During Data Privacy Week, it’s evident that concerns over privacy risks associated with generative AI have prompted more than a quarter (27%) of companies to temporarily ban its use among their employees, according to the Cisco 2024 Data Privacy Benchmark Study.
Additionally, a majority of organizations have implemented controls on these tools, with nearly two-thirds (63%) setting restrictions on the type of data that can be inputted and 61% limiting the usage of specific Gen AI tools by their workforce.
Despite these precautions, many companies disclosed inputting sensitive information into generative AI applications, including details about internal processes (62%), employee names or data (45%), proprietary company information (42%), and customer data (38%).
The study highlighted that 92% of respondents perceive generative AI as a unique technology posing distinct challenges and risks that necessitate innovative approaches to data management and risk mitigation.
The primary concerns cited include potential threats to the organization’s legal and intellectual property rights (69%), the risk of data entered being shared publicly or with competitors (68%), and the possibility of inaccurate information being generated by these tools (68%).
Addressing these challenges, 91% of security and privacy professionals recognized the need for further efforts to reassure customers about the ethical use of their data with AI.
However, none of the strategies outlined in the study to enhance consumer trust in this area garnered the support of over 50% of respondents.
Dev Stahlkopf, Cisco’s Chief Legal Officer, emphasized the perception of generative AI as a technology with unique challenges, stressing the importance of thoughtful governance to maintain customer trust.
Data Privacy Vital for Business Success Almost all (94%) security and privacy professionals asserted that customers would refrain from purchasing from their organization if data protection measures were inadequate.
Furthermore, 97% felt a responsibility to ethically use data, and 95% believed that the benefits of investing in privacy outweighed the associated costs.
Given the growing recognition of the link between data privacy and business advantages, this realm has become a significant topic in boardroom discussions. Nearly all (98%) respondents reported presenting one or more privacy metrics to the board, with over half disclosing three or more.
The most commonly used privacy metrics included audit results (44%), data breaches (43%), data subject requests (31%), and incident response (29%).
Respondents overwhelmingly supported government implementation of data privacy regulations, with 80% indicating a positive impact of privacy laws on their organization, while only 6% reported a negative impact.
Harvey Jang, Cisco’s Vice President and Chief Privacy Officer, highlighted that compliance with data privacy regulations serves as tangible evidence to consumers that organizations are effectively safeguarding their data.
These findings underscore the growing significance of privacy in building and maintaining consumer trust and loyalty, particularly in the era of AI, where privacy investments better position organizations to ethically and responsibly leverage AI technology.