AI is “Forcing a Fundamental Shift” in Data Privacy and Governance
Enterprises are shaking up their approach to data privacy and governance, new research shows, largely due to added risk factors created by AI adoption.
Key Findings from Cisco’s 2026 Data and Privacy Benchmark Study
According to Cisco’s 2026 Data and Privacy Benchmark Study, nearly all companies are expanding privacy programs and governance frameworks to protect their data. AI is the main reason for 90% of these initiatives, with 93% saying they plan further investment to keep up with the complexity of AI systems and the expectations of customers and regulators.
The survey found that 38% of organizations spent at least $5 million on their privacy programs in the past year. This marks a dramatic increase from just 14% who spent over that threshold in 2024.
Impact of Privacy Frameworks
Notably, these programs appear to be working well. An overwhelming 96% of organizations reported that robust privacy frameworks were helping unlock AI agility and innovation, and 95% stated that privacy was essential for building customer trust in AI-powered services.
One interesting change noted by the researchers is that trust is no longer just a question of meeting regulatory requirements. Data governance is now seen as a strategic business enabler, with 99% of organizations reporting at least one tangible benefit from their privacy initiatives, such as enhanced agility, innovation, and greater customer loyalty.
The Need for Holistic Governance
“AI is forcing a fundamental shift in the data landscape, calling for holistic governance of all data – both personal and non-personal,” said a senior executive at Cisco. “Organizations must deeply understand and structure their data to ensure every automated decision is explainable. It’s not just for compliance, but a necessary scaling engine for AI innovation.”
Challenges in Data Requirements
While 72% of respondents were generally positive about data privacy laws, there is a growing push to streamline and update data requirements. Just over 80% of organizations surveyed face heightened demand for data localization and global data complexity, and 85% said this adds cost, complexity, and risk to cross-border service delivery.
Similarly, 77% report these requirements limit their ability to offer seamless 24/7 service across markets. The assumption that locally stored data is inherently more secure is gradually eroding, decreasing from 90% in 2025 to 86% in 2026.
Advocating for International Standards
“To capture the potential of AI, organizations (83%) are advocating for a shift toward harmonized international standards,” said another Cisco executive. “They recognize that global consistency is an economic necessity to ensure data can flow securely while maintaining the high standards of protection required for trust.”
Recommendations for Enterprises
Cisco advises enterprises to invest in robust data infrastructure, prioritizing transparency and embedding security and privacy throughout AI initiatives. Organizations should also make informed decisions about data localization, establish strong AI governance, and equip their teams with comprehensive training and safeguards.
In conclusion, as enterprises navigate the evolving landscape of data privacy and governance in the age of AI, a proactive approach to privacy initiatives will not only ensure compliance but also drive innovation and customer trust.
