41 Data Privacy Statistics and Facts You Shouldn’t Ignore in 2024

Ali Qamar - Cybersecurity Analyst

Last updated: June 21, 2024

Read time: 26 minutes

This is an estimated reading time to let you know how long it will take you to read all the content on this particular PrivacySavvy.com page. However, it has a sneak peek, easy guide steps, and/or a quick list providing quick in-page navigations and easily-found answers if desired.

More and more users are becoming privacy savvy in this age, but many burning questions remain unknown to most. These data privacy statistics bring light to them.

THE TAKEAWAYS

From devising company policies to protecting personal and business data, ensuring privacy and security is inevitable in this digital era of cybersecurity. Cybercriminals have seemingly unlimited, unique ways to target anyone at any time, regardless of the victim’s stature, inflicting devastating financial and reputational losses. To ensure you can combat the existing threats, you must stay abreast with the latest global data privacy statistics.

There’s every reason to be concerned about digital privacy in this day and age. Is your company about to take a turn on its privacy policy? Are you worried about your personal information getting out there because of a data breach? Do you not trust so much the respect your government has for individual rights, especially in the digital arena? All those things and more are excellent reasons to educate yourself and become a privacy-savvy user. And the first step in that journey is learning about some vital privacy statistics you should have in mind for the rest of the newly started year (and life).

If you still haven’t learned about the relevance of protecting your data privacy online, we’d like to know where you’ve been! We would love to have a holiday in a spot that provides such a perfect degree of isolation!

But even if you already know that privacy matters, it’s still difficult to assess how far data collection can go and how much of your data needs protection. We hope to shed light on this regard by showing you many useful data privacy statistics and data and how their implications can reach you.

Fundamental concepts about privacy and data collection

Corporations and governments share very few values and interests. One of them is data collection. For companies, knowing more about potential customers increases their income. Governments can do a more effective job in the same way.
Social media is the internet’s data collection gold mine.
Data protection laws, as they are, are tepid attempts to cover the sun by using your finger. While they’re better than having nothing at all, they won’t protect you in any meaningful way — in other words: it’s your responsibility.
Theft of information is the bane of the age. Anyone can experience it.

Do you think that the universe that includes data collection, government surveillance and subpoenas, and identity theft is very far away from you? Think again. It’s right around the corner; you just haven’t run into it yet (and let’s hope you won’t). The good news is that there is hope for us all. You can take plenty of measures to protect yourself online, but choosing them correctly requires locating the hazards accurately.

The bare basics of data privacy facts

Whether you’re aware or not, you’ve authorized, implicitly or explicitly, many actors on the internet to gather data about you. Data privacy is in the way they handle that information. Allowing a company to have information about you is not necessarily terrible. It can be useful, and you should be safe if the company doesn’t misuse your information. But limiting those with any of your data and what they’ll do with it is also essential to data privacy.

My personal online data: How does it go?

Data collection is not the exception on the internet. It’s the rule. The great big rule! Wherever you go online, the chances are that somebody is paying attention to what you do and keeping a record of some kind. Anything from cookies to browser fingerprinting can end up spilling the beans on you. And why would anybody want to collect data on you, we hear you ask? Keep reading.

The main reason to gather your data is to know you well enough so that every website can serve you with advertising tailored to your taste. Of course, every website has a slightly different strategy, but that’s what they all want. For example, target ads provide you with things that will catch your eye more quickly, thus increasing the chances that you will click on the ad and have a look. Since incoming traffic in online stores is proportional to the site’s profits, this practice is entirely justified from a business point of view.

You could interpret the targeting ad strategy as a service to you! You are getting ads about things that could interest you without moving a finger! But, alas, things are never so simple. A proven marketing fact is that the more you see an ad, the more likely you will think about that product favorably. So these ads are akin to a brute-force attack on your mind. If you see the advertisement for X product often enough for a more extended period, you may buy it in the end, whether you need it or not.

