Hello! Yes, that's me, waving through your window. No, no, I'm only staring because I want to get to know you better! So I can send you cards and gifts that fit your previous behaviours. Wait, why have you shut the curtains?
If you relate more to the curtain-closer in that situation, you're not alone. In fact, 80% of people say they're willing to act to protect their privacy and personal data, according to the Cisco Consumer Privacy Survey.
But all this is about maintaining customer trust, whilst providing a personalised experience that doesn't involve you bringing up their first pet, mother's maiden name, and the colour of the t-shirt they're currently wearing.
So, in order to maintain that balance, it's important to understand the landscape. With changes in privacy regulations, increased consumer awareness of data leaks and misuse, and the death of the third party cookie, the space has become a bit of a marketing minefield.
Companies are beginning to feel the impact of this shift towards data privacy, with 97% saying they're planning to increase their spending on protecting consumer data.
Remember, marketers can be the custodians of a brand's image, so ignoring privacy concerns, or underfunding the process can have some bad effects. Studies have found that 8 out of 10 customers report they're willing to abandon a brand if their data is used without their knowledge.
Right, we've gone through the "why" to protecting data privacy. Now, let's look at the "what", "who", "when", and "how".
- 61% of individuals who are active about their privacy are under the age of 45
- 84% of respondents indicated that they care about privacy, care for their own data, care about the data of other members of society, and they want more control over how their data is being used.
- 48% indicated they already switched companies or providers because of their data policies or data sharing practices
- 79% of respondents said they are very or somewhat concerned about how companies are using the data they collect about them.
- 64% say they have the same level of concern about government data collection.
- 81% of respondents feel as if they have little or no control over the data collected
- 46% of customers feel they’ve lost control over their own data.
- 43% of all respondents don’t believe they can adequately protect their personal data today
- 93% of Americans considered it important to be able to control who could access their personal data.
- 86% of US citizens have attempted to somehow remove or decrease their digital footprint online.
- 21% of email and social media users have experienced a cyberattack at least once
- Around 81% of Americans express concerns regarding companies collecting private data.
- 92% of customers believe that a proactive approach can prevent customer data breaches. It's probably why more than 60% of Americans blame the company instead of the hackers when a data breach occurs.
- Only about 22% of Americans say they always (9%) or often (13%) read company privacy policies before agreeing to them
- 70% of American internet users are not sure what purpose a VPN serves
Data Protection Laws
- 45% of respondents indicated that they find the federal government responsible for protecting data privacy
- 24% of respondents find the individual user responsible for protecting data privacy
- 21% of respondents find that companies should be responsible for the protection of data privacy.
- The majority of consumers (40%) believe that their government should take the leading role in battling the cybercrime increase due to the COVID-19 pandemic.
- Just 3% of Americans say they understand how the current laws regulating online privacy in America today actually work.
- 107 countries (of which 66 were developing or transition economies) have put in place legislation to secure the protection of data and privacy. In this area, Asia and Africa show a similar level of adoption, with less than 40% of countries having a law in place
- 18% of countries have no data protection law implemented
- 59% of respondents said their organizations are currently meeting all GDPR requirements.
- 29% hope to be similarly ready by early 2020
- 3% of the respondents in a global survey indicated that they did not believe GDPR applied to their organisation
- The most difficult GDPR obligation for companies in 2019 was the fulfilment of the right to be forgotten
- The total reported GDPR fines for the full 20 month period across all countries surveyed was just over €144,866,145 (about US$159 million / £123 million)
- The smallest GDPR fine of €28 was issued to Google Ireland Ltd., while the biggest to this day is €50,000,000 issued to Google Inc. in France
Actions by Brands
- 47% of organisations updated website cookie policies, and 80% updated policies more than once over the past year
- 97% of companies recognized they were realizing benefits such as competitive advantage or investor appeal from their privacy investments
- The average annual privacy spend was US$1.2 million
- Among large enterprises (10,000 or more employees), the average annual privacy spend was $1.9 million, and 2% of these enterprises spent more than $5 million
- Most companies reporting a breach say they’ve reported fewer than 5, although 22% have reported 10 or more.
Threat of Inaction
- Internet privacy data statistics reveal that 6% of people who were victims of cyberattacks have suffered reputation damage as a consequence
- Cybersecurity statistics conclude that an internet attack takes place every 39 seconds on average
- 21% of email and social media users have experienced a cyberattack at least once
- Email accounts for 92% of all malware infections
- Organisations that had not deployed security automation experienced breach costs that were 95% higher than breaches at organisations with fully-deployed automation ($5.16 million average total costs of a breach without automation vs. $2.65 million for fully-deployed automation).
- Data breaches in the U.S. were more expensive than those in other nations, with an average total cost of $8.19 million (more than double the global average).
- A hacker attack occurs every 39 seconds.
- Breaches with a lifecycle longer than 200 days were on average $1.12 million more costly than breaches with a lifecycle of fewer than 200 days
- Among respondents whose organisations must comply with the GDPR, 38% have reported a breach this year (compared to just 16% in 2018), and 22% have reported more than 10.
- Organisations across the globe spend $11.45 million per year on average in remediation costs related to insider data breaches
Social Media Privacy
- While 69% of U.S. adults hold social media accounts, only 47% of social media users were confident in the ability of these companies to protect their data.
- As only 9% put the highest “very confident” rating, users clearly don’t trust these companies with their most sensitive data
- Not only are social media companies some of the top data collectors, but a 2014 study by the Pew Research Centre found that 81% of U.S. adults felt their social media privacy wasn’t secure.
- This is compared to 58% who felt their texts were insecure, 57% who felt their emails were insecure and 31% who felt their conversations over a landline were insecure
- 79.2% of people have adjusted privacy-related settings on their social media accounts or reduced their social media usage.
- Almost a quarter of people surveyed have "deleted or deactivated a social media profile due to privacy concerns."
- Among those who deleted or deactivated a social media account, over a quarter reported they have deleted or deactivated their Twitter and Instagram accounts. And even those who haven't gone that far have made other adjustments:
- 1% removed personal information or posts that they didn’t want the network or others to see.
- 0% made their profile completely private.
- 8% stopped adding location tags to their posts.
- 2% changed which data they allow the network to collect and share about them.
- 6% have used a password manager.
- 3% have used the (DNT) setting in their web browser.
- 1% have used a (VPN) for non-work related Internet usage.
- 1% have used a .
- 64% of respondents believe that privacy options or features are "extremely important" or "very important" when considering their next smartphone, computer, and smart home device purchase.
- A Pew Research Centre study found that of the Americans who knew about the “personal profiles” that companies create, 83% of them had seen targeted ads either “occasionally” or “frequently.”
- Half of American adults said that online advertisers shouldn’t store any information on their customers.
- However, of those who were OK with some personal data being stored, most believed they should only store this data for a few weeks at most
- 48% of Americans think they have no control over their online privacy and security regarding the search terms they use.
- 95% of US online consumers don’t trust online shopping ads and recommendations.
This post is part of our Martech stats series, which compiles key data and trends. Others include: