National Privacy Test: U.S. participants hold on to a spot in the top five globally

About the National Privacy Test

The National Privacy Test (NPT) is an international survey that measures how well people understand internet security and online privacy. The test includes 22 questions covering three areas: daily digital habits, privacy awareness, and cybersecurity threats.

This year, more than 30,000 people from 185 countries took the test to check their cyber hygiene. To make global comparisons meaningful, the analysis focuses on 31 countries with the largest number of responses, each with at least 100 participants. This approach reveals not only how individuals scored but also how nations differ in their online safety knowledge.

Each country receives a National Privacy Test (NPT) score based on participant performance across the three categories. Participants are also grouped into four distinct “cyber personas” that reflect their level of cybersecurity awareness, from the least to the most knowledgeable.

Before looking at this year’s results, let’s outline how NPT scores are calculated and what the cyber personas mean.

How we calculate the scores

The National Privacy Test score shows how well a person understands online privacy and cybersecurity. To calculate it, we look at three separate areas:

• Daily digital life – how people handle their information, like passwords, app updates, data-sharing, and app permissions.
• Privacy awareness – how well they recognize risks such as scams, phishing attempts, or how companies collect personal data.
• Digital risk tolerance – how cautious they are when faced with risky online situations.

The test has 22 questions in total, and each one is worth 4.5% of the score. We calculate the NPT score by taking the average of the three category scores. The more correct answers a person gives in each category, the higher their final NPT score will be.

What are cyber personas?

To make the results easier to understand, everyone who takes the test lands in one of four “cyber personas.” Each represents a different level of knowledge and awareness:

• Cyber Wanderer (1-24%). Cyber Wanderers have very little knowledge about online safety. They often don’t know how to protect their accounts, devices, or data.
• Cyber Tourist (25-49%). Cyber Tourists know a bit more, but still make common mistakes. They may recognize some threats but not know how to respond to them.
• Cyber Adventurer (50-74%). Cyber Adventurers understand most everyday privacy and security issues. They know how to protect themselves in many situations, but they still have room to improve.
• Cyber Star (75-100%). Cyber Stars are the most knowledgeable. They are highly aware of online risks, understand how to protect their data, and follow safe digital habits.

What do the numbers show?

In 2025, U.S. participants ranked 4th worldwide, the same as Germany. That’s one spot lower than previous years, when the U.S. was in the top three. They also scored 2nd in digital risk, showing steady strength in recognizing threats, while their daily digital life score remained the weakest.

Key takeaways

The 2025 National Privacy Test shows that U.S. participants remain among the strongest performers worldwide. Their results are a mix of steady strengths and stubborn weak spots:

• The U.S. maintained its high overall score (59), two points above the global average (57). Privacy awareness (55) and daily digital life (54) were steady compared to last year, while digital risk dropped slightly from 70% to 68%. Even with that dip, Americans still ranked 2nd globally in risk awareness.
• Up to 96% of participants knew how to create strong passwords and deal with suspicious streaming service offers, while 94% understood how to manage app permissions and recognize malware infections. Nine in ten also knew which sensitive data should not be posted on social media. These everyday skills remain a solid foundation.
• Only 16% knew where to store passwords safely, and just 17% how to secure home Wi-Fi. Awareness of the security benefits of app updates fell again, from 53% in 2024 to 50% in 2025 — a three-point drop. These weak spots are simple but leave big gaps in protection.
• Just 5% of U.S. respondents understood privacy issues when using AI at work, and only 15% could explain what data ISPs collect as part of metadata. These numbers show how quickly technology evolves compared to public awareness.
• Knowledge of AI scams rose sharply, from 71% in 2024 to 76% in 2025. Awareness of privacy tools also grew, climbing from 30% to 37%. More Americans also understood how fake URLs are made, improving from 49% to 53%.

Overall, the U.S. picture is clear. Participants are very strong at identifying scams, risks, and threats, and they continue to outperform most countries. However, their weakest points remain the simple, everyday habits that often make or break personal cybersecurity.

Cyber personas in the U.S.

The U.S. has the second-highest number of Cyber Stars (13%), just behind Singapore and Finland. Most Americans (68%) are Cyber Adventurers, showing solid but not expert knowledge. Cyber Tourists make up 18%, while only 1% of respondents are Cyber Wanderers — one of the lowest shares worldwide.

