Hello all, and happy Thursday!
As always seems to be the case, the year is winding down with some major developments in the data privacy world.
Most notably, the EU has reached an agreement on the AI Act, making it the world’s first comprehensive legislation for AI. Many comparisons have been drawn between the AI Act and the GDPR, both in terms of scope and anticipated impact. There’s little doubt that the act will spur other states to adopt their own AI regulation, just as they did with data privacy regulation.
And of course, the end of the year means a whole new crop of those data privacy regulations are coming online. Osano recently hosted a webinar with our Head of Privacy, Rachael Ormiston, and Husch Blackwell’s Data Privacy Associate, Shelby Dolen, who broke down the essentials of 2024’s upcoming U.S. privacy laws. There was a lively discussion, and the audience asked lots of smart questions—if you missed it, you can access the recording here.
Best,
Arlo
In a letter to Health and Human Services Secretary Xavier Becerra, three U.S. lawmakers revealed they had discovered citizens’ prescription drug records were shared with law enforcement agencies without the customer's knowledge and without a judge first signing off on a warrant.
Under the California Privacy Rights Act (CPRA), businesses must honor consent delivered by universal opt-out mechanisms, but currently, only a few browsers offer this capability natively, and most consumers must download a third-party plugin that adds support for such signals. To address this, the California Privacy Protection Agency (CPPA) has introduced proposed legislation to require browsers to include native opt-out preference signals.
In a letter to the Department of Justice, Senator Ron Wyden (D-Oregon) said foreign officials were demanding the data from Google and Apple. Although details were sparse, the letter described how push notifications travel over Google and Apple’s servers, providing unique insight into the traffic flowing from apps to their user.
The European Commission, Council of the European Union, and European Parliament have reached a political agreement on the Artificial Intelligence Act, making it the world’s first comprehensive regulation of AI.
Genetic testing company 23andMe changed its terms of service to prevent customers from filing class action lawsuits or participating in a jury trial days after reports revealed that attackers accessed the personal information of millions of customers in an October hack.
The only constant in the privacy world is change. Keeping up with the latest developments is essential if you want to be prepared for upcoming data privacy challenges. Discover our top 5 privacy trends to be aware of in 2024 here.
If you’re interested in working at Osano, check out our Careers page!