Knowledge - 02 June 2021 | By TermsHub

Updated at: 09 December 2021

100+ Online Privacy & Data Security Statistics and Concerns

Current Trends in Data Protection

Not too many people know how companies and organizations handle personal data, who they put in charge of data privacy, and how much is the potential cost that a data breach brings.

To help you gain a good grasp on the matter, we have compiled 100 of the data privacy & data security stats for 2021. These include GDPR statistics, ROI, consumer research, and data breach stats, among others.

Based on t presented information, you can make your own conclusions. These stats, however, show positive movements and trends in individual privacy awareness in the younger generations. This is supported by the fact that 61% of those active about their privacy belong to age groups under 45 years old.

Stats about the Younger Generations Who Care about Their Privacy

As one of the more significant developments today, privacy awareness has placed a lot of pressure on national governments to put data protection laws in place. These laws dictate how different companies will handle individual data, and the values they will incorporate to strive in the market.

Having said that, it’s still a long shot today. According to some surveys many people do not have any idea on how they can protect their data. Many are distrustful of the way companies handle their data.

In contrast, organizations that invest in privacy programs tend to reap benefits including operational agility or efficiency. 40% enjoy benefits that are twice their private spending.

To sum up everything, information or data privacy involves the proper handling, storage, processing, and use of personal information. It’s all about the individuals’ rights as regards their personal data.

Data security focuses on the protection of personal data obtained from unauthorized 3rd-party access or exploitation or malicious attacks of data. It is set up for the protection of personal information with the use of various techniques and methods to guarantee data privacy. Combining them together creates a data protection area.

Data Privacy Statistics

1. In a study, 84% of all respondents claim they care about their own data, they care about the information of other society members, and they want to have more control over the use of their data. 80% of this group also indicated their willingness to act to safeguard it. This is according to the 2019 Cisco Consumer Privacy Survey.
2. 48% of the privacy-active respondents admit they have already switched providers or companies because of poor data sharing and data policy practices. This is also from the 2019 Cisco Consumer Privacy Survey.
3. According to the Pew Research Center, 79% of all respondents say that they are somewhat or very concerned about how providers are using the data they collect about customers. 64% say they share the same concern level about how the government collects data.
4. Still from the Pew Research Center, 79% of respondents feel that they have no or minimal control over their collected data.
5. A Salesforce research shows that 46% of clients surveyed report they feel they have lost their control over their own information.

Data Privacy & Data Security Stats on Who Is Responsible for Privacy of Data

6. 45% of the respondents said they think the federal government is responsible for safeguarding data privacy. – 2019 Cisco Consumer Privacy Survey
7. 24% of the respondents think that the individual user is responsible for safeguarding data privacy. – 2019 Cisco Consumer Privacy Survey
8. 21% of those surveyed claim that the companies have the responsibility of protecting data privacy. – 2019 Cisco Consumer Privacy Survey
9. 43% of the respondents don’t think that they are capable of protecting their personal data adequately today. – 2019 Cisco Consumer Privacy Survey

Privacy Awareness in the United States

10. 63% of Americans think they have nothing or very little understanding of the current regulations and laws being implemented to safeguard their data privacy. This is according to the Pew Research Center.
11. 97% of all Americans surveyed claim they have been asked to approve privacy policies at least once. However, only around one of every 5 adults overall claim that they always (at 9%), or frequently (at 13%) read a provider’s privacy policy before they agree to it. Around 38% of all adults say they read such policies sometimes, but another 36% say they don’t read a provider’s privacy policy at all before they agree to it, the Pew Research Center reports.
12. 62% of all Americans (roughly 6 out of 10) believe that it is impossible to go through day-to-day life without various companies gathering their information. – Pew Research Center
13. 72% of American respondents feel that most, or all of their online activities or while using their phones, are being monitored by technology firms, advertisers, and other companies. 19% believe that some of their online activities are being tracked. Nearly half of the adults (around 47%) think that at the very least, most of their activities online are being monitored by the government. This is according to the American Trends Panel.

