Data privacy requests surge since 2021

A new report shows 246 percent boost in privacy requests since 2021 as consumers seek to clear personal data online.

The report from DataGrail shows Data Subject Requests (DSRs) -- formal requests made to a company by a person to access, delete or request not to sell/share the personal data that the company holds on them -- increased by 32 percent from 2022 to 2023.

Data deletion requests were the most common type of DSR, on average accounting for more than 40 percent of requests across businesses.

The eCommerce industry -- defined in the report as brands with a direct-to-consumer (D2C) relationship -- received the most DSRs (1,577 DSRs per million identities). Marketing tech businesses experience the second-greatest volume of privacy requests, likely linked to the data obtained through online campaigns, surveys, customer relationship management (CRM) tools and more.

Businesses are also spending 36 percent more to meet the influx of requests. Manual processing of DSRs were estimated to cost businesses more than $881,000 per year per million DSRs in 2023, compared to $648,000 in 2022.

"Control is the name of the game with data privacy right now," says DataGrail co-founder and CEO, Daniel Barber. "Consumers deserve to know where their personal data is and how it’s being used, and the increase in privacy requests shows that in action. Consequently, businesses today are faced with unprecedented responsibility -- not only must they manage data responsibly and effectively, but they also need to earn consumer trust by giving them autonomy over their data."

A worrying finding is that 75 percent of organizations ignore GPC (Global Privacy Control) requests, which means most businesses are not respecting people's privacy requests.

You can get the full report from the DataGrail site.

Image credit: Rawpixel / depositphotos