Top privacy statistics – The quick list

We’ll dive deep into these facts and stats alongside many more statistics (right below this section), but below are the top 10 outstanding privacy statistics in our list:

Google tracks about 40% of the world’s traffic. So yes, Google practically wrote the book on data tracking and targeted ads. And it’s still the leading player.
49% of American users are willing to help with terrorism. While freedom and privacy are core values of the American experience, at least at the level of rhetoric, almost half of American internet users are happy to have their privacy infringed as long as they think it helps fight terrorism.
The wish to control personal data is not unanimous. For example, only 93% of American users wish to control their personal data.
Targeted ads increase the company’s revenue by 4%. The collection of user data is all about targeting ads at the corporate level. And it works. It can increase a company’s revenue by as much as 4%.
Almost half of the world’s websites use cookies. We hear so much about cookies and privacy that we’d think that they’re ubiquitous. But, in fact, only about 45% of the world’s websites use cookies.
Most internet users do enjoy having ads targeted to their interests. Targeted ads may seem intrusive as a matter of principle. But 84% of users say they like them better!
Only 3% of Americans have an understanding of digital privacy laws. Yes, it’s true. Even among intensive internet users, ignorance about privacy laws is overwhelming at 97%.
Identity theft is the main fear among users. 72% of internet users fear identity theft above any other problem they could have as internet users.
20% of the world’s governments still have no privacy or data protection laws.
83% of American users still use passwords that will get them hacked. A great majority of American internet users are still choosing the most unsafe passwords possible.

Top 41 data privacy statistics you definitely must know – The detailed list

Okay, so enough with the context. Now, we will show you an extensive list of privacy statistics that will help you understand how you’re under constant surveillance from every website you visit and that it’s not an innocent thing. After that, you should probably do something about it.

1. The portion of your traffic that gets tracked.

According to WhoTracks M.E., about 82% of the pages on the web include a third-party script provided by none other than Google itself. Furthermore, nearly half of these scripts aim to track you. So, do the math. Google tracks about 40% of the world’s web traffic. And we’re talking about a single corporation. So, if only Google does this, that shouldn’t be a big deal. Right?

2. Is Google the only corporation tracking user data?

Google practically invented tracking user data; that’s how they devised a viable business model to provide the world an otherwise free (and high-quality) service.

Google is the biggest tracker for sure, but many other corporations have also learned the trick. As a result, almost every single big-tech corporation in the world is tracking you in some way. Facebook, Twitter, and Microsoft are among the most famous offenders, but an extensive list is impossible to provide.

3. What is the purpose of collecting user data?

There are several ways in which a given corporation can turn your data into something profitable. But target advertising is, by far, the most common purpose. According to a Pew Research Center investigation, about 83% of American users have noticed that the ads they see are tailored for them specifically.

4. Is there any fair case to justify this data collection?

The Pew Research Center revealed that 49% of Americans had no problem with the government collecting personal details as long as it helped catch terrorists. On the other hand, only 25% told the Center that it was ok for smart-speaker makers to send their audio recordings with the authorities to help them fight crime.

So you see, this is an area in which having a good reason is not enough. Those who collect the data have to enjoy the public’s trust not to abuse their information.

5. Should you have the ability to control your personal data?

The same Pew Research Center report found that 93% of Americans thought that the ability to control those who can access their data matters. And while 93% is an overwhelming proportion, it’s even more so that it wasn’t unanimous!

6. And can you really control your personal data?

So, 93% of Americans thought it was essential to control personal data. And how many thought they had a fair degree of control over it? The answer was 9%. This seems to point to an environmental problem. Users know that they need to have a say in online privacy, but the current privacy laws and business practices do not guarantee that.

7. For how long should any organization store my data?

Half of the American population in the study thought advertisers should never store customer information. And then there’s the other half — those who are okay with it. These participants believed that the storage should last no more than a few weeks.

8. Is it important not to be monitored?

56% of Americans think that it is essential for them not to be monitored at work. It’s a clear majority but a relatively small percentage in a society that traditionally values individuality and freedom very highly. The American worker seems to trust their employer enough to allow for monitoring comfortably.

9. Are privacy laws any good?

It’s good to have privacy laws and restrictions within any jurisdiction. But any law is only as good as its implementation. So far, the general rules are better than nothing, but they’re still far from creating an overall safe environment for every digital user.

That being said, the Interactive Advertising Bureau reports that more than 50% of the corporations they consulted considered privacy laws the main hurdle against data collection and usage. So the current laws do have some effect on corporations, after all.

