Hello all, and happy Thursday!
As is always the case, the last few weeks of the year seem to be zipping by. That's why it's a great time to reflect on the developments of the past year before you get caught up celebrating Thanksgiving, Christmas, Hannukah, Kwanzaa, or any of the other year-end holidays.
It seems like every year is a busy one in our personal lives, but 2023 has undoubtedly been a year for the record books when it comes to data privacy. We'll be posting plenty of retrospective content on the Osano blog, our LinkedIn page, and this newsletter in the coming weeks, so watch out for that. In the meantime, we’ll continue to serve up third-party data and reporting on the data privacy trends of 2023, such as the IAPP-EY data privacy governance report.
Reflection is important, but it’s not very useful unless paired with proactive planning. To that end, we’ll be hosting a webinar on December 7th that covers all of the upcoming and important dates associated with 2024’s U.S. state privacy laws. If you’re interested, register here—we hope to see you there.
Happy Holidays!
Arlo
The CCIA has released a wrap-up report summarizing the previous legislative session (during which over 140 data privacy bills were introduced across 37 states) and predicting state privacy legislation for the year ahead.
Every year, the International Association of Privacy Professionals and Ernst & Young partner to develop the Privacy Governance Report. Among other findings this year, the report describes how one-third of organizations grew their privacy team in the past year, 86% of respondents reported working collaboratively with three or more teams, and half of all surveyed privacy professionals reported directly to their C-Suite.
New research by Dutch VPN company Surfshark has found that, since 2018, five of the most popular social media (Facebook, Instagram, TikTok, Whatsapp, and X/Twitter) have been fined over €2.9 billion for violating the EU’s data protection law. Alarmingly, one-third (4 out of 13) of these fines are linked to insufficient protection of children’s data—adding up to €765 million of the total amount.
During an interview at Europe's largest technology conference, the Web Summit, former U.S. army analyst and WikiLeaks source Chelsea Manning conveyed that while regulation is important, technology is a more reliable means of protecting people’s privacy.
Recently, the European Parliament adopted the final text of the Data Act. In essence, the Data Act establishes how and when individuals can use and access data from connected products and services. It aims to support valuable data proliferation without violating individual privacy rights.
The Australian Information Commissioner (AIC) has filed proceedings against Australian Clinical Labs Limited in connection with the company’s response to a data breach that occurred in February 2022. Notably, this is only the second time the AIC has brought court proceedings of this kind, and it signals how seriously the regulator is taking data breaches following a spate of high-profile breaches in recent years.
With Utah coming into effect at the end of December, the latest CPRA enforcement date scheduled for Q1, and three additional state privacy laws coming into effect in 2024, it's time to take a look at your current privacy program and make the changes necessary to ensure compliance. Will your organization be ready? Register for our upcoming webinar to learn all there is to know about 2024’s upcoming data privacy laws.
If you’re interested in working at Osano, check out our Careers page!