect it. That’s one reason that Google and other technology firms don’t want to let the government prevent them from storing information they gather.

However, as FTC Chairwoman Edith Ramirez pointed out when she spoke at CES, the large consumer electronics show in Las Vegas earlier this month, companies engage in risk by holding on consumer data. The data is a target. Employees, hackers and the government armed with subpoena powers can try to get at it, and consumers are rightly worried about that risk. And like data collection for product development, government demands aren’t something that is clearly spelled out anywhere. But unlike using data for product development, a consumer can clearly imagine the repercussions.

So the Pew survey is a start. It can get companies thinking about how a lack of trust has poisoned the well between themselves and consumers. Business could ignore that and carry on as usual, or they could start building trust by inviting consumers to have more control—or understanding—about how their data is used.