64 Alarming Data Privacy Statistics Businesses Must See in 2024

Over the past two decades, our society’s digital footprint has grown exponentially — quickly outpacing our cybersecurity and privacy infrastructure’s ability to keep up. 

Some see the loss of data privacy as a necessary evil to drive technological advancement. Others, however, are concerned and increasingly aware of the complexity of protecting data in an era of unprecedented connectivity.

94% of organizations say consumers won’t buy from them if personal data is not properly protected. (Cisco)

As data privacy and security become increasingly important to professionals and businesses across all industries, emerging stats and facts about data privacy guide us in an era of untethered digital growth.

We have compiled the following data privacy statistics to illustrate why you must take all necessary steps to protect your customers’ data.

But Wait… What Is Data Privacy?

Simply put, data privacy is the ability of individuals to protect and control their personal information from companies that collect, use, share, or sell it.

Ideally, companies would only store data necessary for operations and only when users consent to the collection.

However — unsurprisingly — some companies have found that it’s more profitable to use your data for targeted advertising, which is why data privacy has become a much-discussed topic.

Statistics Showing Data Privacy Trends

The following data privacy stats showcase trends that should be shaping business and security priorities:

• 92% of Americans are concerned about their privacy when using the Internet. (TrustArc)
• Personal customer information (such as name, email, and password) is included in 44% of data breaches. (IBM)
• 67% of Americans are unaware of their country’s privacy and data protection regulations. (LegalJobsIO)
• 60% of U.S. adults don’t know what “phishing” means. (Google/Harris Poll)
• 62% of Americans don’t believe it’s possible to go through daily life without companies collecting data about them. (Pew Research Center)
• 76% of users believe companies must do more to protect their data online (Global Consumer State of Mind Report 2021)
• 60% of consumers believe companies routinely misuse their personal data. (KPMG)
• 68% are concerned about the amount of data being collected by businesses. (KPMG)
• Only 3% of Americans say they understand how current online privacy laws actually work in America. (Data Prot)
• 58% of users said they would be willing to share data to avoid paying for online content. (Statista)

And yet…

• Only 5% of consumers have no major concerns over how organizations use their data. (MAGNA/Ketch)
• Just 21% of of consumers feel confident that their data is being used for the proper purposes. (MAGNA/Ketch)

We spoke with privacy expert Christopher Smith, Esq. FIP, Founder of the Privacy Enforcement Podcast, who says, “A key ingredient for every good relationship is trust.”

He adds, “Companies with good relationships with their customers often owe it to the trust that was built over time.”

Businesses can successfully foster this trust with consumers by building privacy best practices into their business structure.

Post a comprehensive privacy policy on your site, present users with a reliable consent banner, and implement proper security measures to prove you respect their personal information.

Business Related Data Privacy Stats

These statistics show the impact data privacy has on corporate credibility and why companies must prioritize transparency when it comes to data if they want to gain and retain the trust of their customers:

• 79% of Americans are concerned about how companies use their data. (Pew Research Center)
• For 88% of users, their willingness to share personal data depends on how much they trust a company. (PwC)
• 54% of users say it’s harder than ever for companies to earn their trust. (Salesforce)
• 63% of users believe most companies are not transparent about how their data is used. (Tableau)
• 75% of Americans believe there should be more regulations to protect their privacy from companies collecting consumer data without their consent or knowledge. (LegalJobsIO)
• 60% of users say they would spend more money with a brand they trust to handle their personal data responsibly. (Global Consumer State of Mind Report 2021)
• 84% of users are more loyal to companies with strong security controls. (Salesforce)
• 46% of customers said they feel they have lost control of their own data. (Salesforce)
• 87% of users want to be able to manage what and how their personal information is used. (PwC)
• 37% of users say that companies that are transparent about how they collect and use data and are more proactive in enforcing data privacy online reduce their concerns. (TrustArc)
• 52% of American users chose not to use a product or service due to worries about how much personal data would be collected about them. (Pew Research Center)
• One in five users always or often reads a company’s privacy policy before agreeing to it. (Pew Research Center)
• 48% of users have stopped buying from a company over privacy concerns. (Tableau)
• 33% of users have terminated relationships with companies over data. They left social media companies, ISPs, retailers, credit card providers, and banks or financial institutions. (Cisco)
• 81% of users say the potential risks they face from companies collecting data outweigh the benefits. (Pew Research Center)
• 77% of consumers are willing to share their email address for personalized experiences and additional incentives. (Statista)
• Most companies see a very positive return on their privacy investment, and over 40% see benefits at least double their privacy spend. (Cisco)

According to Smith, “Trust is paramount in this “Age of Information” where a customer can directly or indirectly (e.g., cookie data) provide data to one company that is then transferred to another company without the customer’s knowledge nor consent.”

“Therefore, one approach a company can take to build trust with their customers is to prioritize data privacy in their products and services.”

He adds, “A simple and easy first step any company can do to prioritize data privacy is to disclose, in a clear and easily readable manner, all activities they will perform with their customers’ data.”

Doing so now helps set your business up for more customer success in the future.

