Consumer Privacy & Ecommerce Trends, Stats, & News

Adhering to consumer data privacy regulations and being transparent about what you do with consumer data aren’t just choices anymore – they’re necessary.

New data privacy regulations will continue emerging as consumer data continues to be utilized in new ways for targeting and personalization. While this may introduce new roadblocks or concerns for brands in the short-term, the long-term benefits shouldn’t be forgotten.

79% of Americans feel concerned about how their data is being used by companies.

The enforcement of these rules will make it easier for consumers to trust brands, especially as we move forward in an age where brand trust will only be increasing in importance.

Stay tuned to this article as we keep it updated with the latest stats, trends, news, and more around consumer privacy initiatives and the impact on your ecommerce brand.

January 13

The current state of consumer privacy

The majority (72%) of consumers say that current privacy laws and practices are out-of-date and would require significant improvement to sufficiently protect and responsibly collect consumer data.

Only 16% of consumers say current data privacy laws and practices are strong enough to responsibly collect and protect consumer data.

2022 will be a year of progress for future privacy regulations, but no new privacy bills are expected to pass this year. It’s not because the legislation is that complicated or controversial – businesses and consumers broadly tend to support privacy regulations, though Democrats have some stronger requests than Republicans for it. Privacy is important to consumers but it isn’t the highest priority right now, and Congress is focused on other initiatives.

While there are no new privacy-centric regulations set to come into effect in 2022, a new cybersecurity regulation that mandates more transparency from banks could have a positive impact on consumer trust. It will focus on banks needing to report cyber incidents that may affect consumers in a timely manner.

The ruling, which banks must comply with by May 2022, comes after the US Treasury Department recently found that the number of suspicious activity reports nearly 20x’d from 1,221 in 2018 to over 20,000 in 2020. Only 59.3% of consumers with lower-than-average digital trust levels trust their bank compared to 80.6% with high digital trust. If consumers’ trust in their banks can go up, they’ll feel more comfortable spending money online.

January 12

Impacts of Apple’s iOS 14.5 update in 2022

Consumers have been sharing a lot more information with apps and retailers ever since the pandemic sparked a massive growth spurt for digital. With ecommerce sales predicted to surpass $1 trillion for the first time ever in 2022, that amount of data is only going to increase. The incentives for sharing personal data vary across generations, but Gen Z is the most likely to share their email with a company in exchange for benefits like discounts or free trials.

But Apple’s iOS 14.5 update in April of 2021 created a headache for many brands that rely on social media or other iPhone app advertising to make sales. The update created a requirement for users to opt into phone tracking and data sharing that helps advertisers target ideal customers. The top two ways app publishers make money off of their applications are video ads and display ads, with native ads coming in fourth.

Even major social media platforms haven’t been immune to the impact of the iOS update. Snap is working on a tool called Advanced Conversions that obfuscates conversion data, though CEO Evan Spiegel has said that it will take “a while” for the platform to return to pre-update levels. In December 2021, LinkedIn introduced an option called Group Identity for B2B to help advertisers reach targeted audiences without tracking individuals’ data.

December 1

Pushing programmatic while protecting user privacy

As 2022 quickly approaches, brands can no longer afford to put data privacy initiatives on the shelf. The reality is that more protective privacy policies are only going to continue increasing around the globe, and your brand won’t have a choice but to adapt.

While these initiatives are great for protecting consumers’ personal information, they introduce hefty obstacles for crucial initiatives like attribution and tracking. What does this mean for your brand if you choose to implement a programmatic advertising strategy into your marketing mix?

By late 2023, Google will phase out third-party cookies running on Chrome. With Chrome having over 70% of the market share for browsers, this shift will have a huge impact on how brands track, target, and engage with customers. Safari (with 8.89% of the market share) and Firefox (with 7.69%) have already phased out third-party cookies.

With the shift toward cookieless, brands will need to explore new ways to predict what consumers are most likely to buy without collecting personally identifiable information. Conversion tracking, audience targeting, and frequency capping will all be impacted by the update. Using anonymized third-party data to match consumer’s behavior is one way to circumvent any negative consequences to your programmatic strategy after the world goes cookieless.

