Key Takeaways
- In 2023, there were 3,205 confirmed data breaches in the United States, exposing over 353 million personal records according to the Identity Theft Resource Center.
- IBM's 2023 Cost of a Data Breach Report states the average global cost of a data breach was $4.45 million, up 15% over three years.
- Verizon's 2023 Data Breach Investigations Report analyzed 16,312 security incidents, with 5,199 confirmed data disclosures across 94 countries.
- 71% of Americans worry about data privacy according to Pew Research Center's 2023 survey.
- 81% of US adults say they have little to no confidence in companies protecting their data per Pew 2023.
- 64% of consumers have changed their online behavior due to privacy concerns per Pew 2023.
- NSA collected 534 million US phone records in 2012 per Washington Post.
- PRISM program accessed data from 9 tech giants, revealed by Snowden in 2013 per EFF.
- FBI used Section 702 to search Americans' data 3.4 million times in 2022 per ODNI.
- 73% of Fortune 500 companies share data with 100+ third parties per Privacy International 2023.
- Meta collected data on 658 million non-users via tracking pixels 2023 per Tilison.
- Amazon shares Ring footage with 2,000+ police depts, no warrants needed.
- CCPA complaints reached 1,200 in 2023, up 300% per CA AG.
- GDPR fines totaled €2.7 billion by 2023 per EDPB.
- US states passed 12 new privacy laws by 2024 per IAPP.
Data breaches are surging as both companies and governments compromise personal privacy.
Corporate Practices
- 73% of Fortune 500 companies share data with 100+ third parties per Privacy International 2023.
- Meta collected data on 658 million non-users via tracking pixels 2023 per Tilison.
- Amazon shares Ring footage with 2,000+ police depts, no warrants needed.
- Google stores location data for 59% of users despite deletions per AP 2023.
- TikTok parent ByteDance accessed US user data 700+ times 2022 per Forbes.
- Microsoft tracked Bing chats despite privacy mode 2023 per Mozilla.
- 96% of apps request unnecessary permissions per 2023 AppCensus report.
- Apple shares iCloud data with China under local laws 2023 per Reuters.
- Zoom encrypted calls but stored metadata for 90 days 2023 policy.
- Uber shares precise location with third parties 1,000+ times daily per 2023 privacy audit.
- Netflix tracks viewing habits across 270 million subs for ads 2023.
- Salesforce customers' data sold to 100+ brokers per 2023 investigation.
- Adobe Flash successor tools track 80% of web video views 2023.
- Twitter (X) under Musk shared data with govts 13,000+ times 2022 transparency.
- LinkedIn sells profile data to 200+ recruiters via APIs 2023.
- 87% of top 1 million sites use Google Analytics/Fonts tracking 2023.
- Verizon sells customer location data to bounty hunters 2023 per NYT.
- Disney+ collects biometric data from voice for 150 million subs 2023.
- Spotify shares listening data with 100+ labels for 600 million users.
- Home Depot app tracks in-store movements via WiFi 2023.
- Walmart uses 1 million+ cameras tracking 150 million weekly shoppers.
- Target predicts pregnancies from shopping data for 100 million customers.
- 40% of apps monetize data via sales to brokers per Gartner 2023.
Corporate Practices Interpretation
Data Breaches
- In 2023, there were 3,205 confirmed data breaches in the United States, exposing over 353 million personal records according to the Identity Theft Resource Center.
- IBM's 2023 Cost of a Data Breach Report states the average global cost of a data breach was $4.45 million, up 15% over three years.
- Verizon's 2023 Data Breach Investigations Report analyzed 16,312 security incidents, with 5,199 confirmed data disclosures across 94 countries.
- In the first half of 2023, over 2,600 data breaches occurred in the US, compromising 194 million records per UpGuard.
- The 2022 MOVEit breach affected 62 million individuals across 2,667 organizations, as reported by cybersecurity firm Emsisoft.
- Equifax breach in 2017 exposed sensitive data of 147 million people, leading to $1.4 billion in settlements per FTC.
- Yahoo's 2013 breach impacted all 3 billion accounts, revealed in 2017 SEC filing.
- Marriott International's 2018 Starwood breach compromised 500 million guest records, per company disclosure.
- Capital One 2019 breach exposed 106 million customer records via AWS misconfiguration, per FBI indictment.
- Optum (UnitedHealth) 2023 breach potentially impacted one-third of Americans, 100 million records, per HHS.
