From massive breaches like Equifax, Yahoo, and Marriott to countless smaller incidents that never make the news, it’s clear that no company is too big to be hacked.
Internet users are more concerned about their data than ever before—and for good reason.
Every app we download, every social platform we join, and every website we visit quietly collects details about who we are and how we live.
While governments race to pass laws aimed at protecting personal information, breaches still happen at a pace that’s hard to ignore.
These data privacy stats reveal the current state of data privacy in 2025 and what the future may hold.
Top Data Privacy Stats
Keeping personal information safe has become a big concern for people and businesses everywhere. The way data is collected, shared, and stored is changing quickly, and new issues keep coming up.
Looking at the latest numbers helps show where things are headed and what’s most important right now.
Here are the top data privacy stats you need to know.
1. Nine out of ten Americans say online privacy is important to them, and one in four are asked to agree to a privacy policy every single day.
2. 94% of companies believe customers wouldn’t buy from them if they didn’t protect personal data properly.
3. Around 78% of people think they make the right choices to protect their information, but 61% feel their efforts don’t make much difference. Only one in five trusts others to handle their data responsibly.
Many trust themselves to make the right data privacy decisions but also think their actions doesn’t matter
4. More than half of Americans admit they often click “agree” without reading privacy policies, while 22% sometimes do this, and 18% rarely or never do.
5. 95% of companies say investing in data privacy is worth the cost, with most seeing about 1.6 times the return on what they spend. Nearly a third see double the return.
6. 45% of Americans have had their personal information stolen or exposed in a data breach in the past five years.
7. By 2025, cybercrime could cost the world $10.5 trillion a year, growing by 15% annually.
Cybercrime is projected to cost $10.5 trillion by 2025
8. Free apps are four times more likely to track user data than paid apps.
9. Fewer than one in four American smartphone users feel in control of their personal data online.
10. According to Keywords Everywhere, searches for “data privacy” on Google average 49,500 a month, which is up more than 36% from last year. This is likely fueled by new technology and AI.
Consumer Attitudes and Behaviors Around Data Privacy
Do people care about how their personal details are used online?
More than ever. Many are changing the way they use the internet, avoiding companies they don’t trust, and finding ways to protect themselves.
This shift is changing how businesses treat their customers. Below are the data privacy stats that show how consumers think and act today.
11. 71% of consumers say they would stop buying from a company if it mishandled their sensitive data.
12. In the U.S., people trust healthcare and financial services the most when it comes to protecting personal data, while media and entertainment rank among the least trusted industries.
13. In the UK and Spain, three out of four adults think tech companies have too much control over their personal data. Older generations feel this more strongly—70% of Baby Boomers agree, compared to 59% of Gen Z.
Consumers feel that Tech companies have too much control over their data
14. People are most comfortable with brands collecting purchase history (80%), personal preferences they’ve provided (77%), and basic demographic details (67%).
15. Far fewer think it’s okay for brands to collect browsing history (34%), job and financial details (29%), or personal health information (27%).
16. Around seven in ten Americans feel overwhelmed by the number of passwords they need to remember, and 45% worry about whether their passwords are strong enough.
17. 77% of Americans have little or no trust that social media company leaders would admit mistakes and take responsibility for data misuse. 71% also doubt these leaders would be held accountable.
Americans don’t trust social media leaders to handle data responsibly
18. Across 12 countries, 47% of adults have ended relationships with companies over data privacy concerns—33% left social media platforms, 28% switched internet providers, and 23% left phone companies.
19. 58% of users say they’d share some personal data if it meant avoiding paying for online content.
20. Almost nine in ten Americans worry about social media sites having personal information about children. A similar share is concerned about advertisers using children’s online activity for ads (85%) and online games tracking kids’ activity (84%).
Americans are concerned about social media apps knowing personal information about children
Business Data Privacy Practices and Challenges
For companies, protecting customer information is not just about following rules—it’s about earning trust.
But it’s not always easy. Many still face problems like old systems, limited budgets, and new security threats.
The following data privacy stats explain where businesses are doing well and where they’re falling behind.
21. 94% of businesses believe it’s possible to collect data for marketing while still respecting customer privacy.
Majority of businesses believe they can achieve a balance between data collection and customer privacy
22. For 88% of people, whether they share personal data depends on how much they trust a company.
23. 63% of users think most companies are not open about how they use personal information.
24. Three in four Americans believe there should be stronger laws to stop companies from collecting consumer data without consent.
25. 60% of users say they’d spend more money with a company they trust to handle their personal data well.
26. 86% of consumers are happy to share their email address with businesses in exchange for a personalized experience or extra perks.
Consumers are willing to share data in return for personalization
27. 79% of Americans are wary of how businesses handle personal information, and 66% say they would completely lose trust in a company that suffers a data breach.
28. 91% of business owners say that listening to customer privacy concerns helps build trust, suggesting that privacy-focused business models could become more common in the future.
29. The global market for data privacy software is about to grow from $2.76 billion in 2023 to $30.31 billion by 2030.
30. 79% of corporate leaders say privacy laws have helped their organizations succeed, while only 6% say the impact has been negative.
Data Privacy Laws and Compliance Stats
Privacy laws now shape how personal information is collected and used in many parts of the world.
From Europe to the United States, new rules are forcing businesses to change the way they handle data. Breaking these rules can lead to big fines and public backlash.
Here are the top data privacy stats on law and compliance.
31. 79% of countries worldwide now have data protection and privacy laws in place, another 10% have draft laws, 5% have no available data, and 16% have no such laws at all.
Countries with legislation in privacy and data protection
32. 60% of people who are aware of privacy laws like GDPR view them positively, and 62% of people in the UK say they feel safer sharing their data since GDPR took effect.