Although third-party cookies are going away, there are several other targeting methods that will allow brands like yours to successfully reach your desired audience. This requires a shift in strategy that may include a heavier focus on the use of first-party data, contextual targeting, OTT advertising, and/or selecting partners who have a personally identifiable information (PII) solution in place.

November 24

November 2021 consumer privacy stats

2021 brought a lot of updates to the world of consumer privacy and changes to how consumers feel about sharing their data. Here are some of the latest consumer privacy stats to make sure you’re up to speed:

• 65% of iOS users agree with Apple’s new privacy policies, while 23% say Apple is taking it too far
• 28% of consumers say they don’t understand the Apple iOS update well at all
• 21% of consumers are much more concerned about their online privacy this year than they were last year, while 39% feel about the same
• 15% of US adults have been impacted by a privacy breach in the last year
• 13% of Americans say they have poor or very poor knowledge of their privacy rights
• 23% of US internet users say they don’t want to share their personal information with companies, no matter the benefit

November 17

How iOS 14.5 is impacting the biggest businesses

Apple’s iOS 14.5 update is affecting major companies like Peloton, Pinterest, and Wayfair, with the lack of ability to target customers as the main cause of the impacts. Users are now required to opt into sharing their unique identifier for advertisers (IDFA) with apps, which means data typically used for tracking, attribution, and targeting is no longer available.

96% of iPhone users opted out of sharing their IDFA with apps with the release of iOS 14.5.

What’s unique about the update is that it started requiring users to provide explicit consent to be tracked by apps. If they don’t opt in, the default will be that apps don’t get any data from them.

The update has resulted in higher customer acquisition costs, declining stocks, lower revenue projections, and other negative consequences for many brands.

Peloton has cited the changes as a challenge to getting new customers (in addition to supply chain issues) and has lowered its profit margins, projections for new subscribers, and total revenue forecast as a result. Wayfair turned its focus more to advertising in Q3 to quell the impact. Pinterest has given less detail, but has said that the updates have impacted their ability to track and connect off-platform and on-platform activity and advertising.

November 10

Facebook mobile ad spend shrinking on iPhones post-iOS 14.5

Facebook mobile ad spend for iOS devices has seen significant declines in growth since the introduction of Apple iOS 14.5 in April of this year. With the update, users are required to manually opt in to share their unique Identifier for Advertisers (IDFA). For brands advertising on any Apple app, that means greatly reduced tracking, attribution, and personalization capabilities.

For iOS, US Facebook mobile ad spend was up only 3% year-over-year in August. In April, it was up 55%. Many advertisers have shifted their budget to advertising on Android, which saw ad spend grow 65% in August compared to 52% in April. In both July and September, Facebook mobile ad spend for Android was up 86%.

That’s also because advertising costs have risen on Android as users have shifted away from sharing their Apple IDFA. The equivalent of IDFA on Android is called Android’s Advertising Identifier (AAI). Google (which developed Android) has yet to elaborate on whether it will provide similar opt-out options for Android users in the future, but will likely try to find a happy medium between respecting the necessity for online advertising and giving users control over their personal data privacy.

Prior to the update, approximately 70% of iPhone users were sharing their IDFA with apps. With the update, some estimates now put that number at as low as 5% for US consumers. Globally, approximately 13% of iPhone users are sharing their IDFA.

November 3

Mobile usage rising alongside privacy regulations

Mobile traffic now surpasses desktop in terms of global internet traffic. This year alone, worldwide mobile ad spend will grow 23.5% to $275.8 billion. And the number of global smartphone users is expected to grow from an already earth-shattering 6.38 billion in 2021 to 7.52 billion in 2026.

But as mobile usage continues to grow, so do privacy regulations. Advertisers have to adjust to consumer preferences while still adhering to mandatory guidelines like the GDPR, CCPA, and Brazil’s LGPD in addition to Apple’s iOS updates and Google’s deprecation of third-party cookies on Chrome.