Data Privacy Statistics on Americans – Pew Research Center

14. According to 81% of the American respondents, they think that the potential data collection risks by companies about them far outweigh all the benefits. – From Pew Research Center Reports
15. 77% of the respondents say that they’ve at least read or heard a little about how companies and organizations use personal information to offer special deals or targeted ads or to evaluate how risky people would be as customers. This is according to the Business News Daily.
16. The Pew Research Center says that 70% of Americans think their personal information is less safe and less secure than 5 years ago.
17. Only around 6% of American respondents think that their information is safer and more secure today than before. – Pew Research Center
18. 79% of American respondents don’t believe that companies will act appropriately in using and safeguarding their personal information. At least 7 out of 10 claims they aren’t too confident or have no confidence that the companies will admit their mistakes and take responsibility in case of misused or compromised data. – Pew Research Center

Data Protection Laws

19. 107 nations (66 of which are either transition or developing economies) have legislation to guarantee data and privacy protection. In this particular aspect, Africa and Asia both have similar adoption levels. Less than 40% of nations have no laws in place. – UN
20. According to the UN, 18% of all countries have no data protection laws to speak of.
21. 59% of all respondents claim that their organizations presently meet all requirements of the GDPR. 29% are poised to be ready by 2020. This is according to the 2019 Data Privacy Benchmark Study of Cisco.
22. 9% of all respondent organizations claim they need more than one year to become GDPR ready. This is also according to the 2019 Data Privacy Benchmark Study of Cisco.
23. 3% of the global survey respondents say that they do not believe GDPR applies to their organization. – 2019 Data Privacy Benchmark Study of Cisco
24. Over the past year, 47% of respondent organizations updated their website cookie policies, and about 80% updated their policy twice or more. – Techbeacon
25. In 2019, companies found fulfilling the right to be forgotten as the most difficult among all GDPR obligations. – IAPP

Data Privacy & Data Security Stats

26. 47% of the respondents claim they have more trust in organizations that use their data in compliance with the GDPR. – 2019 Cisco Consumer Privacy Survey
27. 58% of all companies in Europe have declared compliance with GDPR regulations among the top priorities, but only 11% of respondents from the US consider compliance as a top priority. – IAPP
28. 93% of IT decision-makers in the US say they have taken at least some steps in compliance with privacy regulations like the CCPA or the GDPR (General Data Protection Regulation) of the EU. – Egress Survey
29. 35% of respondent US businesses say they aren’t CCPA compliant as of January 1, 2020. They feel that attaining compliance is too expensive. – eMarketer
30. 90% of the respondents claim their firms depend on 3rd parties for data processing. The top method to ensure that vendors have sufficient data protection safeguards is to rely on contract assurances (94% of the respondents). 57% employ questionnaires, and only 1 out of 4 perform on-site audits. – IAPP
31. 69% of EU-registered DPOs play the main privacy role for their respective firms. Their reporting lines are also typically direct to the BOD (Board of Directors). – IAPP
32. According to 56% of respondent organizations, the toughest issue to address in data subject access requests that include deletion, access, and rectification requests, is finding unstructured personal data.
33. 36% of organizations find monitoring of privacy/data protection practices of 3rd parties as the most challenging among GDPR tasks. – IAPP
34. Across all surveyed countries, the total amount of GDPR fines reported for the entire 20 months is a little over US$159 M (€144,866,145/£123 million). – Privacy Affairs
35. €28 was the smallest fine in the GDPR. This was meted to Google Ireland Ltd. On the other hand, the largest fine to date is €50,000,000. It was given to Google, Inc. in France.
36. 46% of respondent organizations in the US say that their top priority is “compliance beyond the GDPR), while only 30% of respondents in the EU claim it as their highest priority. IAPP
37. According to 52% of the respondents, they are more in control of their personal information because of the GDPR. – 2019 Cisco Consumer Privacy Survey
38. 47% claim to have notification fatigue. They say they are receiving an excessive amount of privacy-related notifications because of the GDPR. – 2019 Cisco Consumer Privacy Survey
39. 59% of the respondents claim they are more likely to exercise their rights over data because of the GDPR. – 2019 Cisco Consumer Privacy Survey
40. 87% of all organizations surveyed claim they incur delays in selling to their existing prospects or customers. The figures are considerably higher compared to the previous year. The delays of the least prepared organizations are almost 60% longer compared to the most prepared organizations. – 2019 Cisco Consumer Privacy Survey

