EDGE
Book a demo

Digital Privacy Tools

New data privacy regulations have opened up space for a new wave of compliance-focused startups.

Overview

The endless flow of personal information calls for new ways of complying with privacy regulations

Digital privacy broadly refers to the use of internet and connected services without compromising personally identifiable and sensitive data. The proliferation of internet-based services in our daily lives creates a constant flow of sensitive information from the user to these services, which has inspired regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) to emerge to protect consumer privacy.

Technologies such as machine learning and natural language processing (NLP) allow companies to automate compliance-related tasks such as discovering and classifying personal information at a large scale and fulfilling data subject rights requests.

The rise of privacy regulations, spearheaded by the GDPR, is driving demand in this space, combined with the increasing cost of a data breach, and consumers becoming more aware of the risks associated with sharing their personal data with third parties. Failure to comply with privacy regulations can result in penalties that could reach millions as evidenced by the recent fines slapped to tech giants such as Amazon and Facebook.

What's driving this industry?
Market Sizing

The market for compliance and privacy management tools in the US is estimated to reach USD 4.6-8.5 billion by 2025

Conservative case

USD 4.6 Bn

35% penetration
Base case

USD 6.5 Bn

50% penetration
Expansion case

USD 8.5 Bn

65% penetration
USD billion013579202020212022202320242025
View details

COVID-19 IMPACT

  • Covid-driven digital transformation has increased demand for solutions that enable remote collaboration and secure access to sensitive data all while remaining compliant with relevant regulations.

    • Very Good Security doubled its customer base and increased the volume of data it handled by tenfold. 

    • Tonic saw its revenue increase by 600% in 2020 with Harbr also reporting a rapid increase in demand.

  • Online retail sales grew by over 32% during the first nine months of 2020, resulting in higher volumes of user data passed on to online retailers.

  • Authorities indicate that existing regulations (such as the GDPR and CCPA) will continue uninterrupted. In an unexpected move, Brazil reversed its decision to postpone implementation of its privacy regulations.

  • Privacy concerns have deterred mass adoption of contact tracing technology, which have allowed some governments to track and curb the spread of the Covid-19 virus.

View detail

Market Mapping


The digital privacy space includes companies which cater to both enterprises and end consumers. Most of the companies offering solutions to enterprises are in the business of providing solutions to comply with regulations such as the GDPR and CCPA, with several other companies offering solutions to collaborate on, store, and carry out data processing on sensitive information without compromising privacy.

The industry has seen a hike in the number of new startups, with close to 60% of the startups founded after 2016 and more than two-thirds currently in the early/growth stage. This increase is driven by the emergence of the GDPR and other regulations that have followed. The disruptors offer a wide range of patented and AI-based solutions to support organizations across various areas of privacy compliance and have seen their revenues grow significantly over the last three years. In September 2020, Inc. magazine named OneTrust the fastest growing company in the US, recording revenue growth of more than 48,000% from 2016 to 2019 and reaching USD 70 million revenue in 2019. OneTrust was also the highest valued disruptor, with its last funding round in April 2021 placing a value of USD 5.3 billion on the company.

The incumbents largely include IT consulting giants that have ventured into this space through a mix of in-house development and acquisitions.

