U.S. consumers demonstrated a surprising capacity for forgiveness and understanding, with nearly half of them willing to give brands a pass for data breaches as long as they are immediately informed about the attack and told how the company is responding. 42% report at least being open to forgiving the brand, while 7% refuse to forgive brands for allowing bad actors access to their personal data. 14% have lost all faith in an organization’s ability to protect their data.

Nevertheless, consumers are increasingly taking control of their data into their own hands. For example, 71% report downloading software that protects their data privacy or otherwise helps control their web experience.

But Janrain’s survey brings good news to brands that are evaluating their consent-based marketing processes and capabilities in response to regulatory requirements or to strengthen customer relations.

If given the option, most people (55%) would let companies they trust use some of their personal data for specific purposes that benefit them in clear ways. Only 36% wouldn’t let any company use their personal data. 66% like the idea of being able to alert companies when they’re interested in something as long as they can “switch it off” when they’re no longer interested. Only 16% aren’t interested in this even if it came with preferences control.

When Janrain probed to gain more understanding about how effective digital brands have been in using consumer data to personalize their online ads, only 18% said ads “often” seemed to understand their needs, presenting brands with an important area for improvement. The largest bulk of respondents (47%) reported that these ads do seem to understand their needs at least “sometimes” while 26% said ads “hardly ever” understand them. 9% said online ads “never” do.When asked whether they’d walk away from a business that requires personal information up front (like a phone number or email address) in order to conduct business, 15% of those surveyed said “yes” while 24% said “probably.” 54% said it depends on whether the business is trusted or the only option.

The survey showed that 66% of those surveyed renewed their call for GDPR-like rules in the United States that force brands to provide consumers with greater privacy, security and control of their personal data. Janrain asked a similar question in May of 2018 to which 69% responded favorably to more regulation in the States. This time, Janrain’s findings show consumers not only want more regulation, they believe it will actually help in the wake of high-profile breaches and controversies affecting well-known organizations such as Yahoo!, Equifax and Facebook. And 9% believe such laws would be ineffective while 6% believe more regulation would be too hard on businesses and the economy.

In addition, 59% believe achieving data security requires the shared support of consumers, business and government. While 44% report being most concerned about protecting their financial data over all other forms of personal data, a quarter of consumers realize the importance of protecting their passwords, pointing to sound password management as their chief concern. 61% say they are very careful about their computer/mobile security. 12% have given up worrying about their computer/mobile security, because they believe hackers can break into company networks anyway.