Close this search box.
AI-based solution designed to automate personal data discovery and classification
Discover personal data across multiple systems in the cloud or on-premise
Harbor cooperation between DPO, Legal Services, IT and Marketing
Turn data subject request into an automated workflow with a clear insight into data every step of the way
Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation
Guide your partners trough vendor management process workflow
Identifying the risk from the point of view of Data Subject
Quickly respond, mitigate damage and maintain compliance
Consolidate your data and prioritize your relationship with customers
Privacy portal allows customers to communicate their requests and preferences at any time
Introducing end-to end automation of personal data removal

Latest Blog posts

Learn the terms

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

100 Data Privacy and Data Security statistics

100 Data Privacy statistics for 2020

Trends in Data Protection

Do you know how organizations and companies handle personal data, who should be responsible for data privacy, or the potential cost of a data breach?

To give you a better idea, we compiled 100 Data Privacy and Data Security statistics, including GDPR statistics, consumer research, ROI, data breach statistics, and more.

We will let you draw your own conclusions. However, it seems these statistics show trends and positive movements in the privacy awareness of younger generations (61% of individuals who are active about their privacy are under 45).

Statistic about younger generation caring about their privacy (2)
Source: CISCO CYBERSECURITY SERIES 2019 -Consumer Privacy Survey

Privacy awareness will be one of the most significant developments, putting pressure on governments to implement data protection laws, dictating how companies will handle individuals’ data and what values they will have to incorporate to strive in the market.

However, there is still a long way to go. Some surveys indicated many individuals still do not know how to protect their data and show distrust in how their data is handled.

On the other hand, it seems companies investing in privacy programs are seeing benefits, like operational efficiency or agility. 40% are seeing benefits at least twice that of their privacy spend.

To recap, data privacy or information privacy concerns the proper handling, processing, storage, and usage of personal information. It is all about the rights of individuals with respect to their personal information.

Data security is focused on protecting personal data from unauthorized third-party access, malicious attacks, and exploitation. It is set up to protect personal data using different methods and techniques to ensure data privacy.

Combined, they create a data protection area. Read more about data privacy and data security definitions and explanations in Data security vs. data privacy - definitions and comparisons

Data Privacy Statistics

1. 84% of respondents indicated that they care about privacy, their own data, and the data of other members of society, and they want more control over how their data is being used. Of this group, 80% also said they are willing to act to protect it. Cisco Consumer Privacy Survey 2019

2. Among privacy-active respondents, 48% indicated they already switched companies or providers because of their data policies or data-sharing practices. Cisco Consumer Privacy Survey 2019

3. 79% of respondents said they are very or somewhat concerned about how companies use the data they collect about them, while 64% say they have the same level of concern about government data collection. Pew Research Center

4. 81% of respondents feel they have little or no control over the data collected. Pew Research Center

5. 46% of customers feel they’ve lost control over their own data.

Data Privacy and Data Security statistics who is responsible for data privacy
Source: Cisco Consumer Privacy Survey 2019

6. 45% of respondents indicated that the federal government is responsible for protecting data privacy. Cisco Consumer Privacy Survey 2019

7. 24% of respondents find the individual user responsible for protecting data privacy. Cisco Consumer Privacy Survey 2019

8. 21% of respondents find that companies should be responsible for protecting data privacy. Cisco Consumer Privacy Survey 2019

9. 43% of all respondents don’t believe they can adequately protect their personal data today. Cisco Consumer Privacy Survey 2019

Privacy Awareness in the USA

10. 63% of Americans say they understand very little about the current laws and regulations to protect their data privacy. Pew Research Center

11. 97% of Americans say they are ever asked to approve privacy policies. Yet, only about one in five adults say they always (9%) or often (13%) read a company’s privacy policy before agreeing. Some 38% of all adults maintain they sometimes read such policies, but 36% say they never read a company’s privacy policy before agreeing to it. Pew Research Center

12. 62% of Americans (roughly six in ten) believe it is impossible to go through daily life without companies collecting their data. Pew Research Center

13. 72% of Americans report feeling that all, almost all, or most of what they do online or while using their cellphone is being tracked by advertisers, technology firms, or other companies. Another 19% think some of what they do is being tracked. Close to half (47%) of adults believe at least most of their online activities are being tracked by the government. American Trends Panel

Data Privacy statistic- americans
Source: Pew Research Center

14. 81% of Americans think the potential risks of data collection by companies about them outweigh the benefits. Pew Research Center