Incumbents
Growth
Early
Seed
Pre-Seed
Compliance and privacy management infrastructure
?
Privacy-preserving collaboration
?
Privacy-preserving data processing
?
Data governance platforms
?
Data storage solutions
?
B2C tools
?
Control.My.ID
Control.My.ID
Control.My.ID
Control.My.ID
Control.My.ID
Control.My.ID
TrustArc
IBM
Google
Informatica
Crownpeak
Donnelley Financial Solutions
Ensighten
Wipro Technologies
Accenture
Cognizant
L&T Infotech
Pathlock
OneTrust
BigID
Securiti
Seclore
Sourcepoint
Vanta
DataGuard
Privacera
Laika
Didomi
WireWheel.io
Ketch
DataWallet
DataGrail
Odaseva
Relyance AI
Okera
Transcend
Ethyca
Normalyze
Usercentrics
Hyperproof
RegScale
TerraTrue
Osano
1touch.io
Aptible
CyberSaint Security
RADAR
Heureka Software
PrivacyCheq
Mage Data
Clarip
Truyo
CENTRL
Canopy Software
SixFifty
SecuPi
SafeGuard Privacy
Manetu
ComplyCloud
StrongSalt
Dataships
CYTRIO
Cavelo
RESPONSUM
RIVN
Ardent Privacy
Preclusio
NiX Software
Gamma.AI
BreachRx
oneDPO
GDPRSimple
Piiano
Control.My.ID
IBM
Google
Amazon
LiveRamp
Magnite
Kiteworks
Donnelley Financial Solutions
Swiss Post
Privitar
Virtru
Seclore
ProtonMail
InfoSum
Theta Lake
Harbr
Duality Technologies
Enveil
Zivver
Decentriq
Cosmian
Mage Data
Halo Privacy
XcooBee
DocEx
TripleBlind
Sotero
Trustpage
Privapp
HighSide
Magnite
Twilio
Pathlock
Privitar
InfoSum
Duality Technologies
Didomi
Tonic
Enveil
Opaque
MOSTLY AI
Okera
Cape Privacy
Borneo
ShardSecure
Anonos
SkyPoint Cloud
Cosmian
Aircloak
Statice
Semele Data
Manetu
Private AI
Glimpse Protocol
Datavillage
Blotout
IOR Analytics
Gretel.ai
Privacy Dynamics
Cufflink
FortifID
IBM
Proofpoint
Pathlock
Immuta
Privitar
Seclore
PHEMI Systems
Didomi
Odaseva
Okera
Normalyze
Borneo
Rencore
Mage Data
ENGAIZ
Sotero
Soveren
eXate
HighSide
IOR Analytics
Twilio
Very Good Security
Skyflow
InCountry
Halo Privacy
XcooBee
Inrupt
HighSide
Piiano
Swiss Post
ZeroFOX
Mozilla Corporation
Lithic
DuckDuckGo
Brave
ProtonMail
Anonyome Labs
Skiff
AutoGraph
Mine
Abine
Purism
Keepsafe
Disconnect
TrackOFF
Winston Privacy
Clarip
Privatext
Presence Global
Cloaked
Xayn
Trustpage
Helm
Dataships
Rita Personal Data
Puma Browser
JoinPrivacy
Atsign
Cufflink
Privsee

The Disruptors


The disruptors for compliance solutions largely include companies that were founded after 2016, in line with the emergence of the GDPR and other privacy regulations. These companies are pure-play privacy solution providers, unlike most of the incumbents, and provide a solution/platform that leverages technologies such as AI and machine learning algorithms to automate tasks related to privacy compliance.

Disruptors are also offering privacy-preserving solutions for companies to manage, access, share, and process sensitive data without compromising privacy. For enterprises that do not want to maintain their own compliant storage infrastructure, disruptors are also offering data storage solutions that come equipped with enough protection to comply with privacy regulations and other data residency requirements.

Lastly, the disruptors in the business-to-consumer (B2C) space provide applications that end-users can sign up and use to enhance their privacy online. Some companies in this section already provide a similar product for enterprises. The single-user version for consumers is provided for free or a nominal charge.

Compliance and privacy management infrastructure

?

Disruptors

?
Funding in USD Millions
OneTrust
926
BigID
246
Vanta
163
DataGuard
82
Securiti
81
Privacera
67
Laika
48
Seclore
46
Didomi
46
WireWheel.io
44
Sourcepoint
43
Ketch
43
DataWallet
42
DataGrail
39
Odaseva
39
Relyance AI
30
Okera
30
Transcend
29
Ethyca
28
Normalyze
27
Usercentrics
25
Hyperproof
22
TerraTrue
20
Osano
19
1touch.io
14
Aptible
12
Watchlist
?
RegScale
CyberSaint Security
Piiano
SafeGuard Privacy
RADAR
Manetu
ComplyCloud
StrongSalt
Heureka Software
Dataships
CYTRIO
PrivacyCheq
Cavelo
RESPONSUM
RIVN
Mage Data
Clarip
Ardent Privacy
Preclusio
Truyo
NiX Software
Gamma.AI
CENTRL
BreachRx
Canopy Software
Control.My.ID
SixFifty
SecuPi
oneDPO
GDPRSimple

Privacy-preserving collaboration

?

