Americans' personal data has never been more at risk. While you keep ever-increasing amounts of your life online, scammers are leveraging weak passwords, AI tricks, and data breaches to find new ways to hack your information. However, bad actors aren't the only problem in this space.
An even more insidious threat is the data you're voluntarily giving away. Your browser cookies, smart home devices, online shopping habits, social media activity, and favorite apps are all being tracked by major tech companies to sell off your information to the highest bidder.
The consequences of this can stretch from identity theft to an invasion of your privacy by tech companies and government agencies. It may one day even help businesses use AI-enabled surveillance pricing to drive up the costs of things you want.
The good news is that most people know about threats to their data. In fact, 92% of Americans are concerned about their personal data being collected by websites and apps. The bad news is that many Americans don't care enough to try to stop it, with around 40% of these same people never reviewing the privacy policies of their devices, apps, or the websites they visit.
Here at WhistleOut, we've grown more concerned about data privacy. With massive data breaches in the news and controversies surrounding smart home devices like Ring doorbells, we wanted to understand how Americans feel about their online personal data.
We polled 1,000 American adults about their data security habits to find out.
Overview: Data privacy in 2026
- Data privacy concerns: Most Americans are worried their tech is spying on them
- Data permissions: Around 40% of Americans blindly accept the terms and conditions
- Risk and exposure to data theft: Scammers are smarter than ever before
- Protect yourself: Here's how to keep your data safe
- Methodology
Data privacy concerns: Most Americans are worried their tech is spying on them
We all know our tech is watching us. Things like personalized ads, tailored social media algorithms, or suggested destinations on your smartphone's GPS are framed as helpful features for users. But have you ever thought about how much data you've given away to make these features perfectly relevant to you?
It turns out, most Americans are worried about how much of their data has been scooped up by their phones.
- 92% of Americans are concerned about their personal data (browsing history, location, personal information, etc.) being collected by websites and apps on their mobile devices.
However, this suspicion isn't just limited to smartphones and web browsers. Americans have recognized that things like doorbell cameras, smart home assistants, and smart TVs also provide a window into their lives that tech companies can tap into.
According to our survey, Americans are most concerned about their data security while using:
- Web browsers (93% / 22% expressing extreme concern)
- Mobile smart devices (92% / 26% expressing extreme concern)
- Other smart devices like speakers, doorbell cameras, etc. (83% / 21% expressing extreme concern)
- Smart TVs (81% / 16% expressing extreme concern)
What are the real risks of ignoring data privacy?
The risks of ignoring data privacy and letting online companies collect your personal data involve who can access it and how it can be used against you.
Tech companies use your data to build semi-anonymous profiles they can sell that map your interests and habits. The problem is you have no control over who buys it. While it could be a benign advertising firm that simply wants to serve up targeted ads, it can also be scammers, data brokers, or even the government.
Agencies like the National Security Agency (NSA), the Department of Homeland Security (DHS), and Immigration and Customs Enforcement (ICE) have all purchased Americans' data to use in their missions. Plus, since this information is commercially available, they don't even need a warrant.
How companies can use your data against you is becoming a bigger issue in the age of AI. There are concerns that companies will soon be able to track your online habits and leverage AI to develop surveillance pricing systems.
For example, airlines could track your IP address and internet history to know you're following the cost of one specific flight, then raise the price on your browser while lowering it for everyone else.
Data permissions: Around 40% of Americans blindly accept the terms and conditions
Despite most people having concerns about their data privacy, many Americans can't be bothered to actually protect themselves.
- 41% of people never read the privacy policies of websites or apps before using them.
- 40% of phone users have never reviewed the privacy settings on their devices to limit the data that can be collected about them.
- 23% of people don't check the permissions they grant to mobile apps, such as camera, contacts, or location.
- Only 2 in 10 people always read through the terms of use agreement when downloading a new app.
Blindly allowing websites, apps, and your devices to track and access your data is a problem. They often take much more information than you realize, including things like location data and your internet history (even in incognito mode). In fact, tech giants like Apple and Google have routinely faced lawsuits about the staggering amount of data they've collected from users' devices.
Your financial data is at risk too. When looking at how people use their apps, we found 63% of people have paid for at least one app or spent money on in-app purchases. Many users are uploading their bank or credit card information without understanding the app's safety or privacy policies, leaving them vulnerable. If you make one in-app purchase, data may be tracked by the app, your smartphone, the payment processing company, and your bank.
If we're concerned about data privacy, why aren't we protecting ourselves?
Many people don't protect their online personal data because tech companies make it hard or irritating.
For example, the terms and conditions for your smartphone's operating system are pages long and full of legal jargon. Websites and browsers hide their policies deep in the account settings in places that are hard to find. Apps may even disable key features if you attempt to limit data collection or turn off location tracking.
For many people, it's easier to simply let their data flow freely than to fight to protect it.
