Over 42 percent of teenagers in Poland used multi-stage logins to protect their privacy on the internet in 2020. More than 38 percent of respondents deleted the browser history.

More than half of Swedes who worked or studied from home felt monitored as of the third quarter of 2020. Two in three internet users who worked from home in the evaluated period felt concerned about a potential intrusion by the authorities.

Percentage of Canadians who have experienced an Internet security and/or privacy incident during the past 12 months, by type of incident.

Between January 2020 and April 2024, the United States Federal Trade Commission (FTC) took legal enforcement actions against 12 companies providing online and mobile services for violations of data privacy and security laws. The most recent case involved AT&T Mobility, which, in April 2024, agreed to pay 927,536 U.S. dollars in penalties for engaging in “mobile cramming.” This practice involved charging consumers for third-party services on their mobile telephone bills without their authorization.

The 2020 CIUS aims to measure the adoption and use of digital technologies by individual residents of Canada 15 years of age and over, living in the provinces. The information gathered will help to better understand how the Internet and other digital technologies are changing the way we work, play and interact with others. The CIUS examines Internet access and use, the use of Internet-connected smart devices and smartphones, social connections in the digital age, the use of government online services, e-commerce, digital skills, security, privacy and the confidence Canadians place on digital technologies, online work and the changes in use of digital tech as a result of COVID-19. The CIUS also measures barriers to: Internet access and use, online services, and using various digital technologies. Collected data is used to inform evidence-based policymaking, research and program development, and provide internationally comparable statistics on the use of digital technologies. For example, the data of this survey is used to: Guide government efforts to provide households with more reliable and affordable high-speed Internet Develop policies to protect individuals from online privacy and security risks Research the impacts of digital technologies on well-being and new gig-based employment Better understand the digital skills needed for learning and the future of work Better understand how and why people use online services, like shopping and social media, Identify barriers that prevent people from accessing the Internet and making the most of new technology Improve online government services and make them more user-friendly Contribute to international initiatives, such as the United Nations Sustainable Development Goals and the OECD Going Digital Project, to help track and compare Canada’s digital development. The survey is built off the previous iteration of the CIUS, last conducted in 2018. The 2020 iteration has been updated to collect data to meet new data needs. The 2020 iteration of the CIUS is sponsored by Innovation, Science and Economic Development Canada (ISED). Numerous other government departments also provided input during the questionnaire content development phase.

Online security is as current a topic in Germany as in almost every country in the world. With more and more personal information being stored and accessible online, privacy and data protection laws are becoming increasingly important, with the pressing necessity of establishing more than just general guidelines. As is clear from this statistic, the majority of Germans are more than skeptical about the safety of their personal data on the internet.

Private users

Personal data being secure online is an issue affecting both private citizens and companies alike, across services and industries. The main concerns over using e-government websites, for example, were becoming a so-called transparent citizen with private data stored in one central database, as well as lack of security during data transmissions. Optimistically so, the number of phishing cases targeting online banking users has been dropping in recent years.

Companies

75 percent of companies in Germany were the victims of cyber attacks in 2019. Of these, the most common types were theft of IT and communication devices, as well as sensitive digital documents.

CSAM Themes - shining a light on all the ways the internet allowed us to stay connected and find a new "normal" in our lives.

In this survey, we inspected how aware people were of their online privacy and calculated their privacy awareness scores.

privacy_awareness_questionnaire.pdf

It is the Privacy Awareness survey questionnaire.

calculating_privacy_awareness_scores_method.pdf

It describes the method of calculating privacy awareness scores.

raw_data.csv

It contains the raw data set collected from the respondents. The first row contains the labels of questions from 1 to 15.

filtered_out_data.csv

It contains filtered-out data set and the calculated awareness scores. The first row contains the labels of questions from 1 to 15 and the awareness score. We applied the following erasure conditions on the raw data set:

Q2 = A2 AND Q3 = A1

Q2 = A2 AND Q3 = A2

Q6 = A1 AND Q7 = A2

Q6 = A1 AND Q9 = A2

According to a 2020 survey on information privacy in Australia, 66 percent of respondents reported that they did not normally read internet site privacy policies because they were too long to read. Just nine percent of respondents stated they didn't read the policies because data privacy wasn't a consideration when choosing to use a service.

This dataset comprises the 10 employee surveillance software tools with the highest volume of internet searches since March 2020. The percentage difference values are based on that month’s search volume compared to the average monthly searches in 2019.