Disruptors

?
Funding in USD Millions
Privitar
150
Virtru
140
InfoSum
88
Theta Lake
68
Harbr
52
Duality Technologies
50
Seclore
46
Enveil
40
Zivver
32
TripleBlind
32
Decentriq
19
Watchlist
?
Sotero
Cosmian
Trustpage
ProtonMail
Privapp
Mage Data
HighSide
Halo Privacy
XcooBee
DocEx

Privacy-preserving data processing

?

Disruptors

?
Funding in USD Millions
Privitar
150
InfoSum
88
Gretel.ai
68
Duality Technologies
50
Didomi
46
Tonic
45
Enveil
40
Opaque
32
MOSTLY AI
31
Okera
30
Cape Privacy
25
Borneo
18
ShardSecure
16
Anonos
12
Watchlist
?
SkyPoint Cloud
Cosmian
Manetu
Privacy Dynamics
Private AI
Glimpse Protocol
Aircloak
Datavillage
Cufflink
FortifID
Statice
Blotout
IOR Analytics
Semele Data

Data governance platforms

?

Disruptors

?
Funding in USD Millions
Immuta
258
Privitar
150
Seclore
46
Didomi
46
Odaseva
39
Okera
30
Normalyze
27
PHEMI Systems
25
Borneo
18
Watchlist
?
Sotero
Rencore
Soveren
eXate
Mage Data
HighSide
IOR Analytics
ENGAIZ

Data storage solutions

?

Disruptors

?
Funding in USD Millions
Very Good Security
105
Skyflow
70
Inrupt
46
InCountry
40
Watchlist
?
Piiano
HighSide
Halo Privacy
XcooBee

B2C tools

?

Disruptors

?
Funding in USD Millions
DuckDuckGo
172
Brave
42
Cloaked
29
Xayn
23
Anonyome Labs
20
Skiff
14
AutoGraph
13
Mine
13
Atsign
11
Watchlist
?
Abine
Purism
Trustpage
ProtonMail
Keepsafe
Disconnect
Helm
Dataships
Rita Personal Data
TrackOFF
Winston Privacy
Cufflink
Clarip
Privatext
Puma Browser
Presence Global
JoinPrivacy
Privsee

OneTrust

OneTrust provides compliance solutions that leverage AI tools and automation across all areas of privacy compliance. OneTrust Athena, the company’s AI-powered solution, provides automation in the areas of data discovery, data subject rights management, consent management (with a user-facing preference center for greater control), data protection impact assessments, third-party risk management, incident response reporting, and monitoring. The company also provides regulatory research software that companies can use to train staff and even benchmark their own privacy programs. The company’s Government Records Request Automation solution helps government organizations intake requests, automate data discovery and redaction, and provide a secure two-way communication portal that demonstrates compliance with FOIA, PRR, and the Privacy Act.

OneTrust has strengthened its position in the digital privacy space through several acquisitions in recent years. In March 2021, OneTrust acquired DocuVision, an AI-powered data redaction platform to bolster its data subject rights capabilities through automatic redaction of non-relevant sensitive information. During the same month, OneTrust acquired Convercent to enhance its platform through advanced ethics and compliance capabilities, and helpline and disclosure management. OneTrust acquired the security assurance and certification platform Tugboat Logic in September 2021, to automate its InfoSec assurance and certification processes. Other notable acquisitions include Privacy Core e-learning, DataGuidance, and Integris Software.

