Ch-Ch-Ch-Changes
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Updated: September 23, 2024
Published: April 18, 2024
Hello all, and happy Thursday!
Everyone is abuzz about the American Privacy Rights Act (APRA)! It should come as no surprise—a U.S. federal data privacy regulation seems like it’s only a matter of time now. However, if you read through our newsletter last week, you’ll know that there is a long legislative path ahead for the APRA. If it is passed, it will almost certainly differ substantially from the way the bill is written today. Nevertheless, our newsletter features multiple stories this week discussing the nitty-gritty of the law.
Meanwhile, states are charging ahead with their own data privacy laws. Kentucky, Maryland, and Nebraska have recently enacted or are on the brink of enacting their own laws—in lieu of a federal law, state legislators recognize the need to protect their constituents’ data privacy rights.
But it’s a mistake to let U.S. data privacy news take the oxygen out of the room. Data privacy is an evolving space; that means legislators and regulators are watching each other. Trends are global, and what happens in one jurisdiction affects what happens in others. Even though U.S. privacy laws’ approach to consent differs from the EU’s, I’d keep a close eye on the European Data Protection Board’s ruling on Meta’s “Pay or Okay” model. Not only will that affect how platforms choose to interact with Europe going forward, it could have unpredictable impacts on how organizations choose to comply with other data privacy regulations globally.
Best,
Arlo
On the 12 April edition of The New York Times' "Hard Fork" podcast, The International Association of Privacy Professionals’ (IAPP’s) President and CEO J. Trevor Hughes, recently spoke on The New York Times’ “Hard Fork” podcast on the key provisions of the proposed American Privacy Rights Act (APRA) as well as the dwindling sources of training data available for AI developers.
On Wednesday, U.S. House lawmakers discussed a variety of proposed data privacy bills during a hearing in the Energy and Commerce subcommittee on innovation, data, and commerce—notably including the American Privacy Rights Act (APRA). Lawmakers also touched on children’s online safety proposals like the Kids Online Safety Act, which recently got a House companion to the popular Senate bill, and COPPA 2.0, which would update and raise the age for protections for a long-standing online privacy bill for children.
Nearly two dozen civil society groups and nonprofits have written an open letter to the European Data Protection Board (EDPB), urging it not to endorse a strategy used by Meta that they say is intended to bypass the EU’s privacy protections for commercial gain. The letter comes ahead of a meeting of the EDPB this week that is expected to produce guidance on a controversial tactic used by Meta that forces Facebook and Instagram users to consent to its tracking.
The UK Information Commissioner’s Office (ICO) recently released a statement setting out its strategy for the next phase of implementing its children’s code of practice (also known as the (AADC). The ICO will look at social media platforms’ default settings for children’s profiles, recommender systems, and how they obtain consent to the processing of children’s data. The statement also indicates that the ICO will conduct audits of EdTech providers to identify privacy risks and potential noncompliance with applicable legislation.
Need to clarify why data privacy matters for AI? Our post, written by Osano Head of Privacy Rachael Ormiston, illustrates why and how AI intersects with multiple domains, including data privacy.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.