This data set provides the mapping between the privacy threat types and the lower-level threat characteristics onto the privacy threats discussed in six distinct and domain-specific privacy threat taxonomy publications:

1. 'A Survey on Privacy and Security of Internet of Things’ (2020)
2. 'A Taxonomy of mhealth Apps – Security and Privacy Concerns’ (2015)
3. 'A Comprehensive Survey of Privacy-preserving Federated Learning: A Taxonomy, Review, and Future Directions’ (2021)
4. ‘Privacy and artificial intelligence’ (2021)
5. 'A Survey on Large Language Model (LLM) Security and Privacy: The good, the bad, and the ugly’(2024)
6. 'Security and Privacy Challenges of Large Language Models: A Survey’ (2025)

The mapping table provides concrete reference to the location of the threat in the publication, and the concrete threat characteristics recognized. It furthermore provide mapping rationale.

This data set is made public in support for a publication entitled: Seven Samurai: Privacy Threat Types of LINDDUN

According to a 2020 survey on information privacy in Australia, 63 percent of respondents reported that they did not normally read internet site privacy policies in full. This figure has increased from 57 percent in 2007.

The 2022 CIUS aims to measure the adoption and use of digital technologies by individual residents of Canada 15 years of age and over, living in the provinces. The information gathered helps to better understand how the Internet and other digital technologies are changing the way we work, play and interact with others. The CIUS examines Internet access and use, along with the use of Internet-connected smart devices, social connections in the digital age, use of government online services, e-commerce, digital skills, security, privacy and trust, online work and the knowledge and adoption of new digital technologies such as Artificial Intelligence, digital credentials and cryptocurrencies. The CIUS also measures barriers to: Internet access and use, online services, and various digital technologies. Collected data is used to inform evidence-based policymaking, research, program development, and provide internationally comparable statistics on the use of digital technologies. For example, the results from this survey will be used to: - Guide government efforts to provide households with more reliable and affordable high-speed Internet Develop policies to protect individuals from online privacy and security risks Research the impacts of digital technologies on well-being and new gig-based employment Better understand the digital skills needed for learning and the future of work Better understand how and why Canadians use online services, like shopping and banking Identify barriers that prevent people from accessing the Internet and making the most out of the new technologies presently available Improve online government services and make them more user-friendly Contribute to international initiatives, such as the United Nations Sustainable Development Goals and the OECD Going Digital Project, to help track and compare Canada’s digital development. The survey is built off the previous iterations of the CIUS, last conducted in 2018 and 2020. The 2022 iteration has been updated to collect data to meet new data needs. The 2022 iteration of the CIUS is sponsored by Innovation, Science and Economic Development Canada (ISED). Numerous other government departments also provided input during the questionnaire content development phase.

In 2019, only 13 percent of Hungarians were concerned about foreign governments accessing the information they had shared on the internet. More than half of respondents did not have such concerns.

The riskiest activity threatening the loss of privacy was opening attachments from an unknown source in 2020. Over 47 percent of Polish teenagers knew that the use of online gambling services may expose themselves to the risk of personal data leakage.

Preprint

Abstract

The World Wide Web is a complex interconnected digital ecosystem, where information and attention flow between platforms and communities throughout the globe. These interactions co-construct how we understand the world, reflecting and shaping public discourse. Unfortunately, researchers often struggle to understand how information circulates and evolves across the web because platform-specific data is often siloed and restricted by linguistic barriers. To address this gap, we present a comprehensive, multilingual dataset capturing all Wikipedia links shared in posts and comments on Reddit from 2020 to 2023, excluding those from private and NSFW subreddits. Each linked Wikipedia article is enriched with revision history, page view data, article ID, redirects, and Wikidata identifiers. Through a research agreement with Reddit, our dataset ensures user privacy while providing a query and ID mechanism that integrates with the Reddit and Wikipedia APIs. This enables extended analyses for researchers studying how information flows across platforms. For example, Reddit discussions use Wikipedia for deliberation and fact-checking which subsequently influences Wikipedia content, by driving traffic to articles or inspiring edits. By analyzing the relationship between information shared and discussed on these platforms, our dataset provides a foundation for examining the interplay between social media discourse and collaborative knowledge consumption and production.