Risk and exposure to data theft: Scammers are smarter than ever before
Outside of tech companies, bad actors also want a crack at your data. Your financial information, social security number, private photos, personal messages, and biometric data are all locked up on servers across the web. All it takes is one bad password or a company's weak encryption to lose it all.
Even worse, scams have gotten more complicated. Things like phone number spoofing and AI voice cloning can make it difficult to tell when you're being conned. Compounding the issue is many people's poor data security practices with repeated passwords, outdated operating systems, and a refusal to use data-protection software.
When polling Americans about online scams and how they protect themselves, we found:
- Only 23% of people said they are "very confident" in their ability to identify and protect themselves from online threats and scams.
- 1 in 3 people are unsure of their ability to identify and protect themselves from online threats and scams.
- 52% of people use the same passwords for multiple important accounts.
- 21% of people don't regularly update their phone's operating system to ensure security patches are installed.
- 44% of people haven't taken any measures to enhance the security of their home Wi-Fi network.
- 63% don't have robocall blocking software on their phones.
- 29% of people don't use any kind of antivirus or antimalware on their devices to protect against malicious software.
Of course, individual users aren't the only ones dropping the ball. Companies themselves can fall victim to scams and hackers, resulting in massive data breaches that impact millions of users, cripple online systems, and collectively cost billions.
Massive data breaches happen more than you think and have wide-ranging impacts:
- 31% of people report having experienced a data breach, such as unauthorized access to their personal information or accounts on their mobile devices.
- 1 in 6 breaches in 2025 involved AI for phishing scams and deepfake impersonations.
- Just one data breach in June 2025 affected over 16 billion users when passwords and login credentials were leaked from Google, Apple, and Facebook platforms.
- Over 4,100 publicly disclosed data breaches happened last year alone. That's roughly 11 breaches per day, and that's only publicly disclosed breaches.
- 60% of breaches involve a human element, like phishing or stolen credentials.
Protect yourself: Here's how to keep your data safe
The good news is that it doesn't take much to protect your data. Most tasks can be done in minutes or simply require a preventative mindset.
You can protect your personal data online by:
- Using strong passwords: Don't use common passwords or reuse your favorite password on several websites. Consider using a password manager on your device with a built-in random generator.
- Enable two-factor authentication: We recommend using a two-factor authentication app instead of a code provided by text message or email that can be intercepted.
- Retract app permissions: If you accidentally gave an app too much power to track you, retract the permissions in the settings of your phone.
- Disable app location tracking: Unless your app specifically needs live location data (like a GPS or weather app), it doesn't need to know where you travel.
- Delete old apps and accounts: If you no longer use a service, delete your account and the app so it's not continuing to collect data in the background of your device.
- Use a VPN: Virtual Private Networks create an encrypted online connection that masks your real IP address and protects your data while in transit.
- Limit or reject browser cookies: Cookies are small files placed on your device by websites that track you as you move across the web. They're essentially a digital trail of crumbs showing websites and advertisers where you like to go.
- Update apps and operating systems: Developers are constantly patching vulnerabilities in their software, but you only get these fixes by keeping your device and apps updated.
- Use anti-robocall software: Most smartphones now have built-in features to screen robocalls and spam. Make sure these features are enabled and never answer a call from a number you don't recognize.
- Limit sharing your financial information: Always be suspicious of apps and websites that ask for payment information. When you have to share it, consider using a third-party system like Apple Pay or PayPal so you aren't sharing your actual card or banking information.
What should you do after a data breach?
Don't panic if you discover someone accessed your data in a data breach. Not every incident will include your most sensitive data. I've been caught up in several breaches, and have usually just been forced to change some passwords or request a new credit card number.
You'll likely learn of the breach because a company sends you an alert or you discover someone has accessed one of your accounts. From there, you should:
- Check, monitor, or freeze your credit.
- Change your password (include every site if you've used the same password several times).
- Request new credit/debit card numbers for payment methods used on the breached site.
You can check out the FTC's Data Breach guide for step-by-step instructions on different kinds of data breaches. For example, there are specific processes you should follow if your passport or medical insurance information was breached.
Methodology
WhistleOut surveyed 1,000 U.S. adults about their data privacy habits and sentiment towards data collection. Results from the survey are post-stratified and proprietary.
Data breach sources:
- https://www.bakerdonelson.com/webfiles/Publications/20250822_Cost-of-a-Data-Breach-Report-2025.pdf
- https://guardz.com/blog/top-recent-data-breaches/
- https://www.breachsense.com/breaches/
- https://www.verizon.com/business/resources/reports/dbir/
Max McCaskill
Sr. Staff Writer
Find a better phone plan
Thousands of cell phone plans unpacked. All the facts. No surprises.
.png?w=280&h=280&usm=20&usmrad=0.8&fit=crop "Best Cell Phone Deals for June 2026: Get the New iPhone 17 for Free")