- 81% of breaches involved weak, default, or stolen/reused credentials in 2023 Verizon DBIR.
- Healthcare sector saw average breach cost of $10.93 million in 2023, highest among industries per IBM.
- 83% of organizations experienced more than one breach in 2023 per IBM report.
- LinkedIn data scrape in 2021 exposed 700 million user profiles, 92% of total users, per Cybernews.
- T-Mobile's 2021 breach leaked data of 54 million customers, including SSNs, per company notice.
- Facebook's 2019 breach exposed 540 million records via third-party apps, per Business Insider.
- Uber's 2016 breach affected 57 million users and drivers, covered up initially, per company blog.
- Sony Pictures 2014 breach leaked 47,000 SSNs and executive salaries, per FBI investigation.
- 2023 saw 1,802 ransomware attacks leading to data breaches, per Emsisoft.
- Twitter (now X) 2022 breach leaked 200 million email addresses, per Leak-Lookup.
- MGM Resorts 2023 ransomware breach disrupted operations, costing $100 million, per company filing.
- Change Healthcare 2024 breach (BlackCat) impacted 1/3 of Americans, per UnitedHealth.
- Snowflake 2024 breaches affected 165 organizations, 100 million records via stolen credentials, per Mandiant.
- AT&T 2024 breach leaked call records of nearly all customers, 109 million interactions, per company.
- National Public Data breach 2024 exposed 2.9 billion records, largest ever, per Wired.
- 74% of breaches exploited web application vulnerabilities in 2023 per Verizon.
- Financial services breach costs averaged $5.9 million in 2023 per IBM.
- 50% of breaches took less than a week to discover per IBM 2023.
- Oracle 2022 breach exposed 4TB data of 1 million records via vendor, per UpGuard.
- Saks Fifth Avenue 2024 breach via vendor Snowflake, impacting customer data, per notice.
Data Breaches Interpretation
Legal Regulations
- CCPA complaints reached 1,200 in 2023, up 300% per CA AG.
- GDPR fines totaled €2.7 billion by 2023 per EDPB.
- US states passed 12 new privacy laws by 2024 per IAPP.
- Meta fined €1.2 billion under GDPR for EU-US data transfers 2023.
- TikTok fined €345 million by Ireland for kids' data 2023.
- Amazon fined €746 million GDPR by Luxembourg 2021.
- CPRA (CCPA successor) enforced from 2023, 75 million CA residents covered.
- EU AI Act classifies biometrics as high-risk, bans real-time ID 2024.
- Brazil's LGPD fined 50 companies €10 million total by 2023.
- Virginia CDPA first US comprehensive law, effective 2023, 1.6 million businesses.
- 85% of GDPR Art 17 deletion requests complied by Big Tech 2023 per NOYB.
- UK's PECR fined ICO £18 million to British Airways 2020.
- Colorado Privacy Act passed 2021, enforced 2023, opt-out rights.
- Utah Consumer Privacy Act 2022, smallest thresholds, 500k residents.
- Connecticutt Data Privacy Act 2022, DSPA, data protection assessments.
- GDPR data portability used by 12% of EU citizens 2023 per Eurostat.
- Illinois BIPA lawsuits settled $650 million by Facebook 2021.
- Texas Data Privacy Act proposed 2023, covers health data specially.
- Montana passed privacy law 2023, effective 2024, no private right of action.
- Oregon Consumer Privacy Act 2023, data minimization required.
Legal Regulations Interpretation
Public Attitudes
- 71% of Americans worry about data privacy according to Pew Research Center's 2023 survey.
- 81% of US adults say they have little to no confidence in companies protecting their data per Pew 2023.
- 64% of consumers have changed their online behavior due to privacy concerns per Pew 2023.
- Statista 2023 survey shows 79% of global internet users worry about online privacy daily.
- 85% of Americans believe it's difficult to control personal data collected by companies per Pew 2020.
- 54% of US adults have turned off device location tracking for privacy per Pew 2023.
- Gallup 2023 poll: 65% of Americans disapprove of government collecting phone data.
- 92% of consumers want more control over how their data is used per Cisco 2023 Privacy Benchmark.
- 73% of people feel they have lost control over their data per Pew 2019.
- 68% of global consumers avoid companies with poor privacy practices per PwC 2023.
- Edelman Trust Barometer 2023: 60% distrust tech companies on data use.