Data Privacy and Cybercrime Statistics

Cybersecurity incidents such as large data breaches are rising worldwide, and customer data and privacy discussions have never been more timely. Here are the numbers to prove it:

• A study by the University of Maryland quantified the near-constant rate of hacking attacks on computers with Internet access – on average, every 39 seconds. (University of Maryland)
• Data breach costs increased from $3.86 million to $4.24 million in 2021, the highest average to date. (IBM)
• Average costs were $1.07 million higher for breaches where remote work was a factor in the breach compared to breaches where remote work wasn’t a factor. (IBM)
• The most common initial attack vector, compromised credentials, was responsible for the most breaches (20%) at an average cost of $4.37 million. (IBM)
• 77% of IT professionals say they don’t have an enterprise-wide cybersecurity incident response plan. (IBM)
• The average company has 534,465 files containing sensitive data. (Varonis)
• 24% of Americans say their personal data is “very vulnerable” to compromise. Only 2% of Americans don’t believe their data is vulnerable to compromise. (Statista)
• Concern that banking and financial data could be hacked or shared has always been at the top of users’ list of worries about their data, so 78% of users are most protective of their financial data. (Figaro Digital)
• The global information security market is expected to reach $170.4 billion by 2022. (Gartner)
• 27% of users who have been affected by an online security incident estimate that the incident ended up costing them $100 to $10,000 or more. (Secure Swiss Data)
• 90% of Internet users are worried about their passwords being hacked. 46% are “very worried” about it, and 44% are “a little worried.” (Avast)
• 55% of people can correctly define ‘password manager’ and 35% use different passwords for all of their accounts (Google/Harris Poll)
• Nearly 33% of email and social media users were victims of at least one cyberattack in 201. More than half had personal data stolen. (LegalJobsIO)
• 64% of Americans would blame the company, not the hacker, for the loss of personal data. (Skyflow)
• In 2021, 22 billion records were exposed through data breaches. (Flashpoint)
• Older people tend to be more vulnerable to identity theft. The FTC reported that 35% of fraud complaints and 18.9% of identity theft complaints were filed by older people in 2017. (Experian)
• 44% of Internet users have experienced some form of online harassment. Most of these victims are women: One in six report such experiences, compared to only one in 19 men. (LegalJobsIO)

Data Privacy and Data Protection Legislation Statistics

Since the GDPR came into force, it has triggered a domino effect. Many other countries have used it as a model to shape their own rules for handling personal data.

Take a look at some statistics related to various data privacy laws.

• 69% of the world’s countries now have data protection and privacy legislation in place. (UN)
• Another 10% have draft laws, 5% have no data, and 16% of countries have no data protection or privacy laws. (UN)
• At least 20 countries (excluding EU member states) have enacted laws similar to the GDPR. These countries are located on every continent of the world. (Reed Smith)
• 60% of people who know about data protection laws (like the GDPR) view them favorably (Cisco).
• 47% of companies have updated their privacy policies to comply with the GDPR and other privacy laws. 80% have updated their privacy policies multiple times in the last year. (LegalJobsIO)
• 62% of UK citizens feel safer sharing their data after the GDPR. (Persona)
• It’s no surprise, then, that 66% of Americans want the U.S. to adopt privacy laws similar to the GDPR. (Persona)
• 32% of U.S. companies now have a data protection officer, and 27% have spent more than half a million dollars to become GDPR compliant. (Persona)
• 70% of risk and compliance professionals said the pandemic has increased their reliance on technology to improve decision making, performance monitoring and risk management. (Thomson Reuter)
• Between January 2021 and January 2022, nearly €1.1 billion in fines were issued for a wide range of GDPR violations. This represents a 594% annual increase in fines. (DLA Piper)
• 82% of companies consider privacy certifications such as ISO 27701 and Privacy Shield as a purchasing criterion when selecting a product or vendor in their supply chain. (Cisco)
• 25% of users have inquired about the data companies have stored about them, and 17% have requested that the data be changed or deleted. (Cisco)
• India had the highest percentage of respondents who inquired about their data (49%), followed by Mexico (37%) and Brazil (36%). (Cisco)
• The highest GDPR fine to date was $1.2 billion and was announced in May 2023. (CNBC)

Artificial Intelligence (AI) Data Privacy Statistics

It seems everyone’s talking about the rapid evolution of artificial intelligence (AI). Consumer want to know how businesses plan on using AI and it’s impact on their personal information.

The following statistics show consumers’ increasing desire for transparency from businesses, especially as they start relying on AI services meant to enhance the customer experience.

• 60% of consumers are concerned about businesses use of AI today and 65% say it’s already eroded their trust in those companies. (Cisco)
• 50% of users want companies to be clear when they’re using AI. (Redpoint Global)

However, consumers are still excited to see what the future holds and may be willing provide personal data to help the technology improve…

• 73% of consumers believe AI can have a positive impact on their customer experience. (Redpoint Global)
• 54% of users are willing to share their anonymized personal data to improve AI products and services. (Cisco)

Summary

More and more people are aware of the risks of their personal data being accessible on the Internet and are taking greater care to ensure their data doesn’t fall into the wrong hands.

But much remains to be done to curb the rising number of cyberattacks and data breaches.

What are your thoughts on this? What methods could and should companies use to protect sensitive data? Share this article on social media and let us know!

More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author