10. Do internet users trust privacy laws?

Yet another issue with privacy laws is the people’s trust. An Aikami study found that 66% of consumers wanted more legislation to develop laws like the GDPR (General Data Protection Regulation) of the European Union. However, about nine percent believed that this sort of low was pointless or even harmful.

The percentage of US adults with at least one social media account is 69%. However, only 47% trust the ability of those social media companies to protect their data. Nine percent said they were “very confident.” So, most users do not trust social media all that much.

Well, it seems that people, in general, do trust other corporations more than they do Social Media platforms, but not that much. For example, 81% of US adults thought their social media privacy wasn’t good. By contrast, 57% distrusted their texts, 58% feared their emails, and 31% mistrusted their landline communications.

13. What is the data that people entrust to companies?

95% percent of the people in the poll considered their social security number the most sensitive piece of information they could share (or not) over the web. After that, it was healthcare information (81%), physical location (81%), and the content of private communications. The last one could vary from 75% to 81%, depending on the specific media used.

The most neglected things were taste in media (31%), purchasing habits (41%), and religious and political views (45 and 51%). So they had little to no problem having that information about them online.

14. Are companies benefiting that much from consumer data?

Companies benefiting from consumer data — Expert observers estimate that post-consumer data collection activities increase companies’ revenue by 4%.

This is an excellent question to which no reliable answer is available. Unfortunately, the companies play this game very close to the chest, so they do not publish any statistics on this subject. However, expert observers estimate that the benefit to the companies is about 4% more revenue for the advertising platform. If 4% looks like a meager increase to you, think about giants like Amazon or AliExpress. That 4% translates into millions or billions of USD.

The key idea is that while our data is valuable online, it’s not valuable anyway. This could mean there is a way to prevent data collection after all.

15. Where are cookies used?

Cookies are the digital media’s major snitch. The servers that want your data use cookies mainly to find things about you. So you could think that you could increase your privacy very quickly by just doing away with your computer’s cookies. The problem is that it’s not so easy because cookies play a neuralgic role in today’s internet services.

W3Techs found that even if you keep your online activity to a bare minimum (not even logging in anywhere), about 40% of the websites you visit will use a cookie.

16. Do those cookies stay around for long?

The answer depends on the particular cookie of which you speak. Some disappear as soon as you leave the website that gave them to you. But that’s not the typical case. About 62% of all cookies (again, according to W3Techs) stay within your browser’s system files even if you leave the website. And they retain some information about what you did on that website, which other organizations can read as you visit their websites.

17. Is there any benefit for the consumer from these ads?

If targeted advertising has any genuine benefit for the consumers, it’s tough to quantify. For instance, we know that the practice increases revenue for advertisers by 4%, but how does it benefit consumers?

The jury is still out on this issue. The best thing we can say about this is that the Akamai investigation found that 84% of the internet users surveyed are pretty happy to have targeted ads served to them, as long as they retain some degree of control over the ads they get.

18. So, are targeted ads really more attractive to the user?

Yes. Targeted ads do get more user clicks. A 2016 IHS Markit study found that targeted ads get more clicks at a rate that can go from 5.3 to 10.8 times higher than traditional ads. This is especially true if the user has already clicked on some of the ads in the past.

19. So this should be good for the consumer, right?

People do prefer to have relevant ads shown to them for sure. But the practice isn’t just about increasing the probability of buying something. The Journal of Consumer Research found that targeted ads will affect your behavior, too.

The JCR study found that the participants would rate themselves as more outdoorsy, sophisticated, or environmentally aware because this or that ad came their way. So, your personal data can create a feedback loop that alters your actions. This power should never lie in the hands of any corporation.

20. And what about data breaches?

The risk of data breaches is another reason people worry about their data security. Data breaches are not everyday occurrences, of course, but when they show their ugly face, they can be nothing short of cataclysmic for those involved. For example, during the first half of 2018, the Gemalto breach level index reported 3.3 billion records lost.

Those three billion strikes made 2018 one of the worst years for data security in history — and it would probably be the worst indeed if the legendary 2013 Yahoo data breach had not happened.

21. What are the causes behind data breaches?

Companies collect your data to give you better ads and increase their revenue. But unfortunately, hackers and cybercriminals don’t have that business model. Instead, the primary motivation behind their actions is gathering the material they need to carry out identity theft.

