
Don’t Forget the Right to Be Forgotten!
Hello all, and happy Thursday!
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: March 6, 2025
Hello all, and happy Thursday!
With all of the new US data privacy laws coming into effect in 2025 (eight, to be exact), we’ve been thinking of 2025 as the year of subject rights requests (SRRs). But we’d be remiss not to turn our attention back to Europe, where GDPR SRRs are earning extra attention as well!
One of our stories this week focuses on a newly announced Coordinated Enforcement Framework (CEF; can you call it data privacy news if it doesn’t introduce a new acronym?). Thirty-two DPAs across the EU will participate in the CEF, focusing on the GDPR’s right to be forgotten and SRRs exercising that right.
Specifically, DPAs “will check how controllers handle and respond to the requests for erasure that they receive and, in particular, how they apply the conditions and exceptions for the exercise of this right.”
Scroll down to our news stories to check out the details!
Best,
Arlo
AI isn’t going away anytime soon, but best practices around AI are still developing. How can privacy, security, and GRC professionals better manage the risks and opportunities associated with AI? A robust AI governance framework is key. Find out what AI governance is, how to develop your own framework, and more in our blog.
When you hear the term “privacy governance,” it isn’t always apparent what exactly is involved. We break down the basics of privacy governance and best practices you can apply at your organization in this blog.
In March’s edition of our monthly meetup series, Osano’s Product Marketing Manager Jeff Reame and Senior Sales Enablement Manager Caroline Swanson will host an open discussion around the intersection of neural data and data privacy.
Save your seat | March 12th
Privacy is changing fast, are you keeping up? Join Ashley Fowler, Sr Privacy Program Manager at Osano & Olivia Ward, Data Privacy Lawyer at Simmons + Simmons, as they get to the heart of what's important right now.
Save your seat | March 17th
Whether you are swamped by a deluge of subject rights requests or just want more time to spend on strategic work, managing SRRs effectively is a highly sought-after goal—one that's seldom achieved. In this webinar, Osano’s Senior Product Manager Chris Simpson and Lead Implementation Manager Christie Roy will show you the best (and worst) approaches to handling your SRR workflow.
Save your seat | March 27th
Sonas Housing, an Irish refuge provider for victims of domestic abuse, reported that a child and protection welfare agency disclosed the personal details of a victimized wife and child to their abuser after the man made a data subject access request.
The California Privacy Protection Agency (CPPA) Board recently published several draft rules that, if adopted, will make California the next state to regulate AI at a broad and comprehensive scale. The draft rules primarily focus on automated decision-making technology.
32 Data Protection Authorities (DPAs) across Europe are participating in a coordinated enforcement initiative focused on the right to erasure, one of the most frequently exercised GDPR rights and one about which DPAs frequently receive complaints from individuals.
In a renewed effort to establish a U.S. national data privacy standard, House Republicans have announced a new working group dedicated to drafting comprehensive federal privacy legislation. The initiative, spearheaded by Reps. Brett Guthrie and John Joyce, aims to address longstanding challenges that have hindered previous attempts to create a U.S. federal privacy framework.
The U.K. Information Commissioner's Office (ICO) has announced children's privacy investigations into TikTok, Reddit, and Imgur. The probes come as the ICO shed new light on its past and ongoing work to ensure children's online safety, including a comprehensive progress report on the application of the U.K. Children's Code. The TikTok investigation aims to review how it applies the personal information of users aged 13-17 to support algorithms for content recommendation. The probes into Reddit and Imgur will explore the platforms' use of children's data more broadly while also examining their age assurance tools.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.