Datasheet

Motivation

The motivations for this dataset stem from the challenges researchers face in studying the flow of information across the web. While the World Wide Web enables global communication and collaboration, data silos, linguistic barriers, and platform-specific restrictions hinder our ability to understand how information circulates, evolves, and impacts public discourse. Wikipedia and Reddit, as major hubs of knowledge sharing and discussion, offer an invaluable lens into these processes. However, without comprehensive data capturing their interactions, researchers are unable to fully examine how platforms co-construct knowledge. This dataset bridges this gap, providing the tools needed to study the interconnectedness of social media and collaborative knowledge systems.

Composition

WikiReddit, a comprehensive dataset capturing all Wikipedia mentions (including links) shared in posts and comments on Reddit from 2020 to 2023, excluding those from private and NSFW (not safe for work) subreddits. The SQL database comprises 336K total posts, 10.2M comments, 1.95M unique links, and 1.26M unique articles spanning 59 languages on Reddit and 276 Wikipedia language subdomains. Each linked Wikipedia article is enriched with its revision history and page view data within a ±10-day window of its posting, as well as article ID, redirects, and Wikidata identifiers. Supplementary anonymous metadata from Reddit posts and comments further contextualizes the links, offering a robust resource for analysing cross-platform information flows, collective attention dynamics, and the role of Wikipedia in online discourse.

Collection Process

Data was collected from the Reddit4Researchers and Wikipedia APIs. No personally identifiable information is published in the dataset. Data from Reddit to Wikipedia is linked via the hyperlink and article titles appearing in Reddit posts.

Preprocessing/cleaning/labeling

Extensive processing with tools such as regex was applied to the Reddit post/comment text to extract the Wikipedia URLs. Redirects for Wikipedia URLs and article titles were found through the API and mapped to the collected data. Reddit IDs are hashed with SHA-256 for post/comment/user/subreddit anonymity.

Uses

We foresee several applications of this dataset and preview four here. First, Reddit linking data can be used to understand how attention is driven from one platform to another. Second, Reddit linking data can shed light on how Wikipedia's archive of knowledge is used in the larger social web. Third, our dataset could provide insights into how external attention is topically distributed across Wikipedia. Our dataset can help extend that analysis into the disparities in what types of external communities Wikipedia is used in, and how it is used. Fourth, relatedly, a topic analysis of our dataset could reveal how Wikipedia usage on Reddit contributes to societal benefits and harms. Our dataset could help examine if homogeneity within the Reddit and Wikipedia audiences shapes topic patterns and assess whether these relationships mitigate or amplify problematic engagement online.

Distribution

The dataset is publicly shared with a Creative Commons Attribution 4.0 International license. The article describing this dataset should be cited: https://doi.org/10.48550/arXiv.2502.04942

Maintenance

Patrick Gildersleve will maintain this dataset, and add further years of content as and when available.

SQL Database Schema

Table: posts

Column Name	Type	Description
subreddit_id	TEXT	The unique identifier for the subreddit.
crosspost_parent_id	TEXT	The ID of the original Reddit post if this post is a crosspost.
post_id	TEXT	Unique identifier for the Reddit post.
created_at	TIMESTAMP	The timestamp when the post was created.
updated_at	TIMESTAMP	The timestamp when the post was last updated.
language_code	TEXT	The language code of the post.
score	INTEGER	The score (upvotes minus downvotes) of the post.
upvote_ratio	REAL	The ratio of upvotes to total votes.
gildings	INTEGER	Number of awards (gildings) received by the post.
num_comments	INTEGER	Number of comments on the post.

Table: comments

Column Name	Type	Description
subreddit_id	TEXT	The unique identifier for the subreddit.
post_id	TEXT	The ID of the Reddit post the comment belongs to.
parent_id	TEXT	The ID of the parent comment (if a reply).
comment_id	TEXT	Unique identifier for the comment.
created_at	TIMESTAMP	The timestamp when the comment was created.
last_modified_at	TIMESTAMP	The timestamp when the comment was last modified.
score	INTEGER	The score (upvotes minus downvotes) of the comment.
upvote_ratio	REAL	The ratio of upvotes to total votes for the comment.
gilded	INTEGER	Number of awards (gildings) received by the comment.

Table: postlinks

Column Name	Type	Description
post_id	TEXT	Unique identifier for the Reddit post.
end_processed_valid	INTEGER	Whether the extracted URL from the post resolves to a valid URL.
end_processed_url	TEXT	The extracted URL from the Reddit post.
final_valid	INTEGER	Whether the final URL from the post resolves to a valid URL after redirections.
final_status	INTEGER	HTTP status code of the final URL.
final_url	TEXT	The final URL after redirections.
redirected	INTEGER	Indicator of whether the posted URL was redirected (1) or not (0).
in_title	INTEGER	Indicator of whether the link appears in the post title (1) or post body (0).

