.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
Steps to Take in Response to 23andMe Bankruptcy Filing
Hello all, and happy Thursday!
Read Now
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
Hello all, and happy Thursday!
A few weeks ago, I wrote about the UK Government’s leaked secret order to compel Apple to build a backdoor to iCloud’s end-to-end encryption. At the time, Apple had yet to respond to the order.
Now, it appears Apple has taken action in a manner that at once bolsters transparency and undermines privacy. Rather than comply with the order and give Apple users the illusion of privacy, Apple has opted to remove access to iCloud’s optional end-to-end encryption feature for UK users entirely.
It’s sort of a “You can’t fire me, I quit” moment. Ultimately, the outcome is more or less the same—less privacy for Apple users in the UK—but Apple also was able to wrest back a sense of control over the privacy and security of its product ecosystem.
Faced between a rock and a hard place, this was probably one of the better decisions Apple could have made. At least now Apple device users are aware that the content in their iCloud is not private in the UK.
Best,
Arlo
Highlights from Osano
What's New?
Blog: Privacy Governance: A Framework for Data Privacy Protection and Compliance
When you hear the term “privacy governance,” it isn’t always apparent what exactly is involved. We break down the basics of privacy governance and best practices you can apply at your organization in this blog.
In Case You Missed It...
Podcast: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
Digital rights, privacy, and government policies have been a hot topic over the past month as the Trump Administration comes on board. In this episode, Cindy Cohn, Executive Director of the Electronic Frontier Foundation (EFF), discusses the evolving landscape of digital rights, privacy, and government policies impacting technology.
Blog: Feel Like You’re Missing Something in Your Privacy Career? Building Community Is the Key.
Let’s face it: Privacy is moving too fast to learn all there is to know from a textbook. Networking with your peers, sharing knowledge, crowdsourcing solutions to challenges—these are key to being a successful privacy pro. Find out what community events we’re hosting and why in our blog.
Ask the CFO Anything: Everything You Ever Wanted to Know (But Are Afraid to Ask)
Listen to the great discussion and Q&A we saw at our recent CFO Ask-Me-Anything webinar! Find out how to secure more budget for privacy and talk to your finance department effectively.
Upcoming Webinars and Events...
Get Out of My Brain: Neural Data & Privacy
In March’s edition of our monthly meetup series, Osano’s Product Marketing Manager Jeff Reame and Senior Sales Enablement Manager Caroline Swanson will host an open discussion around the intersection of neural data and data privacy.
Save your seat | March 12th
Weathering the 2025 Whirlwind: How to Keep Calm and Carry On
Privacy is changing fast, are you keeping up? Join Ashley Fowler, Sr Privacy Program Manager at Osano & Olivia Ward, Data Privacy Lawyer at Simmons + Simmons, as they get to the heart of what's important right now.
Save your seat | March 17th
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Whether you are swamped by a deluge of subject rights requests or just want more time to spend on strategic work, managing SRRs effectively is a highly sought-after goal—one that's seldom achieved. In this webinar, Osano’s Senior Product Manager Chris Simpson and Lead Implementation Manager Christie Roy will show you the best (and worst) approaches to handling your SRR workflow.
Save your seat | March 27th
Top Privacy Stories of the Week
Two Members of Privacy Watchdog, Summarily Fired by Trump, File Lawsuit
Two former members of the Privacy and Civil Liberties Oversight Board who were fired by President Trump sued the government on Monday, asking a court to declare their terminations illegal and reinstate them to their former positions. The lawsuit is the latest in a deluge of litigation arising from Mr. Trump’s firings of officials as part of an assault on the basic structure of the federal government.
Warby Parker to Pay $1.5 Million To Resolve HIPAA Violations
The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has ruled that Warby Parker must pay a $1.5 million civil monetary penalty to resolve alleged violations of HIPAA. After hackers gained access to the accounts of Warby Parker customers in 2018, OCR launched an investigation of Warby Parker to assess compliance with HIPAA. The investigation revealed Warby Parker failed to conduct a risk analysis, implement sufficient security measures, and review records of information system activity.
Apple Removes Access to Devices’ End-to-End Encryption for UK Users
Apple users in the UK will no longer have access to a key data security feature for iCloud storage: Advanced Data Protection. Recently, the UK Government ordered Apple to create a backdoor to the optional end-to-end encryption feature. By removing access completely, Apple appears to have sidestepped the British Government’s order to compromise user privacy.
Thomson Reuters to Pay $27.5 Million for Selling Californians’ Personal Data
A federal judge gave final approval Friday morning to a $27.5 million settlement resolving claims that Thomson Reuters collected millions of California residents’ personal and confidential information and then sold access to it without their knowledge or consent. The class action stems from a 2020 lawsuit alleging that Thomson Reuters used its CLEAR platform to collect millions of Californians’ personal information without their consent and sold it in violation of the California Consumer Privacy Act (CCPA).
Virginia Legislature Passes AI Bill, But Unclear If Governor Will Sign It
Virginia lawmakers recently passed the High-Risk Artificial Intelligence Developer and Deployer Act, which has similar hallmarks to a bill passed in Colorado last year. It aims to define and regulate “high-risk” machine-based learning systems—such as products that help make consequential decisions around education, employment, financial services, health care, and legal services. The bill, however, has drawn criticism from both supporters and opponents of AI regulation.
Like what you hear from the Privacy Insider newsletter?
There's more to explore:
🎙️The Privacy Insider Podcast
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
📖 The Privacy Insider: How to Embrace Data Privacy and Join the Next Wave of Trusted Brands
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!