Privacy By The Numbers
This percentage of Americans say they often click “agree” without reading privacy policies.
What is 56%?
These small text files stored on a user’s device when accessing a website are called this.
What are cookies?
Personal data should not be kept longer than necessary, a concept known as this.
What is limited retention?
This type of social engineering attack uses fake emails, calls, or texts to trick victims into revealing sensitive information.
What is phishing?
This proactive approach integrates privacy safeguards during the design phase of a product or system.
What is Privacy by Design?
As of 2025, this many countries have enacted national data privacy laws.
What is 144 countries?
These cookies are essential for a website to function properly.
What are strictly necessary cookies?
This U.S. law requires financial institutions to maintain certain data retention periods.
What is the Gramm-Leach-Bliley Act (GLBA)?
Attackers often impersonate someone in power to exploit this human tendency.
What is authority?
This EU regulation mandates “data protection by design and by default.”
What is GDPR?
According to Cisco, this percentage of organizations say customers would not buy from them if they failed to protect data.
What is 94%?
Cookies that remain after closing the browser session are called this.
What are persistent cookies?
Regular deletion of outdated data reduces this type of risk and potential penalties.
What is compliance risk (or fines)?
This attack involves compromising a website frequently visited by a target group rather than attacking individuals directly.
What is a watering hole attack?
Limiting the amount of personal data collected to only what is necessary is called this principle.
What is data minimization?
In 2024, this many individuals’ protected health information was exposed or stolen.
What is 276,775,457?
Cookies may collect what type of data?
What is personal data?
When creating a retention policy, you should first document this about the data processing activity.
What is the purpose?
One way to reduce the success of social engineering is to enable this multi-step login security measure.
What is multi-factor authentication?
About this percentage of Americans believe privacy policies are ineffective at explaining how companies use data.
What is 61%?
Websites serving targeted ads must provide this functionality to users regarding ad targeting.
What is the ability to opt out?
Instead of deleting data, companies may render it unidentifiable through this process.
What is anonymization?
AI-driven impersonation of voices and faces is known as this.
What is deepfaking?