And that’s not changing anytime soon. A privacy-first mindset will be crucial for mobile advertisers as more privacy measures are introduced.

Even major players like Meta (Facebook) and Snap have been impacted, with revenue for both social media giants declining since iOS 14.5 was released in April.

As consumers continue to prefer their mobile devices, brands will have to ensure that their marketing and advertising strategies for mobile align with privacy protocols. The next step is preparing for third-party cookies to disappear from Chrome, which Google announced will happen in late 2023 after the switch was originally planned for early 2022.

The ability to leverage first-party data will be a critical solution for all brands, and mobile advertising will be its own beast to tackle. With brands relying heavily on third-party cookies for digital advertising since the mid-1990s, a mindset of flexibility and adaptability will be crucial for survival moving into the future.

October 27

An overview of Brazil’s LGPD

Brazil’s General Data Protection Law (LGPD) is impacting how brands market to customers in the country of Brazil. Similar to the GDPR in Europe, the LGPD is intended to protect personal data, which refers broadly to any information regarding a person.

It lays out 10 principles that businesses need to consider when working with personal data from customers in Brazil, including purpose, adequacy, necessity, free access, quality of data, transparency, security, prevention, non-discrimination, and accountability.

Unlike the GDPR, LGPD applies to businesses of all sizes with few exceptions. The GDPR and California’s Consumer Privacy Act (CCPA) both apply only to businesses that meet certain criteria such as size. It is crucial that brands comply with privacy measures like the LGPD to avoid expensive fees.

October 20

The latest consumer data privacy stats for ecommerce brands

• 43% of consumers don’t believe they can adequately protect their personal data today. (Cisco)
• 81% of consumers say the potential risks they face from data collection by companies outweigh the benefits. (Pew Research Center)
• 84% of consumers say they want more control over how their data is being used. (Cisco)
• 65% of American voters say data privacy is one of the biggest issues our society faces. (Morning Consult)
• 80% of consumers say they are comfortable sharing personal information directly with a brand if it leads to personalized marketing messages. (eMarketer)
• 53% of consumers say they would try to get their personal information back from a company if they had the option. (FISglobal)

October 13

Digital payment growth increases threat of cybersecurity

Over 1 billion data branches occurred in the US last year, with nearly 156 million records being exposed. One out of every four consumers experienced fraud. And 43% of consumers don’t believe they can adequately protect their personal data today.

As data and privacy become bigger concerns, consumers are also increasingly trying new payment methods, such as paying with installments instead of all at once through AfterPay integrations on ecommerce websites, using contactless digital wallets like Apple Pay to shop in stores, or even ordering food online through new platforms.

90% of consumers have used at least one emerging payment method since the beginning of the pandemic.

As with any rapid growth, as retailers try to keep up with consumers’ changing expectations, there are also business-level considerations that are crucial to remember. Consumers’ increased openmindedness to trying new things brings a lot of benefits for brands, but growing alongside that are the possible opportunities for malicious attackers to steal your business’ and/or consumers’ data.

With 2/3 of the consumers who have tried at least one emerging payment method in the last year doing so for the first time, ecommerce brands have even more reason to ensure they’re complying with the growing list of digital privacy laws.

October 6

How privacy initiatives are impacting organizations today

Brands and retailers large and small no longer have much of a choice about how they approach privacy. Adhering to consumer data privacy regulations and being transparent about what your brand does with consumer data are mandatory now.

Organizations are reimagining how they collect and leverage data throughout all stages of the customer lifecycle. Here are the latest stats from Cisco on how security professionals at a range of US companies say current privacy initiatives are impacting their organization:

• 79% of organizations say privacy laws are having a positive impact, with 5% of organizations saying the laws have a negative impact
• Only 41% of organizations were prepared for last year’s shift to working from home last year from a privacy and security perspective.
• 34% of security professionals say data privacy is one of their core responsibilities.
• Building trust is the top benefit of privacy initiatives for 76% of security professionals, followed by mitigating security losses and achieving operation efficiency at 74% and enabling innovation and making the company more attractive at 73%.
• 68% of security professionals say privacy initiatives help reduce sales delays.
• The overall value of the benefits of implementing privacy and security initiatives rose 10% to $2.9 million last year.
• 90% of organizations say a shopper will not buy from them if they aren’t clear about their data practices.

