Privacy By The Numbers
This percentage of Americans say they often click “agree” without reading privacy policies.
What is more than half or 56%?
Small text files stored on a user’s device when accessing a website are called this.
What are cookies?
This principle of Privacy by Design ensures privacy is considered from the start, not as an afterthought.
What is “Proactive not reactive; Prevent not remediate”?
This type of social engineering attack uses fake emails, calls, or texts to trick victims into revealing sensitive information.
What is phishing?
Personal data should not be kept longer than necessary or as required by law, is a concept known as this.
What is limited retention?
As of 2025, this many countries have enacted national data privacy laws.
What is 144 countries?
These cookies are essential for a website to function properly.
What are strictly necessary cookies?
This EU regulation mandates “data protection by design and by default.”
What is GDPR?
Attackers often impersonate someone in power to exploit this human tendency.
What is authority?
Regular deletion of outdated data helps ensure less information is obtained during what situation?
What is a data incident or breach?
This percentage of organizations say customers would not buy from them if they failed to protect data.
What is 94%?
Cookies that remain after closing the browser session are called this.
What are persistent cookies?
If personal data will be processed either by the application or in related services, this assessment can help determine privacy risks.
What is a Record of Processing Activity (RoPA)?
This attack involves compromising a website frequently visited by a target group rather than attacking individuals directly.
What is a watering hole attack?
Adhering to personal data deletion and retention requirements minimizes this type of risk.
What is non-compliance with applicable laws and/or customer contracts?
In 2024, this many millions of individuals’ protected health information was exposed or stolen.
What is over 2 million or (276,775,457)?
Cookies may collect what type of data?
What is personal data?
This question helps determine if data is being lawfully processed.
What legal basis are we relying on to process the data?
One way to reduce the success of social engineering is to enable this login security measure.
What is multi-factor authentication?
When creating a retention policy, you should first document this about the data processing activity.
What is the purpose?
About how many out of 10 Americans believe privacy policies are ineffective at explaining how companies use data.
What is 6/10 (or about 61%)?
Our websites serving targeted ads must provide this functionality to users regarding ad targeting.
What is the ability to opt out?
This principle helps ensure that users can manage their own data and exercise their rights easily.
What is “Respect for user privacy – Keep it user-centric”?
AI-driven impersonation of voices and faces is known as this.
What is deepfaking?
Instead of deleting data, companies may render it unidentifiable through this process.
What is anonymization?