From 2017 to 2018, the frequency of identity theft cases went down by a quarter. This trend suggests that stealing the data (causing the data breaches) is insufficient and that other ingredients in the recipe can’t be supplied by data breaches alone.

22. Can surveillance awareness change a person’s behavior?

Edward Snowden’s revelations prompted a revolution in privacy and surveillance awareness. But was it enough?

Among those who heard about Snowden at the time, about 34% did something to protect their online privacy. But 54% thought it was mainly out of their hands.

Currently, the available legislation doesn’t protect individual privacy by default. Therefore, it remains the personal responsibility of every user to become privacy savvy and act accordingly.

So, the world needs more and better privacy laws that can extend their protection to the less technologically advanced customers.

23. What about governments and their data requests?

So far, we’ve mentioned companies and criminals who’d like to keep an eye on your online activities. But they are not the only ones. Many of the world’s governments also want to get your data. The US government is very well known for its interest in citizen data –which is not to say it’s the only one. Unfortunately, governmental practices on data collection policies are far from transparent. It’s exceedingly difficult to find out what all the agencies are doing in this regard. But Apple’s transparency report suggests that the situation is horrible indeed.

If you don’t know what we are talking about regarding Apple, here it is: the Cupertino giant had 159,128 government requests to provide access to a device. 80.235 of those came from the US government — more than half.

Since iPhones and iPads are such close companions to their owners, the ability to read them could give away almost everything about them. That’s the death of privacy for those involved.

24. Why are some governments asking for so much data?

Governments don’t need much reason to ask for data. In most cases, they ask for the data because they can make things easier for them when they can get it. But they have some pretexts: stolen devices, fraud, and crime-fighting.

The world’s governments get their way on data requests in about 80% of the devices and about 90% of the accounts they request.

25. Can private parties request data for legal purposes?

Can private entities take data for legal purposes — Apple handed over data to private parties 31% of the time when requested legally.

Yes, private parties can also place data requests. For example, Apple’s transparency report said they had 202 submissions from private parties, of which 31% were granted.

Two hundred two requests are not many, especially given Apple’s general push regarding security.

It’s improbable for Apple’s behavior to be exceptional. In all probability, every tech giant will behave in the same general way in this regard. All of them will have to give away any customer data to the courts when ordered unless the company in question sticks to a zero-knowledge encryption policy.

26. How many people are trying to prevent data collection?

About 71% of internet users have adopted some kind of software solution to help their data remain private. They try to limit the power of third parties to keep gathering their information.

These software solutions include ad blockers, VPNs, Tor browsing, and others.

27. Two-thirds of US internet users have no idea about their country’s privacy and data protection laws.

A poll from June 2019 showed that about a third of the USA internet users have a good idea about the country’s privacy and data protection laws and regulations. 7% were very aware indeed.

28. Almost a tenth of US internet users believe that digital privacy is a fantasy.

This is a surprising fact. But as several internet users in the US answered the question of what digital privacy means to them, 9% responded that they didn’t believe it to exist, calling it a myth.

29. Only three out of every hundred Americans understand the current online privacy regulations.

The percentage of US-based internet users that understand their domestic privacy and security regulations is 3%.

63% have no idea whatsoever about this subject or do not understand those laws and regulations.

30. An overwhelming majority of internet users worldwide feel their control over their personal data is null.

internet users take on their data with companies — 80% of internet users worldwide believe once a company has their data, they lose control over it.

The fact that companies, corporations, and websites that give you their services online have access to your data is not a new thing at all. The news is on how the information is used.

A 2020 poll showed that four out of every five users globally think that once their data is in the hands of a corporation, whatever happens with it is beyond them.

31. Identity theft is the most worrisome problem for most US internet users.

In April 2019, a poll found that the biggest fear among US-based internet users is identity theft at a rate of over 70%. The second and third issues were stolen passwords and ignorance about what happens to their data.

32. Only one-third of the world’s users keep their passwords updated.

Password management is at the core of any personal effort for privacy protection. Passwords must be unique, strong, and you must change them regularly.

A poll in 2019 asked people about what they have changed in their online behavior over the last year. Unfortunately, only one-third of the participants said they kept their passwords freshly updated.

33. Leaving unwanted emails alone is the most common security measure in practice by the average user.

The most practiced security measure is avoiding opening emails from unknown senders. 45% of the world’s users have learned this lesson so far.