September 29

Ecommerce data privacy stats

• Just 10% of consumers feel they have total control over their personal information. (PwC)
• 62% of Americans don’t believe it’s possible to go through daily life without companies collecting data on them. (Pew Research Center)
• 79% of Americans are concerned about how their data is being used by companies. (Pew Research Center)
• 92% of Americans are concerned about their privacy when they use the Internet. (TrustArc)
• 97% of companies have seen benefits like a competitive advantage or investor appeal from investing in privacy. (Cisco)
• More than 40% of companies see benefits at least twice that of their privacy spend. (Cisco)

September 22

How marketers say privacy regulations are impacting their data strategies

Executives and marketers at companies around the world have been adjusting their strategies to meet the constantly shifting demands of high-stakes privacy regulations. Not complying with these new privacy laws can have serious financial consequences.

In fact, Facebook’s WhatsApp was recently fined $270 million for breaching the GDPR.

How are privacy regulations impacting how companies execute their data strategies?

For 39% of companies, the introduction of new privacy laws resulted in limited information collected or included in customer profiles. 31% of companies now ask customers for less data, while 29% have lowered their social media advertising spend. 27% of companies have appointed a chief data officer.

Increased transparency around data use, new internal standards for data collection and use, and new ad channels/platforms are the top three ways that marketers say privacy regulations have influenced their company’s data strategy, at 57%, 54%, and 41% respectively.

September 14

Apple’s iOS 14.8 update addresses critical security concerns

Apple released a critical security upgrade this week with iOS 14.8 to address vulnerabilities in Apple’s CoreGraphics framework and WebKit browser. Apple believes that the two vulnerabilities were already being exploited by the time the update was released on September 13.

Apple recommends that iPhone users update their devices immediately to avoid being affected.

The CoreGraphics vulnerability is what’s called a zero-click exploit, meaning that no interaction is needed from the user to malware to be downloaded onto their device. Processing a PDF created by a malicious party would be enough for dangerous code to be executed. The WebKit vulnerability involves processing malicious web content.

Apple’s iOS 15 update is expected to be rolled out at today’s Apple Event along with the iPhone 13, Apple Watch Series 7, and more.

September 8

Stats: How privacy transparency contributes to higher trust

Privacy-related initiatives can cost a lot of money, and it’s not always easy to walk the line of transparency. But with consumer trust in your brand of higher importance than ever, doing whatever it takes to win over a shopper is worth it.

Here are the latest stats around consumer privacy for ecommerce brands and how it plays a crucial role in trust:

• 88% of consumers say their willingness to share personal information is based on how much they trust a company. (PwC)
• 54% of consumers say it’s harder than ever for a company to earn their trust. (Salesforce)
• 84% of consumers are more loyal to companies with stronger security controls. (Forbes)
• 63% of consumers say most companies are not transparent with them about how their data is used. (Tableau)
• 54% of consumers believe companies aren’t using their data in a way that benefits them. (Tableau)
• 48% of consumers have stopped buying from a company over privacy concerns. (Tableau)
• Only 15% of consumers believe companies will use their personal data to improve their lives. (AbacusGroup)

September 1

How cookie deprecation will impact your customers

By late 2023, cookies will be completely phased out on Chrome. The change will have a major impact on how brands market to shoppers – but how will the shoppers themselves be impacted?

One major concern with the disappearance of third-party cookies is the decline of personalization. 55% of digital marketers believe the changes will lead to less personalized consumer experiences.

50% of digital marketers say privacy concerns will persist even after cookies go away.

62% of digital marketers say that third-party cookie deprecation will not help consumers, while 63% believe it will result in little to no improvement in consumers’ control over their personal data.

August 25

Ecommerce marketing strategies to comply with privacy regulations

In order to comply with high-stakes privacy regulations, brands and retailers have had to adjust their marketing strategies in smart and unique ways. How have digital marketing strategies been impacted the most?

