DataGrail reports surge in data deletion requests, increasing compliance costs for businesses

DataGrail reported an 82% rise in data deletion requests in its 2025 Privacy Trends Report, reflecting consumers' increasing control over personal data. This trend has led to rising costs for businesses managing compliance, particularly around Data Subject Requests (DSRs). Compliance expenses have reached an estimated $1.26 million annually per five million unique website visitors, marking a 43% increase since 2023.

Organizations are also facing mounting pressure regarding “Do Not Sell” requests, which saw a 37% increase from the previous year. The California Privacy Protection Agency has heightened scrutiny on compliance, further influencing costs and operational practices. Additionally, the report noted that 41% of DSRs in 2024 originated from states with new privacy laws, a 229% increase from the previous year.

Daniel Barber, co-founder and CEO of DataGrail, stated, “Our 2025 report clearly shows that consumers are taking control over their data privacy rights and are actively exercising those rights by demanding deletion of their data.” Meanwhile, research from IDC highlights a critical shift, emphasizing that organizations must prioritize data privacy management to avoid potential fines and lawsuits.

Furthermore, the report reveals that 69% of businesses violate consumer consent by deploying tracking cookies despite opt-out preferences, exposing them to legal risks. As consumer expectations for privacy grow, the data brokerage industry has received the highest volume of privacy requests, driven by heightened regulatory pressure and consumer concerns regarding data security.