26 Data Privacy Statistics to Keep in Mind When Updating Your Program

Consumer sentiments, policies, and practices around data privacy are always changing. For a quick snapshot, here are a few recent statistics.
Media - Anthony Gagliardi

by Tony Gagliardi

June 27, 2022

There’s no doubt that data privacy has become a hot topic these past few years. 

With new data privacy legislation across the globe and general confusion around data collection brought on by the pandemic, businesses are placing privacy and security at the forefront of their operations. 

To give you a snapshot of the current state of data privacy, we compiled some key highlights from recent consumer surveys and reports. From consumer sentiments, business trends, and new legislation, these insights may come in handy if you’re looking to implement or update your privacy program to meet compliance requirements.

What is Data Privacy?

Data privacy refers to government and industry regulations around the collection, storage, and dissemination of personal information. It also encompasses general public sentiments and expectations on how private companies, organizations, and state and federal governments should handle privacy. 

When comparing it to data security, think of security as the ways in which you protect your organization’s data. And privacy, as how you store, use, and share the data you collect.

Consumer Sentiments on Privacy


Consumers have become increasingly concerned over how their personal data is being used and shared. 

Here are a few key insights: 

1. Nearly 46% of consumers surveyed feel that they’re unable to effectively protect their personal data (Cisco). 

2. 86% of consumers surveyed say they care about data privacy and want more control over their data (Cisco). 

3. 47% of consumers who stay up-to-date on data privacy issues said they have switched companies or providers over their data policies or sharing practices (Cisco). 

4. 25% of consumers have inquired about the data companies have about them while 17% have requested for that data to be changed or deleted (Cisco).

5. Roughly 6 in 10 Americans don’t understand how organizations use the data collected from them (Pew Research Center). 

6. About 63% of Americans believe it’s not possible to go about their day without having their data collected by companies or the government (Pew Research Center). 

7. 1 in 4 Americans say they agree to a data privacy policy at least once a day (Pew Research Center). 

8. 72% of consumers surveyed believe organizations have a responsibility to use AI responsibly and ethically (Cisco). 

9. 49% of consumers surveyed indicated a loss of trust for companies using AI to make decisions based on personal information collected (Cisco). 

10. Over 50% of consumers said they trust companies that only ask for information that is relevant to their product (McKinsey & Company).

Consumer Sentiments on Privacy Legislation


Each year, consumers are expanding their knowledge on data privacy laws and even taking action to better protect their information—forcing governments and companies to follow suit. 

Here’s how consumers feel about privacy legislation:

11. 53% of respondents believe national or local governments should play the primary role in protecting individuals’ personal data (Cisco).  

12. 43% of surveyed consumers in the countries with national or multinational privacy laws were aware of these laws (Cisco).

13. 60% of people aware of data privacy laws (like GDPR) view them favorably (Cisco).

14. 75% of Americans believe there should be more regulation on what companies can do with their personal data (Pew Research Center).

15. 128 out of 194 (64%) countries have implemented legislation to secure the protection of data and privacy (UNCTAD). 


New business obligations outlined in recent privacy laws and regulations—in addition to the massive amount of cross-border data collected by organizations—have created some pain points for teams and professionals around the world. 

From budget and headcount changes to plain confusion and frustration around privacy, here are some interesting things to note: 

16. 6 in 10 professionals said that their company isn’t “completely compliant” with applicable data regulations like GDPR, CCPA, and CDPA (Business2Community).

17. Nearly 45% of professionals said their companies have added or changed their marketing technology to comply with applicable data regulations (Business2Community). 

18. Nearly 25% of professionals said they weren’t sure if their company fell under the jurisdiction of privacy regulations like GDPR, CCPA, and CDPA (Business2Community). 

19. 40% of professionals said their companies have implemented double opt-in consent (Business2Community). 

20. On average, organizations spend $873,000 on privacy per year with the median being $350,000 (IAPP). 

21. 60% of security professionals expect their security budgets to increase within the next 12 months (IAPP). 

22. 20% of professionals said they’ve changed their email service provider to stay compliant with GDPR (Business2Community). 

23. Next to data breaches, the second most reported topic by privacy teams to their board is the organization’s level of compliance with privacy and data protection laws (IAPP). 

24. 3 in 4 privacy teams rely on automation technology for privacy-related responsibilities (IAPP). 

25. Security professionals said that privacy work accounts for 76% of their time at work (IAPP). 

26. Nearly 45% of organizations plan on hiring one or two privacy professionals within the next six months (IAPP). 

Making Changes to Your Privacy Program

If you’re looking to implement a privacy program or improve your current one, we recommend you start by: 

  • Identifying the regulations that apply to your business.

  • Understanding your business obligations.

  • Identifying the obligations you already comply with and those you don’t.

  • Implementing key policy and operational changes that will help you meet those obligations. 

Building privacy programs and teams that run like a well-oiled machine will take time, testing, and a desire to learn (indefinitely). But staying on top of consumer, business, and policy trends around privacy can help you take a more proactive approach and keep you in compliance.

Trusted Newsletter
Resources for you
CCPA Compliance 101 Everything You Need to Know

CCPA Compliance 101: Everything You Need to Know

What is a HIPAA Violation + Common Mistakes and Fines

What is a HIPAA Violation? + Common Mistakes and Fines


What is Vulnerability Scanning? + Frequently Asked Questions

Media - Anthony Gagliardi
Tony Gagliardi
Tony Gagliardi is Manager of Compliance Advisory Services at Drata. He advises customers on building sound cybersecurity risk management programs that meet security compliance requirements. Tony is a Certified Information Systems Security Professional (CISSP) specializing in GRC, SOC 2, ISO 27001, GDPR, CCPA/CPRA, HIPAA, various NIST frameworks and enterprise risk management.
Related Resources
CCPA Compliance 101 Everything You Need to Know

CCPA Compliance 101: Everything You Need to Know

What is a HIPAA Violation + Common Mistakes and Fines

What is a HIPAA Violation? + Common Mistakes and Fines


What is Vulnerability Scanning? + Frequently Asked Questions