Privacy Requests Can Come From Practically Anywhere
46% of DSRs arrived from IP addresses located outside the US, Canada, China, Brazile the UK, or the EU (regions with privacy laws). As such, people making these requests might not be covered by strong privacy laws. Around 12.5% of US-based DSRs came from states with laws already on the books (CA, CO, & CT), yet 34% are coming from states without privacy protections, suggesting people from across the US are submitting requests regardless of their level of legal protection. Consumers want more control over their data even if they don’t have legally-protected privacy rights.
DSRs By Policy in 2023
of DSRs in 2023 came from jurisdictions that didn’t have strong privacy laws, evidence that people around the world want more control over their personal data.
Note: As a United States-based company with a larger regional footprint in the US, our data skews toward privacy requests coming from the US and may not be an accurate reflection of total global requests. Many DataGrail customers apply GDPR-grade DSR processes across the board, which helps to ensure good customer relations and improves the efficiency of their privacy programs.