- 77% of US adults say consumers have too little control over data shared with companies per Pew 2023.
- 49% of Americans have asked companies to delete their data at least once per Pew 2023.
- Statista 2024: 83% of internet users aged 16-24 concerned about privacy.
- 62% of consumers read privacy policies but 75% skip long ones per Deloitte 2023.
- 70% of Europeans worry about data misuse by advertisers per Eurobarometer 2023.
- Harris Poll 2023: 88% of Americans want stronger privacy laws.
- 59% have stopped using a service due to privacy issues per Pew 2023.
- KPMG 2023: 76% of consumers would switch brands for better privacy.
- 41% of US adults use VPNs primarily for privacy per Pew 2023.
- Ipsos 2023: 82% globally believe privacy is a fundamental right.
- 67% feel uneasy about AI using their data per Pew 2023 AI survey.
- YouGov 2023: 71% of UK adults concerned about facial recognition privacy.
- 55% of parents worry about kids' online privacy per Common Sense Media 2023.
- Forrester 2023: 80% of consumers expect transparency in data practices.
Public Attitudes Interpretation
Surveillance
- NSA collected 534 million US phone records in 2012 per Washington Post.
- PRISM program accessed data from 9 tech giants, revealed by Snowden in 2013 per EFF.
- FBI used Section 702 to search Americans' data 3.4 million times in 2022 per ODNI.
- UK's GCHQ spied on 1.6 million webcams per Snowden leaks 2014.
- FISA court approved 99.98% of surveillance warrants from 1979-2013 per EFF.
- China's social credit system monitors 1.4 billion citizens via 200+ cameras per city average, BBC 2023.
- US drone surveillance flights totaled 1,300 per year over US soil 2010s per ACLU.
- Clearview AI scraped 30 billion facial images by 2023 for law enforcement.
- EU's ePrivacy Directive allows scanning encrypted messages for CSAM, impacting 500 million users.
- NSA's XKEYSCORE tool queried 180 million records daily per Snowden 2013.
- India's Aadhaar biometrics database holds 1.3 billion fingerprints and iris scans, hacked 10+ times.
- 97% of US routers vulnerable to surveillance per 2023 Cisco study.
- FISA 702 "backdoor searches" on US persons hit 278,000 in 2021 per ODNI.
- Amazon Ring shared footage with police 1,600+ times without warrants 2022.
- Google's location history tracks 2 billion devices despite opt-outs, WSJ 2023.
- Facial recognition used by 50% of police depts in US by 2023 per NIST.
- Section 702 renewals captured data from 200,000+ targets yearly per EFF.
- Qatar World Cup 2022 had 15,000+ CCTV cameras with facial recognition.
- Palantir software used by ICE to surveil 2 million immigrants per Amnesty.
- TikTok tracks users via TikTok Meter app, 1 billion downloads analyzed 2023.
- 500 million smart speakers sold by 2023, always listening per Statista.
- Boston Dynamics robots deployed for police surveillance in 10+ cities 2023.
- EU Chat Control scans 90% of private messages for CSAM by 2024 proposal.
- 95% of websites use trackers, 100+ per site average per Princeton 2023.
- Facebook tracks 2.9 billion users across web via pixels, 2023.
- Google processes 8.5 billion searches daily, retaining data 18 months.
- 90% of new cars have internet connectivity, sharing location data 2023 per CCC.