Biggest changes since 2024

One year isn’t much time to change digital security habits, but even small shifts add up. For the US, the 2025 results reveal both progress and setbacks.

Compared to 2024, the digital risk score dropped by 2 points, from 70 to 68, while overall knowledge stayed steady at 59. Privacy awareness (55) and daily digital life (54) barely moved. These changes aren’t huge, but they show a slight downward drift in one of the US’s strongest areas.

However, the results show some positives, too. More Americans now understand AI scams, rising from 71% to 76%, and more participants recognized privacy tools, climbing from 30% to 37%. Understanding of how fake URLs are made also improved, moving from 49% to 53%, suggesting that people are getting better at spotting phishing tricks.

But one number went in the wrong direction. Awareness of the benefits of app updates dropped again, declining from 53% in 2024 to 50% in 2025. This steady decline shows that while Americans are adapting to new threats like AI scams, they are overlooking the fundamentals that create real risks.

An overview of global results

This year’s National Privacy Test shows that global privacy and cybersecurity awareness is holding steady, but not improving. The worldwide NPT score in 2025 was 57 out of 100, the same as last year. 

The details reveal mixed progress. The daily digital life score continues to creep upward by about one percentage point a year, showing that people are slowly improving their everyday online habits. But at the same time, privacy awareness and digital risk tolerance are declining, suggesting that while individuals may be getting better at routines like managing passwords or permissions, they are less prepared for growing threats.

As in previous years, participants did best on basic practices: creating strong passwords (96% correct), handling suspicious streaming service offers (95%), knowing which data to share with apps (94%), and understanding which sensitive data should not be posted on social media (90%). Many also recognized how devices can get infected with malware.

The weakest results came from newer and more technical areas. Only 6% of participants knew the privacy issues to consider when using AI for work. Knowledge of what ISPs collect as part of metadata, how to secure home Wi-Fi, where to safely store passwords, and which online tools protect privacy also remained very low.

“AI has raised the stakes online, but the fundamentals of staying safe haven’t changed. People are getting better at spotting scams, yet too many still skip updates or reuse passwords, and those small gaps are exactly what criminals exploit,” says Marijus Briedis, chief technology officer (CTO) at NordVPN.

He adds: “The test aims to educate people worldwide about cyber threats and offer clear, practical guidance to reduce the risks of fraud, data harvesting, surveillance, and other online threats.”

Globally, the overall picture of cyber personas did not change from 2024 — one in ten participants is a Cyber Star. The highest scores came from people aged 30–54 and those working in IT. The lowest scores were seen among students, retirees, and people employed in hospitality or construction.

Think you’d score higher? Take the National Privacy Test and see how your knowledge stacks up. And if you’re curious about the full picture, check the global results for all countries in the 2025 NPT report.

The biggest global shifts

Compared to last year, a few changes stand out:

• AI-driven scams are better recognized. Awareness jumped by five percentage points (from 63% in 2024 to 68% in 2025). More people now understand how cybercriminals use AI to trick victims, making this one of the strongest improvements of the year.
• Privacy tools are gaining traction. Understanding of online tools that protect digital privacy rose from 27% in 2024 to 32% in 2025. While still a low number overall, this 5-point increase shows that awareness of solutions like VPNs, password managers, and encrypted services is slowly spreading.
• App permissions are better understood. Knowledge of which data to share with apps increased by 3 points (from 91% to 94%). This steady improvement suggests more users are learning to limit access and protect their personal information.
• Updates remain overlooked. Awareness of the security benefits of updating apps as soon as possible dropped another 2 points (from 56% to 54%). This decline confirms a continuing trend — many users still underestimate the role of updates in preventing hacks and fixing vulnerabilities.

Methodology

The National Privacy Test is an open-access survey available to anyone online. It does not use quotas for age, gender, or background and is therefore not nationally representative.

In 2025, 30,792 people completed the test, up from 25,567 in 2024 and 30,747 in 2023. The numbers in this blog reflect responses collected up to July 31, 2025. If the results on the NPT website look slightly different, that’s because more people have taken the test since then.