OneTrust, a data privacy, data security, data governance, ethics, and compliance software company founded in 2016, announced it raised $300 million in Series C funding on December 21, 2020.

OneTrust nearly doubles in valuation in 10 months

The Series C funding round boosts OneTrust’s valuation to $5.1 billion. Earlier, in February 2020, OneTrust raised $210 million in Series B funding, which at the time valued them at $2.7 billion. The company has nearly doubled in valuation within 10 months. Prior to this, OneTrust was valued at $1.3 billion, owing to its Series A funding round of $200 million back in July 2019.

What's driving this staggering growth and investment?

The increased growth and investment in the privacy software space can be attributed to the data privacy regulations and the market demand for security and privacy tools in the wake of the COVID-19 pandemic-induced shift to remote work. 

In 2020, we saw the adoption of Brazil’s privacy legislation, the Lei Geral de Proteção de Dados (LGPD). In November 2020, voters in the state of California supported a new data privacy regulation, the California Privacy Rights Act (CPRA), which augments the privacy protections afforded to California residents in the existing California Consumer Privacy Act (CCPA). CPRA will come into force on January 1, 2023. 

Moreover, in 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield Framework, which previously allowed approximately 5,000 American companies to legally transfer data from the EU to the US. The Privacy Shield Framework was invalidated, in part, due to the US’s inability to afford EU citizens adequate data privacy protection on account of the US’s federal government’s sweeping surveillance laws. 

In Privacy Shield’s absence, companies have been relying on standard contractual clauses to transfer data, which require in-depth reviews of processor and subprocessor agreements, including security and privacy protections. On top of that, the digital acceleration and remote work culture propelled forward by the COVID-19 pandemic has led to an increased interest in vendor security and privacy assessment software to evaluate tools used for a digital-first economy and remote workforces.