Platform
- The Osano Platform Overview
  
  Get an overview of the simple, all-in-one data privacy platform
- Features & Integrations
  
  Key Features & Integrations
Solutions
- By Regulation
- CPRA
  
  Discover how Osano supports CPRA compliance
- CCPA
  
  Learn about the CCPA and how Osano can help
- GDPR
  
  Achieve compliance with one of the world’s most comprehensive data privacy laws
- By Organization Type
- Start-Up
  
  Don’t let data privacy compliance get in the way of growth
- Mid-Sized
  
  Preserve your competitive edge
- Enterprise
  
  Manage data privacy at scale
- By Use Case
- Consent Management
  
  Manage consent without the complexity
- DSAR Automation
  
  Never miss a DSAR deadline again
- Privacy Program Management
  
  Build and grow an end-to-end privacy program
- Vendor Risk Management
  
  Regain insight and control over your customers’ data
Resources
- Resources
  
  Key resources on all things data privacy
- Articles
  
  Expert insights on all things privacy
- Resource Center
  
  Key resources to further your data privacy education
- Customer Stories
  
  Meet some of the 5,000+ leaders using Osano to transform their privacy programs
- U.S. Data Privacy Laws
  
  A guide to data privacy in the U.S.
- Product Updates
  
  What's the latest from Osano?
- Become a Privacy Insider
  
  Data privacy is complex but you're not alone
- The Newsletter
  
  Join our weekly newsletter with over 35,000 subscribers
- The Podcast
  
  Global experts share insights and compelling personal stories about the critical importance of data privacy
- The Book
  
  Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
- Events
  
  Upcoming webinars and in-person events designed for privacy professionals
Latest Blog post

Ch-Ch-Ch-Changes

Hello all, and thanks for reading today.
Read Now
Company
- About Us
  
  The Osano story
- Careers
  
  Become an Osanian and help us build the future of privacy!
- Contact
  
  We’re eager to hear from you
- Our Pledge
  
  No fines, no penalties
- Data Licensing
  
  Add Osano data privacy ratings and recommendations to your application
- Osano Swag Store
  
  Increase Trust. Stay Compliant. Get Cool Swag.
- Press & Media
  
  Inquiries and Osano in the news
- Partners & Resellers
  
  Interested in partnering with us?
Pricing
Sign In Book a Demo

Privacy newsletter - Dec. 15

Osano Staff

Published: December 15, 2020

Sign up for our newsletter

Welcome to the latest edition of the Privacy Insider Newsletter. Each week, we send you the latest and smartest news in the world of data privacy.

Here are the top stories you might have missed:

French data protection authority fines Google and Amazon over cookies

The French data protection authority, CNIL, fined Google and Amazon for deploying tracking cookies on users without their consent, TechCrunch reports. Google was fined $120 million, and Amazon was fined $42 million. The CNIL conducted its investigation under the EU’s ePrivacy Directive, citing that cookie consent falls under the Directive’s purview and enabling it to sidestep regulating under the EU’s General Data Protection Regulation, which would have required the companies’ lead data protection authorities (Ireland and Luxembourg) to handle the matter.
Read Story

2. Irish data protection commissioner fines Twitter over breach

Ireland’s Data Protection Commission fined Twitter $547,000 for “failing to give a timely warning about a breach that threatened the privacy of Android phone users across the bloc,” Bloomberg reports. The Irish DPC said Twitter did not notify those affected by the breach within 72 hours, as mandated under the EU General Data Protection Regulation. The DPC’s investigation began two years ago, and critics say the regulator took too long to enforce the law.
Read Story

3. Federal Trade Commission announces investigation into Amazon, Facebook, YouTube

The U.S. Federal Trade Commission has ordered technology behemoths including Amazon, Facebook and Google’s YouTube to disclose to the agency how they collect and use customer data, the Los Angeles Times reports. The FTC said the companies practices are “shrouded in secrecy,” the report states. In a joint statement, FTC Commissioners Rohit Chopra and Christine Wilson said the review will “lift the hood on the social media and video streaming firms to carefully study their engines.”
Read Story

4. Apple rolls out privacy ‘nutrition’ labels

This week, Apple began implementing new labels about apps’ privacy practices on its App Store, Reuters reports. The labels aim to inform users on privacy the same way nutrition labels on food products do: quickly and easily. Apple now requires developers to disclose data collection to be used for tracking purposes within their apps. The labels convey that information to users before they download an app, and Apple says it will monitor compliance through random audits and in response to complaints.
Read Story

5. Spotify breached for the third time in a month

Streaming service Spotify has alerted users of a breach involving one of its third-party vendors, Threat Post reports. A software vulnerability left user registration exposed from April 9 to Nov. 12. The data included email addresses, passwords, gender and date of birth. This is the third breach in less than a month at the streaming service, the report states.
Read Story

6. Senate committee considers future of cross-border data transfers

On Dec. 9, the U.S. Senate Commerce, Science and Transportation Committee held a hearing on the future of transatlantic data flows given the demise of the Privacy Shield, which previously allowed for legal data transfers from the EU to the U.S. before it was invalidated earlier this year. According to a Mondaq post on the hearing, senators emphasized the need for a comprehensive privacy law in the U.S. to help secure a new deal with the EU, which has significant concerns about its citizens’ data privacy once it falls into the hands of U.S. companies.
Read Story

7. Will California attorney general’s replacement prioritize privacy too?

President-elect Joe Biden recently tapped California Attorney General Xavier Becerra to lead the U.S. Department of Health and Human Services. That was big news for the privacy and data protection stakeholders, given that Becerra is responsible for enforcing California’s Consumer Privacy Act. But StateScoop reports enforcing the law, as well as the California Privacy Rights Act, which passed in November, will remain a priority, and Becerra’s replacement will likely be someone as devoted to consumer privacy protection as Becerra.
Read Story

8. U.S health agency pushes to revise health-information privacy rules

The National Law Review reports on the details of the Department of Health and Human Services’ push to modify the U.S. Health Insurance Portability and Accountability Act. HHS announced a new proposed rule Dec. 10, which the agency said aims to “reduce burden on providers and support new ways for them to innovate and coordinate care on behalf of patients,” while ensuring HIPAA’s guarantees of patient data privacy and security are upheld.
Read Story

Schedule a demo of Osano today

Privacy Policy Checklist

Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.

Download Now

Osano Staff

Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.

Blog

Check out some of our latest articles

Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.

View All Blog Posts View All Resources

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Book a Demo

The Osano Platform Overview

Cookie Consent

Subject Rights Management

Assessments

Unified Consent & Preference Hub

Data Mapping

Vendor Privacy Risk Management

Features & Integrations

Privacy Templates

GDPR Representative

Consult Privacy Team

Regulatory Guidance

Integrations

CPRA

CCPA

GDPR

Start-Up

Mid-Sized

Enterprise

Consent Management

DSAR Automation

Privacy Program Management

Vendor Risk Management

Articles

Resource Center

Customer Stories

U.S. Data Privacy Laws

Product Updates

The Newsletter

The Podcast

The Book

Events

Ch-Ch-Ch-Changes

About Us

Careers

Contact

Our Pledge

Data Licensing

Osano Swag Store

Press & Media

Partners & Resellers

Privacy newsletter - Dec. 15

Osano Staff

In this article

Sign up for our newsletter

Share this article

Privacy Policy Checklist

Osano Staff

Osano Staff

Share this article

Blog

Check out some of our latest articles

Ch-Ch-Ch-Changes

What a Week. Lots to Unpack.

No Data Protections for Employees?

Simplify Data Privacy Compliance