Table: commentlinks

Column Name	Type	Description
comment_id	TEXT	Unique identifier for the Reddit comment.
end_processed_valid	INTEGER	Whether the extracted URL from the comment resolves to a valid URL.
end_processed_url	TEXT	The extracted URL from the comment.
final_valid	INTEGER	Whether the final URL from the comment resolves to a valid URL after redirections.
final_status	INTEGER	HTTP status code of the final

According to a survey on current attitudes towards online personal data use and privacy, carried out in the United States in 2021, over half of the respondents said they were more concerned about their online privacy compared to a year ago. Around nine percent said they were less concerned.

The size of the Internet of Things IoT Insurance Market was valued at USD 25.90 billion in 2024 and is projected to reach USD 575.06 billion by 2033, with an expected CAGR of 55.72% during the forecast period. The Internet of Things (IoT) is revolutionizing the insurance industry by enabling real-time data collection and analysis, thereby enhancing risk assessment and management. IoT devices, such as connected vehicles and wearable health monitors, provide insurers with continuous streams of data, allowing for more accurate underwriting and personalized policies. This data-driven approach facilitates proactive risk mitigation, as insurers can monitor policyholders' behaviors and intervene when necessary to prevent claims. For instance, in health insurance, wearable devices can track an individual's activity levels and health metrics, enabling insurers to offer discounts to those maintaining healthy lifestyles. Similarly, in auto insurance, telematics devices can monitor driving habits, rewarding safe drivers with lower premiums. However, the integration of IoT in insurance also presents challenges, including data privacy concerns, the need for robust cybersecurity measures, and the necessity for significant investment in technology infrastructure. Additionally, the vast amount of data generated requires advanced analytics capabilities to extract actionable insights. Despite these challenges, the IoT-enabled insurance ecosystem offers innovative opportunities for both insurers and policyholders, fostering a more dynamic and responsive insurance landscape. Recent developments include: In December 2020: Webfleet Solutions increased its functionality by the addition of BMW and MINI CarData to its OEM.connect programme. The programme enables automakers to avoid installing aftermarket hardware by directly integrating their vehicles with Webfleet Solutions' fleet management technology, WEBFLEET. Fleet managers and insurance providers may monitor a fleet's health status in real time thanks to instant notifications related to vehicle diagnostics, such as tyre pressure warnings, which helps keep drivers safe and save vehicle downtime or additional expenditures., In October 2020: Axon Telematics developed a quick, self-install telematics device for their client, a prominent UK motor insurance carrier, using the Aeris Fusion IoT Network, according to a statement from Aeris Communications, an Internet of Things (IoT) technology partner for businesses. Telematics deployed by technicians will be severely hampered up until government COVID-19 restrictions are abolished. To ensure that policy coverage can be provided, there is little data delay, and loss ratios are maintained to a low, Axon's self-installed telematics devices fill the gap., In 2023, SmartLoC, a German start-up that provides a B2B payment solution based on IoT data from direct shipment tracking, and Litus, an Italian MGA that provides cargo insurance, will proudly announce their alliance with the goal of revolutionising how businesses utilise insurances and make payments. Through the integration of real-time shipment tracking and insurance analysis, our partnership intends to revolutionise the cargo insurance sector by enabling a quicker and more precise evaluation of events affecting goods during transportation., 2022, Descartes Underwriting is introducing a parametric frost insurance product for regional brokers and clients that it designed for French vineyards, from French winemakers to Australian farmers., According to Parsyl, Inc., a suite of linked cargo insurance solutions for perishable goods will be available in 2020. The company's IoT data platform will be the driving force behind the new suite of products, which also features an innovative, first-of-its-kind parametric spoiling product that guards against temperature-related losses.. Key drivers for this market are: Improved Risk Assessment: IoT data provides insurers with a more accurate understanding of risks, reducing uncertainty and fraud.

Cost Reduction: IoT technologies automate processes, streamline operations, and reduce administrative costs.

Customer Demand: Consumers seek personalized insurance products and value-added services enabled by IoT.

Regulatory Support: Governments incentivize the adoption of IoT technologies in insurance to improve data-driven decision-making.