Funding and financials

In September 2020, OneTrust was named the fastest-growing privately held company in America, with revenue growth of more than 48,000% over three years. In addition to the US, OneTrust also operates in the UK, France, Germany, India, Hong Kong, Thailand, and Australia.

The company employed 3,000 people, served more than 12,000 customers (including 75% of the Fortune Global 500 companies), and its solutions are backed by 200 patents, as of January 2022. In June 2022, OneTrust laid off 950 employees (~25% of its global workforce) across its departments in Atlanta (US), Bengaluru (India), and London (UK), due to worsening global financial crisis and to balance between growth and profitability.

In December 2020, OneTrust raised USD 300 million in Series C funding at a valuation of USD 5.1 billion, almost doubling in value from its previous round in February 2020. The investment was led by TCV, with participation from OneTrust's existing investors, Insight Partners and Coatue. This preemptive funding round was expected to be spent on research and development as well as expanding its sales, marketing, and engineering teams worldwide. In April 2021, the Series C round was extended by another USD 210 million in Series C1 funding from SoftBank Vision Fund and Franklin Templeton, bringing its valuation to USD 5.3 billion. The company expected to use SoftBank’s backing to cement a geographical position in Japan.

Segment:
Compliance and privacy management infrastructure
Total funding:
USD 926.4 million
Competitors:
BigID, Securiti, Transcend, Okera, WireWheel.io
Disruptor Funding History

Compliance and privacy management infrastructure:

OneTrust
BigID
Vanta
DataGuard
Securiti
Privacera
Laika
Seclore
Didomi
WireWheel.io
Sourcepoint
Ketch
DataWallet
DataGrail
Odaseva
Relyance AI
Okera
Transcend
Ethyca
Normalyze
Usercentrics
Hyperproof
TerraTrue
Osano
1touch.io
Aptible
RegScale
CyberSaint Security
Piiano
SafeGuard Privacy
RADAR
Manetu
ComplyCloud
StrongSalt
Heureka Software
Dataships
CYTRIO
PrivacyCheq
Cavelo
RESPONSUM
RIVN
Mage Data
Clarip
Ardent Privacy
Preclusio

Privacy-preserving collaboration:

Privitar
Virtru
InfoSum
Theta Lake
Harbr
Duality Technologies
Seclore
Enveil
Zivver
TripleBlind
Decentriq
Sotero
Cosmian
Trustpage
ProtonMail
Privapp
Mage Data

Privacy-preserving data processing:

Privitar
InfoSum
Gretel.ai
Duality Technologies
Didomi
Tonic
Enveil
Opaque
MOSTLY AI
Okera
Cape Privacy
Borneo
ShardSecure
Anonos
SkyPoint Cloud
Cosmian
Manetu
Privacy Dynamics
Private AI
Glimpse Protocol
Aircloak
Datavillage
Cufflink
FortifID

Incumbents


The incumbents in this space include established companies such as TrustArc and Ensighten which were already operating in the digital privacy space, and companies such as Accenture, IBM, and other technology consulting giants that have expanded offerings to provide compliance related services either internally or through acquisition. Each incumbent here provides their own variant of a platform/solution for organizations to achieve compliance with privacy regulations. Incumbents have working partnerships with other companies (including disruptors) in the space.

Compliance and privacy management infrastructure
Privacy-preserving collaboration
Privacy-preserving data processing
Data governance platforms
Data storage solutions
B2C tools
In House Development
M&A
Partnership
Investment
TrustArc
IBM
Google
Informatica
Crownpeak
Amazon
Proofpoint
LiveRamp
Magnite
Kiteworks
Twilio
Donnelley Financial Solutions
Swiss Post
ZeroFOX
Ensighten
Accenture
Wipro Technologies
Cognizant
L&T Infotech
Pathlock
Mozilla Corporation
Lithic

Notable Investors


No investor data is available

Funding data are powered by Crunchbase
arrow
menuarrow
Click here to learn more
Book a demo

By using this site, you agree to allow SPEEDA Edge and our partners to use cookies for analytics and personalization. Visit our privacy policy for more information about our data collection practices.