IAPP Reports and Surveys

Image

IAPP Reports and Surveys

Navigate by Topic

This page hosts a collection of reports, surveys, resource articles and article series published by the IAPP.

Featured Reports

REPORT

US State Privacy Laws Report

The IAPP keeps privacy pros informed when states introduce comprehensive privacy bills, when those bills progress into laws, what rights they offer consumers and what obligations they require from organizations. This report analyzes similarities and differences between enacted U.S. comprehensive state privacy laws.
Read More

REPORT

Professionalizing Organizational AI Governance

This report on organizational AI governance focuses on the internal guidelines and practices organizations follow to ensure responsible development, deployment or use of AI.
Read More

REPORT

IAPP-EY Privacy Governance Report 2023

The IAPP-EY Privacy Governance Report 2023 builds on previous comprehensive efforts to shine a light on the location, performance and significance of privacy governance within organizations. For the first time, we explored organizational confidence when it comes to privacy governance and the drivers of those confidence levels.
Read More

REPORT

2023 IAPP Privacy Professionals Salary Survey

This report explores the compensation, both financial and nonfinancial, offered to privacy professionals.
Read More

REPORT

Privacy Risk Study 2023

This year’s Privacy Risk Study represents the most comprehensive study of privacy risk undertaken by the IAPP in collaboration with KPMG.
Read More

REPORT

IAPP Privacy and Consumer Trust Report

This report shines a light on what consumers around the globe think about privacy and the companies that collect, hold and use their data.
Read More


Featured Resource Articles

ARTICLE SERIES

Global AI Governance Law and Policy: Jurisdiction Overviews

This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in five jurisdictions: Singapore, Canada, the U.K., the U.S. and the EU.
Read More

RESOURCE ARTICLE

Consumer Perspectives of Privacy and AI

This resource analyzes how consumer perspectives of AI are shaped by the way emerging technologies affect their privacy.
Read More

RESOURCE ARTICLE

Global Legislative Predictions 2024

For an on-the-ground look at what lies ahead for 2024, the IAPP gathered insights from privacy professionals around the globe.
Read More

RESOURCE ARTICLE

US federal AI governance: Laws, policies and strategies

This article provides a breakdown of artificial intelligence governance at the federal level, including the White House, Congress and federal agencies.
Read More

RESOURCE ARTICLE

Implications of AI executive order for business

This article analyzes the policies and principles reflected in Executive Order 14110, which will have direct and indirect effects on AI governance for years to come.
Read More

ARTICLE SERIES

Top 6 operational impacts of India’s DPDPA

This six-part article series serves as a walkthrough of the most important components of India’s Digital Personal Data Protection Act.
Read More


Additional Reports and Resource Articles

IAPP Privacy Tech Vendor Report

This edition of the “Privacy Tech Vendor Report” finds the industry at a crossroads of sorts. As privacy has shifted from an afterthought to a necessity within the last decade, the conversation today regarding its place in product development has evolved from the abstract to the technical implementation of an array of solutions. Read More

UK data protection reform: An overview

On 8 March 2023, the U.K. government introduced the Data Protection and Digital Information (No. 2) Bill to Parliament. Its objective is to “update and simplify” the U.K.’s data protection laws and certain other legislation. This article sets out a comprehensive summary of the changes in comparison to the GDPR. Read More

Privacy in M&A transactions: The playbook

Mergers and acquisitions has been central to us for a long time. Given our group emphasis on the importance of privacy in data-centric transactions, consideration of data protection and other associated issues in an M&A context is essential. This playbook aims to address this need by consolidating our group’s experiences and learnings to date in this domain. Read More

Privacy in the Wake of COVID-19

The IAPP and EY launched a research initiative to gain more insight into the unique ways privacy and data protection practices have been affected by the pandemic. The initial phase of the project included a survey of privacy professionals, taking a deeper look at how organizations, in general, and privacy programs, in particular, are handling the privacy and data protection issues that have emerged alongside COVID-19, such as privacy and security issues related to working from home, monitoring the health of employees, and sharing data with governments, researchers and public health authorities. Read More

The State of Data Rights

The IAPP, in partnership with BigID, set out to gain insight into the landscape of individual data rights, and how organizations provide data transparency to their employees and consumers. This report explores components of a framework for processing data access requests, deletion requests, and data transparency - including understanding the demand for data rights and its relationship to building brand trust. Read More

IAPP Visions of Privacy

Published: July 2020Click To View (PDF) This 20th anniversary publication, “Visions of Privacy,” is a future-looking anthology of contributions from privacy thought-leaders from around the world. We asked these leading voices to take a moment for reflection on the last 20 years of privacy — to pause and think deeply about the future of privacy. We are excited to provide you with these incredible reflections on how far we have come as a profession over the past two decades and what the future ... Read More

Measuring Privacy Operations

In Measuring Privacy Operations 2019, the IAPP and TrustArc offer privacy professionals around the globe a look at how their colleagues are implementing privacy requirements. This is the latest in a series of reports designed to help companies benchmark their own privacy practices against those of their partners and competitors. Read More

How Privacy Tech Is Bought and Deployed

For the second year running, the IAPP together with TrustArc surveyed 345 privacy professionals around the globe to gain an understanding of how privacy technology products are purchased and deployed within an organization. Results this year shine a light on which products are in use and under whose budget privacy tech purchases are made, as well as other budgetary and purchase-decision-making insights. Read More

The Market for Data Privacy Legal Services

Published: April 2016Click To View (PDF) In January 2016 the IAPP and Bloomberg Law conducted a survey of 353 privacy professionals and identified 181 in-house privacy professionals who self-identified as currently employing outside counsel, shopping for external counsel, or having employed outside counsel in the last year. This revealed a number of interesting findings. ... Read More

How IT and Infosec Value Privacy

Published: March 2016Click To View (PDF) As a more mature field, information security has long enjoyed larger budgets and more staff than information privacy. As privacy teams have matured and grown, however, their budgets are beginning to be substantive. How do information security and privacy teams work in concert, so that their respective spends can complement one another? Are their priorities aligned? Have firms decided that information privacy investments can enhance information security... Read More

Benchmarking Privacy Management and Investments of the Fortune 1000

Published: November 2014Click To View (PDF) Over the summer of 2014, the IAPP embarked on the first of what will be an annual effort to research and benchmark the privacy programs of the Fortune 1000. In partnership with third-party research firm Fondulas Strategic Research, we queried roughly 275 privacy leads at Fortune 1000 companies, all of them large, private, for-profit firms operating from a base in the United States, and got a 23-percent response rate, providing us with one of the mos... Read More

What Place Do Search Engines Have Between Personal Data Law and Freedom of Speech?

The question raised in the title of this article is the complex and long-debated one that the Court of Justice of the European Union (the “CJEU”) will have to answer, following an application made by the Spanish High Court. The case leading to this question is between Mr. X, a Spanish national, and Google. Mr. X noticed that when he typed his name into the Google search engine, two of the results redirected the user to pages of a newspaper that included details of the auctioning of a property seized due to a failure by Mr. X to pay social contributions. Mr. X brought a claim against the newspaper and Google before the Spanish Personal Data Protection Authority. Read More

IAPP Canada OPC Final Report

IAPP Canada has detailed the success of its expanded KnowledgeNet program in a report to the Office of the Privacy Commissioner, highlighting how the assistance of a grant from the OPC has helped the program offer eight times as many events. Read More