Ch-Ch-Ch-Changes
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: August 25, 2022
In this edition of Privacy Insider, we feature not one but two stories of Google facing data privacy penalties. The first focuses on a whopping $60 million fine levied by Australian officials; the other is a complaint filed with a French data protection authority that previously issued a $149 million penalty.
Those are certainly some alarming numbers, but Google has the resources to pay up. They also have the resources to dedicate toward compliance, which leads one to ask: If a company like Google can’t stay in compliance with all of its money and tech and smart people, what hope is there for my company?
Rest assured, most regular businesses putting the effort in toward compliance aren’t at risk of facing million-dollar penalties yearly — it’s not impossible, of course, but nothing in life is guaranteed.
Data protection authorities can and do go after small businesses and minor violations. (The smallest GDPR fine on the books was just €28). But enterprises like Google are going to attract more attention for several reasons.
For one, they’re simply larger and have more opportunities to violate regulations. They also provide fundamental services that most individuals and businesses need to consume, like cloud infrastructure, search, and e-commerce. And they’re highly visible, influential organizations. Other businesses look at a $60 million fine against Google and think: We can’t afford that. I’d better get my house in order.
But small- and medium-sized businesses (SMBs) that make the effort to get their house in order and become compliant go a long way to reducing their risk. Data protection authorities aren’t interested in crippling SMBs — they’re interested in protecting consumers. They frequently give opportunities to correct mistakes before issuing a fine.
So, if you’re making a good-faith effort toward compliance, don’t let the headlines keep you up at night (unless you’re Google).
Best,
Arlo
Google hit with $60 million penalty
In what is the third highest penalty for a violation of the Australian Consumer Law (ACL) in history, Google has been ordered to pay $60 million over its data collection practices. Specifically, Google was alleged to have misled some Android device users about how Google was collecting their location data. The tech giant failed to make it clear that it was continuing to collect location data through a user’s Google account even if their “Location History” setting was turned off.
Read more
Privacy complaint targets Google over unsolicited ad emails
Max Schrems’ data privacy advocacy group, noyb, has filed a complaint with France's data protection authority against Google for sending unsolicited advertising emails directly to the inbox of Gmail users. This comes on the heels of another $149 million penalty levied by French authorities based on Google failing to make it easy for users to reuse online trackers.
Read more
FTC announces proposed rulemaking on privacy and data security
The FTC issued an advance notice of proposed rulemaking, or ANPR, aimed at a wide variety of data privacy issues. In particular, the agency aims to generate a public record about prevalent commercial surveillance practices or lax data security practices that are unfair or deceptive.
Read more
Oracle targeted in US privacy class action suit
A recent class action suit alleges that Oracle’s “worldwide surveillance machine” has amassed detailed dossiers on roughly five billion people. Since the US lacks a federal privacy law, the lawsuit is notable in that it references multiple federal, constitutional, tort, and state laws.
Read more
Time to switch your standard contractual clauses
If your business handles data transferred out of the EU and into the US, then time is running out to update to the new set of standard contractual clauses (SCCs). Our blog post dives into what prompted the change, the deadline to switch over, what’s different about the new SCCs, and more.
Read more
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.