Privacy trends for 2022: Survey results from 100 technology leaders

With new privacy laws in California, Colorado, and Virginia coming into force in 2023, and 15 other states considering legislation in their 2022 sessions–it’s clear privacy regulation is here to stay.

Organizations are facing imminent deadlines when it comes to privacy regulation and consumer data rights, yet many face a substantial knowledge gap when it comes to compliance.

As privacy regulation and enforcement increases, filling this knowledge gap is imperative.

That’s why Pulse and Transcend surveyed 100 decision makers from fintech, e-commerce, and B2C sales organizations–aiming to better understand their concerns about upcoming privacy regulation, confidence in their organization’s compliance, current and future privacy budgets, and their use of third party privacy tools.

Note: The following is an abridged version of the full report, highlighting three key trends based on the survey results. View the full report here.

Data collection details

• Timeframe: November 16 - December 18, 2021
• Respondents: 100 technology leaders
• Industries: Fintech, E-commerce, and B2C sales organizations

Organizations continue to struggle with data privacy compliance

As fragmentation of data privacy law accelerates, 68% agree or strongly agree their organization is not agile enough to meet these challenges and remain in compliance.

To what extent do you agree with the following statement: “Because of the increasing fragmentation of data privacy laws across different regions, my organization is concerned we are not agile or prepared enough to remain in compliance.”

• Strongly agree…4%
• Agree…64%
• Neither agree nor disagree…22%
• Disagree…9%
• Strongly disagree…1%

As privacy requests increase, a solution that requires little oversight would be most ideal for ensuring compliance

Of the privacy request/data subject request solutions in the market, many still require a high level of manual work and oversight to operate, say technology leaders surveyed. A compliance product that requires little administration (31%) and provides best practices (29%) would be most effective for ensuring organizational compliance, according to decision makers.

Which of the following do you believe would be most effective to ensure your organization doesn’t violate a data privacy law?

• Compliance product that requires little administration…31%
• Partnership with a security and compliance organization that provides best practices…29%
• Integrated platform that provides full visibility into potential violations…19%
• Well-staffed and knowledgeable legal and compliance team…11%
• Building comprehensive systems to future proof against compliance changes…10%
• Other…0%

Almost half (40%) of organizations are planning to increase both headcount and budget for privacy-specific roles and technologies in 2022

Resource allocation is a telling indicator when it comes to organizational priorities and focus. So the fact that a significant portion of organizations are looking to increase both budget and headcount indicates a timely shift in perception around the importance of privacy programs.

Do you expect your headcount for data privacy-specific roles to grow in 2022?

• Yes…50%
• No…34%
• Unsure…16%

As compared to 2021, how do you anticipate your 2022 budget on privacy technology and infrastructure to change?

• It will increase significantly…5%
• It will increase slightly…62%
• It will stay the same…31%
• It will decrease slightly…1%
• It will decrease significantly…1%
• Unsure…0%

Our survey also showed that the majority of technology leaders are concerned about remaining compliant in the next 12-18 months, data subject requests are increasing, and automation stands out as a top priority for improving efficiency in the space.

Ultimately, the results of the survey made one thing clear–in the face of increasing regulation, privacy compliance programs will (and must) continue to grow and evolve.

Read the full report here.

About Transcend

Our mission is to make it simple for companies to give their users control of their data by encoding privacy across their tech stack. Automated data subject request workflows with Privacy Requests, ensure nothing is tracked without user consent with Transcend Consent, or seamlessly generate Records of Processing Activity (ROPA) for GDPR compliance with Data Mapping.

Looking to evaluate your current privacy program and discover any hidden costs? Explore our privacy request cost calculator.