This is good news, for sure. Most of the worst worms and viruses in history went around the world through fraudulent emails that people kept opening, thus acquiring an infection. However, 45% is still less than half of the world’s users, so this method remains a global vulnerability.

34. Internet harassment has visited nearly half of the world’s digital denizens.

The internet has stalkers, and they are most effective when data protection measures are weak or wrongly implemented. Privacy data shows that online harassment has been a real problem for at least 44% of internet users. Most of these users are female.

Women are more likely to report this behavior (one in six) than men (one in 19).

35. About a fifth of the world’s jurisdictions still have no laws for data protection.

The push to have data protection laws is a relatively recent trend globally. Most of the laws available everywhere are little more than provisional placeholders waiting for an actually helpful law to come and replace it.

Most of the world’s countries have tried to move forward in this subject, even if in a minimal capacity. And that’s why it’s an astounding fact that even in 2023, 18% of the world’s jurisdictions have done absolutely nothing to regulate data protection.

36. Most Americans are still using unsafe passwords.

Here’s another statistic about passwords: 83% of American users still choose weak passwords.

We stated earlier how passwords are an essential component of online privacy. Unfortunately, most Americans still don’t get it. Pet names, their own names, birthdays, and dictionary words are still the dominant themes for most users.

What can we say? You’re still exposed until you decide to call your dog %E3cJL[h]=D4nvPj.

37. Financial information and data breaches.

Data breaches are rare events, but when they hit, they hurt. Statistics show that about 20% of people have had their financial information leaked to the world in a data breach. That’s one out of every five persons! It’s an exceedingly high percentage for a thing that’s supposed to be rare.

38. Seven out of every ten users in the US don’t know what a VPN does.

We’ve stated several times in this article that privacy protection is a personal responsibility, not your ISP’s or your government’s. It’s yours alone. An essential tool in this regard is using a good VPN service that keeps no logs on its users. And that’s why we wonder how much progress we can see in privacy protection when 70% of US internet users don’t understand what VPNs are or what they do.

39. An internet attack happens every 39 seconds.

Are you a fast reader? If your reading speed is average, supposing that an internet attack happened as you started to read this paragraph, then the next one will happen more or less by the time you’re finished with this section.

Security Magazine revealed that there is a new internet attack in the world every 39 seconds. Most of them are useless, amateurish, brute-force attacks that achieve nothing. But they’re still there.

40. Most malware infections start with an email.

The most common way for malware to expand worldwide is through email. For example, 92% of malware infections start with an infected email.

41. Cybercrime costs the world 1.138 billion USD every minute.

The world’s cyber criminals never rest. Their activities cost 1.13 billion USD every sixty seconds.

What is data privacy?

Data privacy concerns how corporations collect, use, and share the data they can squeeze out of you. In a perfect world, they’d be respectful of your privacy and only gather a minimal amount of information to keep their business going.

The world, however, is far from perfect. Knowing more about you gives businesses information about the advertising they should show you, thus increasing the probability that you will click on it and maybe even buy something. So don’t expect websites to start playing fair out of principle. It’s terrible for their bottom line. Your online privacy is your personal responsibility.

Why should anybody care about online privacy?

Nobody should care about online privacy because nobody wants to see their data and personal information falling into the hands of those who could harm them. Having your online privacy breached in any way could end up complicating, even ruining your life in unforeseen and unnecessary ways.

What are the biggest privacy threats on the internet?

Hackers, cybercriminals, and cyber attacks
Tracking your location using your phone’s GPS
Data you keep in cloud services
Cookies

Can I keep my online activities private?

Not really, if you wish for 100% anonymity. The only strategy that will ensure perfect online privacy is to stay offline at all times. And, of course, you can’t do that –neither can we.

However, you can do things to minimize the potential damage to your privacy. The first measure is to get a good VPN service that sticks to the zero-logs policy and whose track record in that regard has been tested successfully in the courts of law.

You can also stop using Google for your searches. DuckDuckGo, the most-used private search engine, is far less invasive in the amount of data it gathers on every search.

How can I protect my online privacy?

Protecting your online privacy starts with knowing that nobody cares about it except yourself. Then you need to understand that the prevailing laws in your country are probably useless. Your government isn’t taking any legal responsibility to protect you, and least of all, the online stores, social media sites, and other corporations. Protecting your privacy is your problem, and only you can take steps to do it.

