AI Bellwethers in the US and EU
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: June 29, 2023
Hello all, and happy Thursday!
If you haven’t heard, the enforcement date for the California Privacy Rights Act (CPRA) is set for this Saturday, July 1 — just three months after the California Privacy Protection Agency (CPPA) finalized regulations.
The California Chamber of Commerce isn’t happy with the enforcement date. Back at the end of March, the Chamber filed a lawsuit to extend the enforcement date since, according to them, “The CPPA did not meet the voter-imposed deadline to adopt regulations implementing Proposition 24, the California Privacy Rights Act.” As a result, the Chamber of Commerce feels businesses don’t have enough time to adjust in order to follow the new law.
An initial hearing is set to happen on June 30 in the Sacramento Superior Court, which is cutting it pretty close for the businesses that will be impacted by CPRA. We’ve seen what enforcement can look like in California — Sephora’s $1.2 million fine for violating the CCPA in October of last year was a swift reminder of just how steep these fines can get, even in the US, where data privacy laws are a fairly new practice.
However, it’s also important to remember that Sephora’s settlement came after a 30-day cure period, which was meant to give them time to correct their violations before the California Attorney General took action against the organization. As the enforcement window for CPRA opens, this ability to cure is beneficial for impacted organizations and those seeking guidance on the right approach to take.
Best,
Arlo
Vehicles have become increasingly connected, so the amount of data they can record about their drivers has shot up. Now, there’s a tool that can help you understand just how much data they’re collecting and passing off to vehicle manufacturers, thanks to the US-based automotive firm Privacy4Cars and its new Vehicle Privacy Report.
The French Data Protection Agency, Commission Nationale Informatique & Libertés (CNIL), has sanctioned CRITEO with a EUR 40 million fine. The organization found five GDPR infringements by the organization regarding, among others, a lack of consent to process individuals’ data.
The Oregon House and Senate have signed Senate Bill 619, which previously passed in the House. The privacy bill now moves to the Oregon Governor’s desk for signature, making it the 11th comprehensive state privacy law in the U.S. If passed, the bill will take effect July 1, 2024.
The California Chamber of Commerce sued the California Privacy Protection Agency in late March of this year to delay the CPRA enforcement date (which is this Saturday). The hearing is set to begin on June 30.
Meta has been granted an extension of a temporary stay on the order from the Irish Data Protection Commission to suspend its EU-U.S. data transfers. The extension will continue through to the end of July.
The Publishers Clearing House (PCH) has agreed to pay $18.5 million to settle a lawsuit with the Federal Trade Commission in the U.S. According to the FTC, PCH used dark patterns and “coerced customers through false suggestions that making a purchase was the only way to enter its popular sweepstakes.”
Apple has released two new features regarding third-party software development kits. The first, privacy manifests, consists of files that detail the privacy practices of all third-party SDKs utilized in an app. The second, SDK signatures, verifies that new versions of an SDK are signed by the original developer in an effort to ensure that SDK-supplied code is not part of a scam attempt.
Universal consent management is closely related to cookie consent and preference management, but there's a bit more to it than that. Learn more about it and its benefits in our latest blog.
If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you.
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.