15. 77% of Americans say they have heard or read at least a bit about how companies and other organizations use personal data to offer targeted advertisements or special deals or to assess how risky people might be as customers. Business news daily

16. 70% of Americans say their personal data is less secure than five years ago. Pew Research Center

17. Only 6% of Americans report that their data is more secure today than it was in the past. Pew Research Center

18. 79% of Americans are not confident about how companies will behave when using and protecting their personal data. Roughly seven in ten or more say they are not too or not at all confident that companies will admit mistakes and take responsibility when they misuse or compromise data. Pew Research Center

Data Protection laws

19. 107 countries (of which 66 were developing or transition economies) have put legislation in place to secure data and privacy protection. In this area, Asia and Africa show a similar level of adoption, with less than 40% of countries having a law in place. UN

20. 18% of countries have no data protection law implemented. UN

21. 59% of respondents said their organizations are currently meeting all GDPR requirements. 29% hope to be similarly ready by early 2020. Cisco Data Privacy Benchmark Study 2019

22. 9% of organizations said it would take over a year to prepare GDPR. Cisco Data Privacy Benchmark Study 2019

23. 3% of the respondents in our global survey indicated that they did not believe GDPR applied to their organization. Cisco Data Privacy Benchmark Study 2019

24. 47% of organizations updated website cookie policies, and 80% updated policies more than once over the past year. Techbeacon

25. The most difficult GDPR obligation for companies in 2019 was fulfilling the right to be forgotten. IAPP

Data Privacy and Data Security statistics
Source: IAPP-EY Annual Governance Report 2019

26. 47% of respondents said they trust companies that use their data more due to the GDPR. Cisco Consumer Privacy Survey 2019

27. 58% of European companies declared GDPR compliance as a top priority, whereas only 11% of U.S. respondents selected it as number one. IAPP

28. 93% of US IT decision-makers said they had at least taken some steps to comply with privacy regulations such as CCPA or the EU’s General Data Protection Regulation (GDPR). Egress survey

29. 35% of US businesses surveyed said they won’t be CCPA compliant by January 1, 2020, because they feel it’s too expensive to attain compliance. eMarketer

30. 90% of respondents report their firms rely on third parties for data processing, and the top method for ensuring vendors have appropriate data protection safeguards is “relying on assurances in the contract” (named by 94% of respondents). 57% use questionnaires, while only one in four conduct on-site audits. IAPP

31. 69% of registered DPOs from the EU hold the top privacy role for their firm. They often have direct reporting lines to the board of directors. IAPP

32. 56% of organizations named “locating unstructured personal data” the most difficult issue in responding to data subject access requests (including access, deletion, and rectification requests).

33. 36% of organizations said monitoring third parties’ data protection/privacy practices is the most challenging GDPR task. IAPP

34. The total reported GDPR fines for the full 20-month period across all countries surveyed was just over €144,866,145 (about US$159 million / £123 million). Privacy Affairs

35. The smallest GDPR fine of €28 was issued to Google Ireland Ltd., while the biggest is €1.2 billion to Meta. 20 biggest GDPR fines so far

Smallest and biggest gdpr fine

36. 46% of U.S. organizations named “compliance (beyond the GDPR)” as their highest priority, with only 30% of EU respondents selecting it. IAPP

37. 52% of respondents said they felt they had more control of their personal data due to the GDPR. Cisco Consumer Privacy Survey 2019

38. 47% expressed notification fatigue and said they receive far too many meaningless privacy-related notifications due to GDPR. Cisco Consumer Privacy Survey 2019

39. 59% of respondents indicated they feel they have a greater ability to exercise their rights regarding data due to the GDPR. Cisco Consumer Privacy Survey 2019

40. 87% of surveyed organizations reported they have delays in selling to existing customers or prospects, which is up significantly from last year. However, the least prepared organizations have average delays nearly 60% longer than those most prepared. Cisco Data Privacy Benchmark Study 2019

Positive Returns on Privacy Investments for Companies

41. 97% of companies recognized they were realizing benefits such as competitive advantage or investor appeal from their privacy investments. Cisco Consumer Privacy Survey 2019

competitive advantege from data privacy investments
Source: CISCO CYBERSECURITY SERIES 2019 -Consumer Privacy Survey

42. Most organizations are seeing very positive returns on their privacy investments, and more than 40% see benefits at least twice that of their privacy spend. Cisco Data Privacy Benchmark Study 2020

43. 82% of organizations view privacy certifications such as ISO 27701 and Privacy Shield as a buying factor when selecting a product or vendor in their supply chain. Cisco Data Privacy Benchmark Study 2020

