Data Privacy Day may be observed every year. Still, security experts say privacy should become a daily, defined practice that impacts nearly every aspect of an organization, not just compliance, legal, or auditing disciplines.

According to Atlas VPN, 54% of baby boomers and half of Generation Z feel extremely uncomfortable sharing their personal information with the government, including their location and travel.


It protects the autonomy of individuals.


According to Enza Iannopollo, Forrester's senior analyst for privacy, security, and risk, protecting personal data means protecting individuals from unwanted surveillance and physical harm.

Personal data provide a window into our personalities, beliefs, weaknesses, and consumption patterns. We should share this data carefully, and with actors we trust; otherwise, it might be used for manipulation. Examples of this are everywhere, in every country.


Among the potential consequences Wüest sees for enterprises if data is not adequately protected are:


  • Fines from regulations such as GDPR and CCPA.
  • Loss of brand and trust reputation, such as what happened with social media messaging apps.
  • Corporate information is being made public, resulting in a loss of competitive advantage. Over 20 ransomware groups have also started to steal sensitive data before encrypting it. It is a big way to extort money, mainly if the data is financial information, intellectual property, or customer lists.




Breach potential is on the rise.


Privacy breaches can have severe consequences for businesses and individuals, leading to expensive follow-up attacks, says Candid Wüest, vice president of cyber protection research at Acronis.

Cybercrime opportunities will increase as companies continue to adopt WFH and hybrid work models, according to Anurag Kahol, CTO of Bitglass.


Competitive advantage


Shavell says all FAANG companies are increasingly positioning users' data privacy as a value-added feature. When competitors use privacy rights details as part of their sales pitches, burying information in user agreements will not be enough.