Technological Advancements: Innovations in IoT devices and data analytics drive market growth.. Potential restraints include: Data Privacy and Security Concerns: Collecting and using large amounts of IoT data raises privacy and security issues.

Technical Complexity: Integrating IoT technologies into insurance systems can be complex and costly.

Data Standardization: Lack of standardized data formats can hinder interoperability and data sharing.

Slow Adoption by Incumbents: Legacy insurance companies may be slow to adopt IoT technologies.

Limited Scalability: Some IoT-based insurance products may not be scalable to larger populations.. Notable trends are: Usage-Based Insurance: IoT devices track usage patterns, enabling insurers to charge premiums based on actual consumption.

Parametric Insurance: IoT data triggers automatic payments based on predetermined parameters, such as temperature deviations.

Blockchain for Data Security: Blockchain technology enhances data security and transparency in IoT insurance.

Artificial Intelligence (AI): AI algorithms analyze IoT data to provide predictive insights and automate decision-making.

Internet of Insurance (IoI): IoI platforms connect insurers, policyholders, and IoT devices to facilitate data sharing and seamless insurance processes..

Login Data Set for Risk-Based Authentication

Synthesized login feature data of >33M login attempts and >3.3M users on a large-scale online service in Norway. Original data collected between February 2020 and February 2021.

This data sets aims to foster research and development for Risk-Based Authentication (RBA) systems. The data was synthesized from the real-world login behavior of more than 3.3M users at a large-scale single sign-on (SSO) online service in Norway.

The users used this SSO to access sensitive data provided by the online service, e.g., a cloud storage and billing information. We used this data set to study how the Freeman et al. (2016) RBA model behaves on a large-scale online service in the real world (see Publication). The synthesized data set can reproduce these results made on the original data set (see Study Reproduction). Beyond that, you can use this data set to evaluate and improve RBA algorithms under real-world conditions.

WARNING: The feature values are plausible, but still totally artificial. Therefore, you should NOT use this data set in productive systems, e.g., intrusion detection systems.

Overview

The data set contains the following features related to each login attempt on the SSO:

Feature	Data Type	Description	Range or Example
IP Address	String	IP address belonging to the login attempt	0.0.0.0 - 255.255.255.255
Country	String	Country derived from the IP address	US
Region	String	Region derived from the IP address	New York
City	String	City derived from the IP address	Rochester
ASN	Integer	Autonomous system number derived from the IP address	0 - 600000
User Agent String	String	User agent string submitted by the client	Mozilla/5.0 (Windows NT 10.0; Win64; ...
OS Name and Version	String	Operating system name and version derived from the user agent string	Windows 10
Browser Name and Version	String	Browser name and version derived from the user agent string	Chrome 70.0.3538
Device Type	String	Device type derived from the user agent string	(mobile, desktop, tablet, bot, unknown)1
User ID	Integer	Idenfication number related to the affected user account	[Random pseudonym]
Login Timestamp	Integer	Timestamp related to the login attempt	[64 Bit timestamp]
Round-Trip Time (RTT) [ms]	Integer	Server-side measured latency between client and server	1 - 8600000
Login Successful	Boolean	True: Login was successful, False: Login failed	(true, false)
Is Attack IP	Boolean	IP address was found in known attacker data set	(true, false)
Is Account Takeover	Boolean	Login attempt was identified as account takeover by incident response team of the online service	(true, false)

Data Creation

As the data set targets RBA systems, especially the Freeman et al. (2016) model, the statistical feature probabilities between all users, globally and locally, are identical for the categorical data. All the other data was randomly generated while maintaining logical relations and timely order between the features.

The timestamps, however, are not identical and contain randomness. The feature values related to IP address and user agent string were randomly generated by publicly available data, so they were very likely not present in the real data set. The RTTs resemble real values but were randomly assigned among users per geolocation. Therefore, the RTT entries were probably in other positions in the original data set.

• The country was randomly assigned per unique feature value. Based on that, we randomly assigned an ASN related to the country, and generated the IP addresses for this ASN. The cities and regions were derived from the generated IP addresses for privacy reasons and do not reflect the real logical relations from the original data set.

• The device types are identical to the real data set. Based on that, we randomly assigned the OS, and based on the OS the browser information. From this information, we randomly generated the user agent string. Therefore, all the logical relations regarding the user agent are identical as in the real data set.

• The RTT was randomly drawn from the login success status and synthesized geolocation data. We did this to ensure that the RTTs are realistic ones.