44. The percentage of organizations saying they receive significant business benefits from privacy (e.g., operational efficiency, agility, and innovation) has grown to over 70%. Cisco Data Privacy Benchmark Study 2020

45. 42% of companies indicated that their privacy investments enabled agility and innovation at their companies. Cisco Consumer Privacy Survey 2019

46. The average annual privacy spend was US$1.2 million. Cisco Consumer Privacy Survey 2019

47. Among large enterprises (10,000 or more employees), the average annual privacy spend was $1.9 million, and 2% of these enterprises spent more than $5 million. Cisco Data Privacy Benchmark Study 2020

48. The average privacy spend of small businesses (250-499 employees) was $800,000, and 41% spent less than $500,000. Cisco Data Privacy Benchmark Study 2020

49. Across all companies in the survey, the average estimated benefit of privacy spend was $2.7 million. Large enterprises (10,000 or more employees) estimated their benefits at $4.1 million, and 17% placed the value at more than $10 million. Small businesses (250-499 employees) estimated their benefits at $1.8 million. Cisco Data Privacy Benchmark Study 2020

50. Overall costs associated with breaches were lower; only 37% of GDPR-ready companies lost over $500,000 last year vs. 64% of the least GDPR-ready. Cisco Data Privacy Benchmark Study 2019

51. 64% of respondents believe that privacy options or features are “extremely important” or “very important” when considering their next smartphone, computer, and smart home device purchase. DuckDuckGo

Social media privacy

Lately, social media is under much scrutiny, in the latest Netflix docudrama, “The Social Dilemma, explores the damages done to consumers by the advertising that fuels the industry. Social media is a key factor behind the survival of most small businesses, but how is it affecting users?

52. 79% of people have adjusted privacy-related settings on their social media accounts or reduced their social media usage. DuckDuckGo

data privacy statistics on social media
Source: DuckDuckGo Privacy research

53. Facebook owns 80% of the market share of social media platforms, and Google owns 90% of the market share of search engines. GDPR: The End of Google and Facebook or a New Paradigm in Data Privacy?

54. 80% of social media users are concerned about advertisers and businesses accessing the data they share on social media platforms. VPNgeeks

55. The Cambridge Analytics scandal made more than 73% of US users concerned about how their information was used on the internet. 26% stated they were extremely concerned, 22% were very concerned, and 25% were somewhat concerned. Emarketer


Data Security Statistic

56. 41% of customers don’t believe companies care about the security of their data. Salesforce research

57. 84% of customers are more loyal to companies with strong security controls. Salesforce research

58. Risk management and privacy concerns within digital transformation initiatives will drive additional security service spending through 2020 for more than 40% of organizations. Gartner

59. 87 % of Europeans said they consider cybercrime an important problem. EU Agency for Fundamental Rights: Fundamental Rights Report 2019

Source: Consumer Attitudes Toward Data Privacy Survey, 2018

60. Organizations that had not deployed security automation experienced breach costs that were 95% higher than breaches at organizations with fully deployed automation ($5.16 million average total costs of a breach without automation vs. $2.65 million for fully deployed automation). IBM Ponemone Institute research

61. Data breaches in the U.S. were more expensive than those in other nations, with an average total cost of $8.19 million (more than double the global average). IBM Ponemone Institute research

Data Privacy statistics
Source: Consumer Attitudes Toward Data Privacy Survey, 2018

62. 71% of respondents are currently using software that blocks ads, protects data privacy or otherwise helps control their web experience.

Data Breach Statistics

63. From 25 May 2018 to 27 January 2020, there have been 160,921 personal data breaches notified by organizations to data protection supervisory authorities within the EEA. DLA Piper

64. A hacker attack occurs every 39 seconds. University of Maryland

65. Only 2% of firms reported a breach to a supervisory authority have been fined. IAPP

66. $3.86 M average total cost of a data breach. IBM Ponemone Institute research

67. $150 cost per lost record. IBM Ponemone Institute research

68. The average time to identify a breach in 2019 was 206 days, and the average time to contain a breach was 73 days, for 279 days (a 4.9% increase from 2018). In 2020 the average time to identify a breach was 280 days.

69. On average, Breaches with a lifecycle longer than 200 days were $1.12 million more costly than breaches with fewer than 200 days ( ($4.33 million for 200-plus days versus $3.21 million for less than 200 days). 