57% of digital marketers say their company has increased transparency around data use as a result of the introduction of new privacy laws, and 54% say their company has created new internal standards for data collection and use.

41% of digital marketers have considered adopting new advertising channels and/or platforms to align with new privacy regulations.

The introduction of new privacy laws resulted in reduced customer tracking for 39% of companies and changed or reduced audience targeting for 32% of companies. 27% of digital marketers say their company has lowered social media ad spend in response.

August 18

How considered are consumers about their data privacy?

Consumers are becoming more concerned about their online privacy. According to a survey taken in March 2021, 52.4% of consumers are somewhat more or much more concerned about their online privacy than they were a year ago.

More than half of consumers are more concerned about their online privacy than they were one year ago.

While 39% of consumers say they have maintained the same level of concern about their online privacy over the past year, 20.5% of consumers say they’re much more concerned about their online privacy compared to one year ago. Only 8.6% of shoppers say they’re less concerned.

August 11

New report: Programmatic advertising in a cookieless world

Since the dawn of digital, marketing strategies have relied on cookies as a proxy for identity. But the world of marketing is changing. The departure of browser-based tracking is upon us.

By late 2023, Google will phase out third-party cookies running on Chrome and transform how brands track, target, and engage with customers.

In other words, web tracking as we know it is going away. But right now, programmatic buyers rate their organizations’ readiness for cookie deprecation at only 3.5 on a scale of 1-5. Is your brand prepared? In this white paper, you’ll uncover insights like:

• The who, what, and when behind the impact of third-party cookie deprecation
• Unexpected opportunities to drive targeted campaigns once cookies go away with programmatic advertising
• How brand executives and marketers like you plan to profitably navigate a post-cookie world

Lift the cloud of confusion around the cookieless future and make sure your programmatic strategy is equipped to handle the changes. Claim your copy today.

August 4

Post-cookie strategies for success

The cookie may be crumbling, but all is not lost for brands and publishers who rely on digital efforts to drive their business forward. While the world of attribution and tracking is being turned upside down by the deprecation of third-party cookies, some things will stay the same after cookies are deprecated in late 2023.

Brands and publishers will still have access to audience data like identity graphs, cohorts, household-level data, and contextual data. Of course, first-party data will also remain available, along with second-party data and consented third-party data.

Consumers spend a lot of time in cookieless environments via mobile apps, and that’s not going to change. While mobile apps are facing separate privacy initiatives like Apple’s iOS 14.5 update, they won’t be impacted by the changes to cookies. With mobile traffic now surpassing desktop traffic, the impact of cookie deprecation will be less detrimental for brands that can rely on a highly optimized mobile strategy.

The value of well-curated, original content also won’t change. Embracing organic initiatives like SEO and email marketing is one way to have the upper hand in a world without third-party cookies.

July 28

New infographic: Programmatic advertising in the era of cookieless

Google recently announced that third-party cookie deprecation will occur in late 2023, a significant push from the original early 2022 timeline. The delay will provide some relief to advertisers and publishers. In October 2020, programmatic buyers rated their organizations’ readiness for cookie deprecation at only 3.5 on a scale of 1-5.

In this infographic, you’ll uncover data and stats about post-cookie attribution and targeting for programmatic, strategies brands are using to navigate the loss of cookies, and how cookie deprecation will impact ecommerce and brands that use programmatic advertising. You’ll uncover answers to questions like:

• How do marketers and decision-makers plan to measure targeted advertising after cookies go away?
• What are the top challenges digital media professionals are facing in 2021?
• Are digital advertisers ready for third-party cookie deprecation?

Access the infographic here!

July 21

Third-party cookies to be deprecated by late 2023

Last month, Google announced that the deprecation of third-party cookies will be delayed until late 2023 after previously planning for early 2022. According to a blog post from Google, “more time is needed across the ecosystem to get this right.”

Third-party cookies will be completely phased out on Chrome over a three-month period starting in mid-2023 and ending in late 2023.