Positive Returns on Data Privacy Investments for Companies

41. 97% of respondent companies are aware they are enjoying benefits like investor appeal or competitive advantage from their privacy investments. – 2019 Cisco Consumer Privacy Survey
42. The majority of organizations realize positive returns on their data privacy investments. More than 40% enjoy benefits that are no less than twice their spending for privacy and security. – 2020 Data Privacy Benchmark Study of Cisco
43. 82% of respondent organizations consider privacy certifications like Privacy Shield and ISO 27701 as a factor when choosing a vendor or product to buy in their supply chain. – Cisco 2020 Data Privacy Benchmark Study
44. The number of organizations that claim they receive considerable business benefits from data privacy (such as innovation, operational efficiency, and agility) has grown significantly. It is now more than 70%. – Cisco 2020 Data Privacy Benchmark Study
45. Of all respondent companies, 42% say their privacy investments paved the way for innovation and agility in their organizations. – 2019 Cisco Consumer Privacy Survey
46. Average annual privacy spending is estimated at US$1.2 million. – Cisco 2020 Data Privacy Benchmark Study
47. Among large companies (with at least 10,000 employees), the average annual expenditure for data privacy per year is $1.9 million. 2% of them spent over $5 million. – Cisco 2020 Data Privacy Benchmark Study
48. For small businesses with 250 to 499 employees, the average privacy spending is $800,000. 41% of these companies spend under $500,000. – Cisco 2020 Data Privacy Benchmark Study
49. Across all the companies that participated in the survey, the estimated average benefit of privacy spending is $2.7 million. Large organizations with at least 10,000 employees enjoy benefits estimated at $4.1 million, with 17% estimating a value over $10 million. Small businesses with 250 to 499 employees estimate their benefits at around $1.8 million. – Cisco 2020 Data Privacy Benchmark Study
50. The overall costs related to breaches are lower. Only 37% of GDPR-ready companies report losses of more than $500,000 for the past year. The least GDPR-ready firms comprise 64%. – Cisco 2019 Data Privacy Benchmark Study
51. 64% of all respondents think that privacy features or options are either “very important” or “extremely important” when considering buying their next computer, smartphone, and smart home device. – DuckDuckGo

Social Media Privacy

Social media has lately been under lots of scrutinies. The latest docudrama from Netflix, “The Social Dilemma”, dissects the harm done to consumers by the ads that fuel the industry. A primary factor behind the survival of many small businesses is social media. The question is, how does it affect users?

52. 79% of respondents say they have privacy-related settings adjusted on their social networking accounts or lessened their use of social media. – DuckDuckGp
53. Facebook has an 80% share of the social media market, while Google has a 90% share of the search engine market. GDPR: Is the end in sight for Facebook and Google, or is it a new data privacy paradigm?
54. 80% of people in social media are wary about advertisers and businesses that access the data they share on any social media platform. – VPNgeeks
55. Because of the Cambridge Analytics scandal, 73% of users in the US became more concerned about using their information on the net. 26% say that their concern is quite extreme, 22% are very concerned, and about 25% claim they are somewhat concerned. – eMarketer

Data Security Statistics

56. 41% of customers who responded don’t think companies and providers care about their data security. – Salesforce research
57. 84% of all respondents show more loyalty to companies that have robust security controls. This is according to Salesforce research.
58. Privacy and risk management concerns in digital transformation initiatives drove more spending on extra security services in 2020 for at least 40% of all organizations. – Gartner
59. 87% of European respondents say they consider cybercrime as a vital problem. This is from the 2019 EU Fundamental Rights Report.
60. Companies that haven’t deployed security automation experience breach costs that are 95% higher than breaches in companies with full automation deployment (average total cost of $5.16 million for breaches without automation against $2.65 million for full automation deployment. – This is according to research by IBM Ponemone Institute.
61. US data breaches are more expensive than in other countries. The average total cost is $8.19 million. This is more than twice the average globally. – Research by IBM Ponemone Institute
62. 71% of research participants currently use software that blocks ads, safeguards data privacy, or helps in controlling their web browsing experience. – Akamai Research