70. For the period from 25 May 2018 to 27 January 2019, there were, on average, 247 breach notifications per day in the EU. From 28 January 2019 to 27 January 2020, there were, on average, 278 breach notifications per day (a 12.6% increase), so the current trend for breach notifications is upward. DLA Piper

71. 58% of the total breaches in 2019 resulted from hacking incidents, impacting 36.9 million patient records. IAPP


Cost of a data breach report in 2020
Cost of a Data Breach Report 2020

72. Among respondents whose organizations must comply with the GDPR, 38% have reported a breach this year (compared to just 16% in 2018), and 22% have reported more than 10. IAPP

73. Most companies reporting a breach say they’ve reported fewer than 5, although 22% have reported ten or more. IAPP

74. The United States had the highest country average cost of a data breach in 2019 in the amount of $8.19 million. Nothing changed in 2020, except that data breach costs went up in the U.S. and are now at $8.64 million on average.  IBM Ponemone Institute research

75. Healthcare continued to incur the highest average breach costs at $7.13 million – a 10.5% increase over the 2019 study. IBM Ponemone Institute research

76. 52% of EU companies have notified of data breaches, as opposed to only 22% of U.S. companies doing the same. EU-based firms are more likely than US-based ones to have notified a lead authority of a data breach. Pew Research Center

77. Among the EU countries, the Netherlands, Germany, and the UK had the most data breaches notified for the 20 months from 25 May 2018 to 27 January 2020, with 40,647, 37,636, and 22,181, respectively.DLA Piper

78. 3,813 breaches were reported through June 30, exposing over 4.1 billion records. Cyber Risk Analytics

79. Of the breached organizations that could be definitively classified, the Business sector accounted for 67% of reported breaches, followed by Medical (14%), Government (12%) and Education (7%). Cyber Risk Analytics

80. Forty-five thousand seven hundred thirty-seven breaches have been reported so far. Cyber Risk Analytics

81. 3,366,253,764 is a number of compromised emails. Cyber Risk Analytics

82. 1,903 breaches were reported through March 31, 2019, exposing approximately 1.9 billion records. Cyber Risk Analytics 

83. Till March 31, 2019, there have been three breaches exposing 100 million or more records. Despite this, only one new breach was added to the top twenty largest breaches ever. Cyber Risk Analytics

84. Organizations across the globe spend $11.45 million per year on average in remediation costs related to insider data breaches. Proofpoint cybersecurity study

85. The share of breaches caused by malicious attacks increased from 42% in the 2014 report to 52% in the 2020 report. This 10 percentage point increase represents a nearly 24% increase (growth rate) in the share of breaches caused by malicious attacks. IBM Ponemone Institute research

86. 52 % of incidents involved a malicious attack, compared to 25% caused by system glitches and 23% caused by human error. IBM Ponemone Institute research

What do customers value?

87. 73% of customers say trust in companies matters more than it did a year ago. Salesforce research

88. 54% of customers say it’s harder than ever for a company to earn their trust. Salesforce research

89. 89% of customers are more loyal to companies they trust. Salesforce research

90. 65% have stopped buying from companies that did something they consider distrustful. Salesforce research

91. 54% of respondents are highly likely to walk away from a business that requires them to provide highly personal data (such as email or phone number), to conduct business with them. Akamai Research

Data Privacy and Data Security statistics
Source: Akamai Research Consumer Attitudes Toward Data Privacy Survey

92. 70% of customers strongly associate transparency with trust. Salesforce research

93. 58% of customers are comfortable with relevant personal information being used transparently and beneficially. Salesforce research

94. 63% of customers say most companies aren’t transparent about how their data is used. Salesforce research

95. 48% of customers have stopped buying from a company/using a service due to privacy concerns. Salesforce research

96. 73% of customers say a company’s ethics matter more than they did a year ago. Salesforce research

97. 80% of respondents said they would be comfortable sharing personal information directly with a brand for the purposes of personalizing marketing messages. However, only 16.7% said they would be OK with sharing this type of information through third parties. Emarketer.

98. Amazon was the most-trusted technology company at 30%, followed by Google (27%), Apple (22%), Microsoft (22%) and Facebook (19%). The least trusted were Uber (5%), Snapchat (6%) and Twitter (8%). Marketing dive

99. 75% of customers strongly associate privacy with trust. Salesforce research

100. 72% of customers would stop buying from a company or using their service due to privacy concerns. Salesforce research

Watch the video:



Request a Data Privacy Manager demo

Let us navigate you through the Data Privacy Manager solution and showcase functionalities that will help you overcome your compliance challenges.

Scroll to Top