With global initiatives to protect user privacy online intensifying, delaying the shift away from cookies will help ensure the right decisions are made to keep consumer data secure and avoid covert practices.

Marketing strategies have relied on cookies as a proxy for identity since the dawn of digital. With Chrome having nearly 70% of the market share for browsers, this shift will have a huge impact on how brands track, target, and engage with customers.

Third-party cookies provide data about a shopper’s interests, past purchases, frequently visited websites, and more. Any brand that uses data for online advertising and targeting will be impacted by Google’s decision to phase out third-party cookies on Chrome.

July 14 update

Consumer privacy + cookieless

Since the dawn of digital, marketing strategies have relied on cookies as a proxy for identity. But the world of marketing is changing. The departure of browser-based tracking is upon us.

By late 2023, Google will phase out third-party cookies running on Chrome and transform how brands track, target, and engage with customers.

In other words, web tracking as we know it is going away.

Adhering to consumer data privacy regulations and being transparent about what your brand does with consumer data is no longer a choice. Brands large and small will need to reimagine how they collect and leverage data throughout all stages of the funnel, from new customer acquisition to remarketing. Attribution, unique visitor counting, and retargeting will all change when cookies go away.

Third-party cookies provide data about a shopper’s interests, past purchases, frequently visited websites, and more. Any brand that uses data for online advertising and targeting will be impacted once the third-party cookie shoe drops.

July 7 update

Apple’s iOS 14.5 update: Impact on ecommerce brands

Apple’s iOS 14.5 update took place in April 2021 and shook things up for any brand advertising through an iPhone app.

With iOS 14.5, Apple requires users to provide explicit permission for apps to collect and share data through their unique Identifier for Advertisers (IDFA). The Identifier for Advertisers (IDFA) is a random identifier assigned to each iOS user that advertisers use to deliver personalized ads. It is also used for tracking and attribution.

To collect permission, Apple is enforcing a Tracking Transparency Prompt (ATT) in the App Store. Apps that do not adopt the prompt will be blocked from the App Store. Long-term impacts will include reduced tracking capabilities and reduced personalization for users.

The percentage of iPhone users sharing their unique Identifier for Advertisers (IDFA) with apps is expected to drop from 70% to as low as 5%.

For Facebook advertisers, the update means seven-day click reporting won’t include data for users who have opted out. For users who opt out of tracking, data will only be gathered around their highest-priority event using a one-day click attribution model.

For brands pushing paid search campaigns on Google, budgets, targets, or bids should be adjusted and campaign performance and delivery should be closely monitored to stay on track with goals.

June 30 update

Consumer privacy concerns: Just the stats

• 79% of Americans feel concerned about how their data is being used by companies (Pew Research)
• 54% of consumers say companies don’t use data in a way that benefits them (Tableau)
• 96% of Americans say more should be done to ensure companies protect consumer privacy (Consumer Reports)
• 40% of consumers say privacy around the apps they use is very important (McKinsey)

June 24 update

Consumer privacy in 2021: Where we stand now

Some of the biggest privacy initiatives impacting marketers leading up to 2021 are the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and California Privacy Rights Act (CPRA).

Failing to adhere to these privacy protection regulations can have dire consequences for brands. Businesses can be penalized large amounts of money by courts or sued by individual consumers.

First effective in 2018 and 2020 respectively, the GDPR and CCPA will remain important for brands who use consumer data in marketing efforts. CPRA regulations aren’t yet in effect.

• General Data Protection Regulation (GDPR): Lays out seven key principles for businesses that collect consumer data in the EU: lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity, confidentiality, & security; and accountability.
• California Consumer Privacy Act (CCPA): Gives consumers the right to know what personal information of theirs is being collected, used, shared, or sold, the right to delete personal information held by businesses, and the right to opt out of sale of personal information, among others.
• California Privacy Rights Act (CPRA): An extension of the CCPA that adds new criteria for which businesses are regulated, a new category of sensitive personal information, new and modified consumer privacy rights, and more. California voters approved its creation in November 2020 and measures will go into effect in January 2023.