Data Privacy Statistics

63. From May 25, 2018 to January 27, 2020, 160,021 individual data breaches have been notified by companies to data protection monitoring authorities within the EEA. This is according to DLA Piper.
64. According to the University of Maryland, hacker attacks happen every 39 seconds.
65. Only 2% of companies that have breaches reported to supervisory authorities have received fines. – IAPP
66. The average data breach total cost is $3.86 million. – Research by IBM Ponemone Institute
67. The cost per lost record is $150. – Research by IBM Ponemone Institute
68. In 2019, the average time it took to identify a breach was 206 days, and another 73 days average time to contain it for 279 total days. This is 4.9% more compared to 2018. In 2020, 280 days was the average time for identifying a breach. – IBM Ponemone institute research
69. On average, breaches that have a lifecycle of more than 200 days cost $1.12 million more than breaches with under 200-day lifecycles. ($4.33M for 200+days vs. $3.21 M for <200 days.) – Research by IBM Ponemone Institute
70. From May 25, 2018 to January 27, 2019, an average of 247 breach notifications were recorded in the EU. From January 28, 2019 to January 27, 2020, an average 287 breaches were reported each day. The increase is 12.6%. This shows an upward trend in breach notifications. – DLA Piper
71. Among all breaches in 2019, 58% resulted from hacking incidents. This impacts 36.9 M patient records. – IAPP
72. 38% of respondents with organizations that must be GDPR-compliant reported a breach in 2019, compared to only 16% the previous year. 22% reported 11 or more. – IAPP
73. The majority of companies that report a breach claim have reported less than 5, but 22% say they have reported at least 10. – IAPP
74. In 2019, the US was the country with the highest average data breach cost of around $8.19 million. This continued in 2020, with the data breach cost going up to $8.64 million. – Research by IBM Ponemone Institute
75. The healthcare sector posted the highest breach cost average at $7.13 million. This is a 10.5% hike over 2019. – – Research by IBM Ponemone Institute
76. 52% of companies in the EU have made data breach notifications, versus 22% in the US. Firms based in the EU are more likely to notify lead authorities about data breaches. – Pew Research Center
77. The UK, Germany, and the Netherlands are the EU countries with the most number of reported data breaches for the 20-month period from May 25, 2018 to January 27, 2020 with 22, 181, 37,636, and 40,647, respectively. – DLA Piper
78. Through June 30, 3,813 breaches have been reported, with more than 4.1 billion records exposed. – Cyber Risk Analytics
79. Among organizations with definitively classifiable breaches, 67% came from the business sector, the medical sector with 14%, the government with 12%, and the education sector accounted for 7%. – Cyber Risk Analytics.
80. A total of 45,737 breaches have so far been reported. – Cyber Risk Analytics
81. The number of compromised emails is 3,366,253,764. – Cyber Risk Analytics
82. As of March 31, 2019, 1,903 breaches have been reported, with around 1.9 billion records exposed. – Cyber Risk Analytics
83. Up until March 31, 2019, 3 breaches have been exposed, with at least 100 million records exposed. Only one breach, however, made it to the list of the 20 all-time largest breaches. – Cyber Risk Analytics
84. Across the globe, organizations spend an average of $11.45 million annually in remediation costs in relation to insider data breaches. – Study by Proofpoint Cybersecurity.
85. The percentage of malicious attack-caused breaches increased from 42% in 2019 to 52% in 2020. The increase of 10 percentage points accounts for the almost 24% growth rate increase in the malicious attack-caused breaches. This is according to research by the IBM Ponemone Institute.
86. Around 52% of all incidents involved malicious attacks, versus 25% due to system glitches and 23% from human error. – Research by IBM Ponemone Institute.

What Customers Value

87. 73% of respondents say that trust in companies or providers matters more today than last year. – Salesforce research
88. According to 54% of customers, it is now more difficult for a company to earn their trust. – from Salesforce research
89. 89% say they are loyal to companies or providers that they trust. – from Salesforce research
90. Around 65% of respondents have refrained from companies because of distrustful acts. – from Salesforce research
91. 54% of participants say they will likely walk away from businesses that require highly personal data before customers can do business with them. These include phone numbers and emails. – Akamai research

Data Privacy & Data Security Stats

92. 70% of respondents associate transparency strongly with trust. – Salesforce research
93. Around 58% of respondents are comfortable with their relevant personal data being used beneficially and transparently. – Salesforce research
94. 63% of consumers claim that most companies lack transparency on how they use collected data. – Salesforce research
95. About half (48%) of the respondents refrained from buying or using providers’ services because of privacy concerns. – Salesforce research
96. According to 73% of customers, a provider’s ethics matters more now than last year. – Salesforce research
97. 80% of the survey participants say they would be comfortable in sharing their personal data with a brand directly to personalize marketing messages. However, only a few (16.7%) claim they would be fine sharing the same information through 3rd parties. – eMarketer
98. According to 30% of respondents, Amazon is the most trusted tech company. Google follows with 27%, Microsoft with 22%, and Facebook with 19%. Uber with 5%, Snapchat with 6%, and Witter with 8% are the least trusted. – Marketing Dive
99. 75% of respondents associate privacy strongly with trust. – Salesforce research
100. Around 72% of respondents claim they would stop buying or using a provider’s services because of privacy issues. – Salesforce research

Disclaimer

The stats on data security and privacy on this post were culled from different surveys and researches with varying numbers of organizations and subjects using various methods.

Sources

https://www.salesforce.com/news/stories/state-of-the-connected-customer-report-outlines-changing-standards-for-customer-engagement/

https://www.cisco.com/c/dam/global/en_uk/products/collateral/security/cybersecurity-series-2019-cps.pdf

https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/

https://www.pewresearch.org/our-methods/u-s-surveys/the-american-trends-panel