33. 47% of organizations have updated their privacy policies to meet GDPR and other regulations, and 80% have made multiple updates in just the past year.
34. Since January 2025, three organizations have been fined under GDPR for transferring data outside the EU. The largest fine—1.2 billion euros—was given to Meta Platforms Ireland Limited by Ireland’s Data Protection Commission.
35. Spain has issued the most GDPR fines (923 fines worth 96 million euros), followed by Italy with 397 fines and Germany with 203 fines.
36. Inquiries about personal data are most common in India (49%), followed by Mexico (37%) and Brazil (36%).
Consumers requesting changes or deletion to their data by country
37. 82% of companies consider privacy certifications such as ISO 27701 and Privacy Shield when choosing products or vendors.
38. Over 4 in 5 U.S. voters support the American Data Privacy and Protection Act’s measures, including:
- banning the sale of data without consent (87%)
- limiting the type of data companies collect (86%)
- increasing online privacy protections for children (86%)
- giving people the right to sue after breaches (82%)
39. The cost of complying with California’s CCPA is expected to total between $467 million and $1.64 billion from 2020 to 2030.
40. 78% of companies follow a privacy framework or regulation to manage data protection. The most common are GDPR (53% globally, 78% in the EU), the NIST Privacy Framework (44% globally, 61% in the U.S.), ISO/IEC 27002:2013 (35%), ISO/IEC 27701 (30%), and COBIT (27%).
41. 28% of consumers have used their legal rights to access or manage their personal data, with younger people being the most active.
Consumers exercising data subject access
42. In June 2024, 81% of internet users in China were aware of privacy laws, compared to 73% in France and 66% in Mexico. The average awareness rate across surveyed countries was 53%.
43. Increased privacy standards have raised the costs of international data sharing for about 35% of U.S. companies and 40% of UK companies.
44. In January 2025, the U.S. implemented four major data privacy laws protecting different sectors: federal agencies (Privacy Act of 1974), healthcare (HIPAA, 1996), children (COPPA, 1998), and the financial sector (GLBA, 1999).
45. By February 2025, 19 U.S. states had enacted their privacy laws, all requiring businesses to notify customers about how their data is used.
Mobile, AI, and Emerging Technology Privacy Stats
The way technology collects information has changed dramatically, and much of it happens in the background without people even realizing.
Smartphones track location, apps collect habits, and new tools learn patterns about how we live and work. These advances can be very helpful but also raise new questions about how much privacy we’re willing to give up.
Let’s look at the data privacy stats on mobile use and emerging technology.
46. Nearly 90% of iOS apps (about 1.77 million) track private user data, and 35% (around 699,525) use data that is directly linked to individual users.
47. Around 20% of iOS apps (394,558) can access a user’s background location, while 17% (337,991) use data specifically to track people.
48. Free apps are four times more likely to collect personal data than paid ones—only 13.62% of paid apps collect user data compared to 54.97% of free apps.
Free and paid apps that collect data
49. In the U.S., only 23% of smartphone users feel they have control over their personal data, and 40% worry about how companies might use it.
50. 57% of people worldwide see the use of AI in collecting and processing personal data as a serious privacy risk.
51. Seven in ten U.S. adults say they have little or no trust in businesses to make responsible decisions about how they use AI in their products.
52. 15% of employees regularly paste company data into ChatGPT, and over a quarter of that information is considered sensitive.
Data pasted into GenAI by employees
53. 48% of organizations have entered non-public company information into generative AI tools.
54. Companies that fully use AI-driven security and automation see average data breach costs of $3.6 million—about $1.76 million less than companies that don’t use these tools.
55. According to Gartner, by 2025, 60% of large companies will use at least one privacy-enhancing computation (PEC) technique in analytics, business intelligence, or cloud computing to protect data while it’s being used.
Data Breach and Cybersecurity Impact Stats
Every time there’s a major data breach, the headlines focus on the numbers—millions of accounts stolen, financial losses, and the scale of the attack.
In 2017, the famous Equifax breach exposed the personal information of over 147 million Americans, leaving many vulnerable to identity theft for years after.
But behind those figures are real people dealing with fraud, damaged credit, and a loss of trust in companies they once relied on.
The following stats show the real impact of data breaches and security threats.
56. In 2022, 422 million people were affected by an average of 4.8 data breaches per day.
57. 1,560 breaches exposed victims’ names, 1,143 exposed Social Security numbers, 565 exposed home addresses, 465 exposed medical histories, and 443 exposed bank account numbers.
58. The largest data breach in history happened in 2020, when an attack on adult site CAM4 exposed over 10 billion records, including names, emails, sexual orientations, chat transcripts, and IP addresses.
59. The average global cost of a data breach is just over $4 million, but in the U.S., it jumps to $9.44 million.
Average cost of a data breach in 2025
60. 45% of Americans have had their personal information compromised in the past five years.
61. 71% of employees worldwide admit to sharing sensitive or business-critical data through instant messaging and collaboration tools, including client information (13%), HR issues (10%), contracts (10%), and business plans (10%).
62. 82% of breaches affect data stored in the cloud, and 39% span multiple environments, costing an average of $4.75 million.
63. 32% of cyber incidents involve data theft and leaks, showing more attackers are stealing and selling data instead of encrypting it for ransom.
64. On average, it takes organizations 204 days to detect a data breach and another 73 days to fully contain it.
Days to identify and contain a breach
Conclusion
People are more aware than ever of how much personal information they share, yet protecting that data isn’t always straightforward.
Every single click online can leave behind a trail of your valuable details that could be misused if it falls into the wrong hands.
Governments and organizations around the world are stepping up with stricter privacy laws and better security measures.
The real test will be seeing how these efforts evolve—and whether they can keep up with the growing threats to data privacy.