Surveillance Interpretation
Sources & References
- Reference 1IDTHEFTCENTERidtheftcenter.orgVisit source
- Reference 2IBMibm.comVisit source
- Reference 3VERIZONverizon.comVisit source
- Reference 4UPGUARDupguard.comVisit source
- Reference 5EMSISOFTemsisoft.comVisit source
- Reference 6FTCftc.govVisit source
- Reference 7SECsec.govVisit source
- Reference 8NEWSnews.marriott.comVisit source
- Reference 9JUSTICEjustice.govVisit source
- Reference 10HHShhs.govVisit source
- Reference 11CYBERNEWScybernews.comVisit source
- Reference 12T-MOBILEt-mobile.comVisit source
- Reference 13BUSINESSINSIDERbusinessinsider.comVisit source
- Reference 14UBERuber.comVisit source
- Reference 15FBIfbi.govVisit source
- Reference 16LEAK-LOOKUPleak-lookup.comVisit source
- Reference 17INVESTORSinvestors.mgmresorts.comVisit source
- Reference 18UNITEDHEALTHGROUPunitedhealthgroup.comVisit source
- Reference 19CLOUDcloud.google.comVisit source
- Reference 20ABOUTabout.att.comVisit source
- Reference 21WIREDwired.comVisit source
- Reference 22SAKSFIFTHAVENUEsaksfifthavenue.comVisit source
- Reference 23PEWRESEARCHpewresearch.orgVisit source
- Reference 24STATISTAstatista.comVisit source
- Reference 25NEWSnews.gallup.comVisit source
- Reference 26CISCOcisco.comVisit source
- Reference 27PWCpwc.comVisit source
- Reference 28EDELMANedelman.comVisit source
- Reference 29DELOITTEwww2.deloitte.comVisit source
- Reference 30EUROPAeuropa.euVisit source
- Reference 31THEHARRISPOLLtheharrispoll.comVisit source
- Reference 32KPMGkpmg.comVisit source
- Reference 33IPSOSipsos.comVisit source
- Reference 34YOUGOVyougov.co.ukVisit source
- Reference 35COMMONSENSEMEDIAcommonsensemedia.orgVisit source
- Reference 36FORRESTERforrester.comVisit source
- Reference 37WASHINGTONPOSTwashingtonpost.comVisit source
- Reference 38EFFeff.orgVisit source
- Reference 39DNIdni.govVisit source
- Reference 40THEGUARDIANtheguardian.comVisit source
- Reference 41BBCbbc.comVisit source
- Reference 42ACLUaclu.orgVisit source
- Reference 43CLEARVIEWclearview.aiVisit source
- Reference 44WSJwsj.comVisit source
- Reference 45NISTnist.govVisit source
- Reference 46AMNESTYamnesty.orgVisit source
- Reference 47FOUNDATIONfoundation.mozilla.orgVisit source
- Reference 48NETZPOLITIKnetzpolitik.orgVisit source
- Reference 49WEBTRANSPARENCYwebtransparency.cs.princeton.eduVisit source
- Reference 50NYTIMESnytimes.comVisit source
- Reference 51POLICIESpolicies.google.comVisit source
- Reference 52CCCccc.deVisit source
- Reference 53PRIVACYINTERNATIONALprivacyinternational.orgVisit source
- Reference 54TILISONtilison.comVisit source
- Reference 55THEVERGEtheverge.comVisit source
- Reference 56APNEWSapnews.comVisit source
- Reference 57FORBESforbes.comVisit source
- Reference 58APPCENSUSappcensus.ioVisit source
- Reference 59REUTERSreuters.comVisit source
- Reference 60EXPLOREexplore.zoom.usVisit source
- Reference 61NETFLIXnetflix.comVisit source
- Reference 62VICEvice.comVisit source
- Reference 63TRANSPARENCYtransparency.twitter.comVisit source
- Reference 64HTTPARCHIVEhttparchive.orgVisit source
- Reference 65DISNEYPRIVACYCENTERdisneyprivacycenter.comVisit source
- Reference 66SPOTIFYspotify.comVisit source
- Reference 67CONSUMERREPORTSconsumerreports.orgVisit source
- Reference 68CORPORATEcorporate.walmart.comVisit source
- Reference 69GARTNERgartner.comVisit source
- Reference 70OAGoag.ca.govVisit source
- Reference 71EDPBedpb.europa.euVisit source
- Reference 72IAPPiapp.orgVisit source
- Reference 73IRISHTIMESirishtimes.comVisit source
- Reference 74CNILcnil.frVisit source
- Reference 75ARTIFICIALINTELLIGENCEACTartificialintelligenceact.euVisit source
- Reference 76ANPDanpd.gov.brVisit source
- Reference 77LISlis.virginia.govVisit source
- Reference 78NOYBnoyb.euVisit source
- Reference 79ICOico.org.ukVisit source
- Reference 80LEGleg.colorado.govVisit source
- Reference 81LEle.utah.govVisit source
- Reference 82CGAcga.ct.govVisit source
- Reference 83ECec.europa.euVisit source
- Reference 84ILLINOISCOURTSillinoiscourts.govVisit source
- Reference 85CAPITOLcapitol.texas.govVisit source
- Reference 86LEGleg.mt.govVisit source
- Reference 87OLISolis.oregonlegislature.govVisit source