Regarding the Data Values

Due to unresolvable conflicts during the data creation, we had to assign some unrealistic IP addresses and ASNs that are not present in the real world. Nevertheless, these do not have any effects on the risk scores generated by the Freeman et al. (2016) model.

You can recognize them by the following values:

• ASNs with values >= 500.000

• IP addresses in the range 10.0.0.0 - 10.255.255.255 (10.0.0.0/8 CIDR range)

Study Reproduction

Based on our evaluation, this data set can reproduce our study results regarding the RBA behavior of an RBA model using the IP address (IP address, country, and ASN) and user agent string (Full string, OS name and version, browser name and version, device type) as features.

The calculated RTT significances for countries and regions inside Norway are not identical using this data set, but have similar tendencies. The same is true for the Median RTTs per country. This is due to the fact that the available number of entries per country, region, and city changed with the data creation procedure. However, the RTTs still reflect the real-world distributions of different geolocations by city.

See RESULTS.md for more details.

Ethics

By using the SSO service, the users agreed in the data collection and evaluation for research purposes. For study reproduction and fostering RBA research, we agreed with the data owner to create a synthesized data set that does not allow re-identification of customers.

The synthesized data set does not contain any sensitive data values, as the IP addresses, browser identifiers, login timestamps, and RTTs were randomly generated and assigned.

Publication

You can find more details on our conducted study in the following journal article:

Pump Up Password Security! Evaluating and Enhancing Risk-Based Authentication on a Real-World Large-Scale Online Service (2022)
Stephan Wiefling, Paul René Jørgensen, Sigurd Thunem, and Luigi Lo Iacono.
ACM Transactions on Privacy and Security

Bibtex

@article{Wiefling_Pump_2022,
 author = {Wiefling, Stephan and Jørgensen, Paul René and Thunem, Sigurd and Lo Iacono, Luigi},
 title = {Pump {Up} {Password} {Security}! {Evaluating} and {Enhancing} {Risk}-{Based} {Authentication} on a {Real}-{World} {Large}-{Scale} {Online} {Service}},
 journal = {{ACM} {Transactions} on {Privacy} and {Security}},
 doi = {10.1145/3546069},
 publisher = {ACM},
 year  = {2022}
}

License

This data set and the contents of this repository are licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. See the LICENSE file for details. If the data set is used within a publication, the following journal article has to be cited as the source of the data set:

Stephan Wiefling, Paul René Jørgensen, Sigurd Thunem, and Luigi Lo Iacono: Pump Up Password Security! Evaluating and Enhancing Risk-Based Authentication on a Real-World Large-Scale Online Service. In: ACM Transactions on Privacy and Security (2022). doi: 10.1145/3546069

1. Few (invalid) user agents strings from the original data set could not be parsed, so their device type is empty. Perhaps this parse error is useful information for your studies, so we kept these 1526 entries.↩︎

During the first half of 2024, around 88 percent of cyberattacks carried out in Italy had cybercrime as a purpose. Cyber espionage was another motivation, representing the main reason behind roughly four percent of attacks. By contrast, information warfare only accounted for two percent of the cyberattacks in the country in the last examined period. Data breaches in Italy In 2023, over half of the Italian digital population was alerted that their personal data had been breached, and 77.5 percent of the alerted users had the misfortune of being affected by data compromise on the dark web. Despite a decrease in the number of data sets affected in data breaches between 2020 and 2023, Italy recorded almost one million exposed data sets at the beginning of 2023.Meanwhile, the average cost of data breaches for both Italian companies and targeted users kept growing, reaching 4.73 million U.S. dollars in 2024, up from the 3.86 million U.S. dollars recorded in the previous year. The Italian privacy landscape: GDPR effects As a state member of the European Union, Italy is covered by the General Data Protection Regulation (GDPR). Since 2018, the GDPR has regulated online data privacy and has the responsibility to represent consumers’ interests within the digital and tech landscape of the Union. As of 2023, approximately 265 fines were issued in Italy due to violations of the GDPR – making Italy the second country in Europe with the highest number of violations dispensed to tech companies. The highest GDPR fine ever issued in Italy was at the expense of Telecom Italia (TIM), one of the largest Italian telecommunications companies. TIM was fined approximately 27.8 million euros in January 2020. GDPR is enforced and helped by the country's Garante della Privacy, the national institution overseeing Italian users’ online rights, cybersecurity, and digital privacy.