Blog
Have a great story about leveraging security, privacy, and risk management to drive trust, resilience, and responsible innovation? We'd love to hear from you.
Blog
In January 2026, Salesforce changed how its Marketing Cloud Engagement platform encrypts tracked email links. The fix addressed a vulnerability that could have exposed CloudPages content, such as landing pages, microsites, forms, subscriber data from preference and unsubscribe centers, and email content via web view links. But the fix created a new problem: All tracked […]
Blog
Happy Data Privacy Day! In honor of the day, we’re highlighting five key trends that will determine the data privacy agenda for the year ahead.
Blog
India's Digital Personal Data Protection Act is now fully operational, and it applies to all organizations that process the digital personal data of individuals in India. Read five recommendations for CIOs to respond.
What is privacy in a business context?
Privacy in a business context means protecting personal data collected from customers, employees, and partners in
compliance with laws and ethical standards. It ensures that personal information is collected, stored, and used
transparently and respectfully. Strong privacy practices build trust and reduce legal and reputational risk.
Why is privacy becoming more important now?
Privacy is gaining prominence due to stricter global regulations, rising consumer awareness, and the impact of new technologies like AI. Companies that mismanage personal data face fines, legal actions, and loss of customer trust. A robust privacy posture is now a competitive differentiator.
What challenges do organizations face with privacy compliance?
Organizations often struggle with fragmented regulation across jurisdictions, complex data flows, inconsistent data quality, and lack of centralized governance. Integrating privacy into legacy systems and scaling controls across business units also poses difficulty. Overcoming these requires clear accountability, automation, and cross-functional cooperation.
What indicators should leaders monitor as part of privacy programs?
Leaders should monitor metrics such as number of data subject requests, incidents or breaches, policy violations, audit results, and time to resolution. They should also track privacy maturity levels and compliance gaps. These indicators
help assess effectiveness and guide investment.
How does Forrester help clients succeed in privacy?
Forrester provides frameworks, research, and advisory support to help organizations assess, design, and scale
privacy programs. We help clients evaluate regulatory changes, align privacy with business goals, and benchmark progress. Our insights assist firms in turning privacy from a compliance burden into a trust enabler.
Blog
Oliwia Berdak
November 11, 2025
As consumers and businesses learn to operate in a permanent state of skepticism, our trust and privacy predictions reveal how organizations must adapt to survive — and thrive
Blog
Learn more about the two enterprise security programs that won this year’s Security & Risk Enterprise Leadership Award.
Blog
Stephanie Liu
October 15, 2025
Every year, Forrester updates the US consumer privacy segmentation report to uncover evolving trends in how consumers approach data sharing and privacy protection.
Blog
July has marked a defining moment for global AI regulation, as policymakers in both the US and the EU removed or abandoned some heavy roadblocks that stood in the way of laws mandating transparency and regulations enshrining risk management.
Blog
Stephanie Liu
May 30, 2025
Brands tempted to move fast with AI pilots can’t ignore consumer sentiment and readiness for consumer-facing AI experiences. Find out why as we list three key findings from a new report.
Blog
Increasing geopolitical volatility has characterized the last three years in Europe and is reaching new heights. Learn what Microsoft has committed to do and what tech executives should watch out for.
Blog
Forrester is delighted to announce the opening call for our annual Security & Risk Enterprise Leadership Award. This award recognizes organizations that have transformed their security, privacy, and risk management functions into capabilities that fuel the organization’s reputation for trust and its long-term success.
Blog
Stephanie Liu
March 13, 2025
As more privacy regulations and consumer tools emerge, the challenge for brands is how to ask consumers for data in a way that is user-friendly and encourages them to share their information. Get an example on how to collect zero-party data in this preview of a new report.
Blog
With online identity verification well understood and maturing, the next brewing verification battle is around age verification, a subset of identity verification.
Blog
Mozilla’s recent change to the Firefox terms of use has led to concerns within the open-source, privacy, and web communities. Firefox now finds itself in a difficult spot.
Blog
We shared some classical Greek imagery in our recent blog on the UK government’s recent swathe of AI announcements. This week, I’m more inspired by Ancient Rome to say “mala tempora currunt!” Last month, Apple decided to stop offering its Advanced Data Protection (ADP) feature to new customers in the UK, and customers who opted […]
Blog
Stephanie Liu
January 28, 2025
B2C marketers are monitoring a series of state privacy laws going into effect this year, including the recently enacted Texas Data Privacy and Security Act. Get three key next steps in this post.
Blog
After more than a year of investigations, the Italian privacy regulator — il Garante per la protezione dei dati personali — issued a €15 million fine against OpenAI for violating privacy rules. Violations include lack of appropriate legal basis for collecting and processing the personal data used for training their generative AI (genAI) models, lack […]
Podcast
Despite Google’s recent reversal on third-party cookies, marketers need to prepare for data deprecation. Yet many aren’t. This week on What It Means, Senior Analyst Stephanie Liu and Principal Analyst Brett Kahnke discuss how B2C and B2B marketers can adapt their data strategies to maintain consumer trust and compliance.
Blog
Xiaofeng Wang
December 2, 2024
Compliance with the EU’s GDPR alone isn't sufficient in APAC, where local regulations may impose additional or different requirements.
Blog
Stephanie Liu
November 13, 2024
The seasons are changing, Christmas catalogs are arriving, the clocks have shifted back an hour (in some countries) … yes, the new year is coming. While we don’t advocate for closing the books on 2024 yet (it’s only November, after all!), now is a great opportunity to consider what’s in store for next year. On […]