Once you’ve understood the critical importance of your very own actions regarding privacy, there are some practical actions you can take to improve your situation:

Limit your social media engagement. Provide these websites with as little information as possible. If you can live without some of the social media accounts you currently hold, don’t hesitate to delete them immediately.
Get a VPN. Make sure it’s a top-notch provider with a strict zero-logs policy.
Educate yourself about the prevailing privacy laws in your jurisdiction.
Stay away from fishy websites.
Do not turn to a software of dubious origins.
Download and install a good antivirus suite.
Never open unwanted emails, least of all if they include attachments.

HTTPS as a trend in data privacy and security

Some of the statistics we’ve shown you so far are bad enough, and we wouldn’t blame anyone if they were worried about them. But there is progress in the world regarding security and privacy nevertheless.

The HTTPS protocol has gained widespread adoption very quickly, thus including encryption in about 70% of the world’s websites. This is good for privacy and anonymity, even if it’s in a single medium and only in a web portion.

What are the internet’s risks to my privacy?

The theft and manipulation of personal information such as health records or financial records.
Computer viruses can corrupt your data, damage your hardware, or halt your business.

Every website you visit can plant a cookie on your computer, thus acquiring the capability to track you. However, social media organizations have a lot more information on you than anybody else. That’s because you provide them with it and because the information they collect is complemented with mobile apps, not only web cookies. Also, most users spend more time on social media sites than in other places, reading a post or posting themselves, liking other people’s posts, searching for new contacts, and even giving away voluntarily vital personal information such as their age, gender, location, job, and much more.

Don’t forget that Facebook is not your friend (nor any other social media). They’re in business to make a buck, and they make that buck by making your information available to those commercial partners who can monetize it. And most users would never trust those retail partners, at least directly. Even if they don’t sell your data directly, FaceBook and others will use it to get you targeted ads.

But it doesn’t have to be like this at all. WT.Social, for instance, relies on donations to pay for its expenses instead of advertising. Unfortunately, this is an exception rather than a rule. Therefore, protecting your privacy from the world’s tech giants is your personal responsibility — do you see a thread emerging here?

American adults were present on social media platforms at a rate of 5% in 2005; as of 2018, that had risen to 69%, which is very significant. However, since more persons using any social media render that very media more useful to new users, the prevalence of users in these types of websites is a problem. Because the more people are there, the more that want to join. And social media are the bane of personal data protection. And leaving is problematic because it can make you isolated.

But companies love the user explosion in social media. The more users they get, the more they earn. Take Facebook. From Q4 2020 to Q4 2010, the number of users multiplied by 4.6. What about the revenue? It went up 43.5 times! And the bread and butter for Facebook’s tremendous increase in revenue were the targeted ads made possible through data collection.

Conclusion

Hiding our personal data online from governments, criminals, and corporations is a utopian thought as of now. And it won’t happen soon. But we are looking at some slow progress in this regard as new laws become enacted. Hopefully, future data protection laws will be good enough to protect even the most inexpert internet users. But until that day arrives, protecting your privacy is your responsibility, and there’s plenty you can do to help your case.

First of all, read the privacy policy of any company to whom you are giving your information. They’re doing nothing wrong if you agree to share that data with them, even unwittingly. Second, carefully review how many social media services you have used so far. Take a moment to think about them and see if you can do without one or several of them. Third, leave any social media sites you don’t need for whatever reason. Finally, clear your browser’s cookies regularly.

Another essential measure is to increase your privacy by adding a new layer of security. And that’s what a VPN will give you. Not any VPN, mind you. You need to pick a good VPN service (yes, of the paid kind) with a track record of sticking to a strict zero-logs policy.

But above all, wake up and smell the coffee! Enhancing your online privacy benefits nobody except for yourself. Consequently, nobody will lift a finger to help you protect that privacy, let alone the big tech giants, your government, and, least of all, the world’s hackers and cybercriminals.

If you are here, we assume that reading the material we publish daily is because you want to become privacy savvy. If that’s the case, the first thing you need to understand is this: protecting your privacy doesn’t start with understanding the technology, picking this or that piece of software to help with the task, or even subscribing to a VPN. Instead, it begins with assuming your own role as your privacy guardian.

Share this article