AI Bellwethers in the US and EU
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: February 1, 2024
Hello all, and happy Thursday!
For those of you who pay close attention to the data privacy space, the data privacy advocacy group “none of your business” (stylized as noyb) will be a familiar name.
noyb has recently released the results of a new survey (linked below) recording the responses of over 1,000 data protection officers (DPOs), and the results are illuminating. (Although we do need to keep the potential for bias in mind—noyb can’t be considered a neutral party in the data privacy space).
The headline findings included:
These findings don’t surprise me, however. After all, what DPO is going to advocate for unclear decisions and less enforcement? What DPO isn’t acutely aware of the businesses’ compliance shortcomings?
Rather, I think some of the more interesting findings refer to the conflict between supporting compliance and supporting the business. DPOs and privacy professionals as a whole are in a tough spot; on the one hand, they have to minimize risk and support compliance, but on the other, they have to be an enabler of the business and not a blocker. The noyb report highlights this conflict, finding that:
Figures like these make me wonder: Would sales, marketing, and senior management find compliance so burdensome if they enabled their privacy professional or DPO to the fullest extent? Is compliance a zero-sum game or can sales, marketing, senior management, and privacy all win at the same time? I’m inclined to think the latter.
Best
Arlo
P.S. Our CPRA enforcement webinar is taking place TODAY at 1 pm EST, 10 am PST. If you see this early enough, you might still be able to reserve your seat!
President Joe Biden is preparing to issue an executive order aimed at prohibiting US adversaries from accessing US personal data. The draft order targets “highly sensitive” data, including genetic and location information, and would bar foreign adversaries from obtaining this data through legal means such as intermediaries, data brokers, third-party vendors, employment agreements, or investment agreements.
Following a months-long investigation of ChatGPT by Italy’s data protection authority, OpenAI has been notified that their AI chatbot is violating EU laws and was given 30 days to respond with a defense against the allegations. Specifically, the Italian data protection authority alleges that ChatGPT is in violation of Articles 5, 6, 8, 13, and 25 of the GDPR.
Cybersecurity researcher Bob Dyachenko and Cybernews.com team have discovered billions upon billions of exposed records on an open instance. The Mother of all Breaches (MOAB for short) includes records from thousands of compiled and reindexed leaks, breaches, and privately sold databases. Ultimately, the records comprise 12 terabytes of information, spanning over 26 billion records of contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data.
To mark this year’s Data Protection Day on 28 January, European data privacy advocacy group noyb (or “none of your business”) conducted a survey among more than 1000 data protection professionals working in European companies. The report highlighted how many businesses may be out of compliance, how DPOs face pressure to go easy on compliance, and more.
Amendments to the UK’s Investigatory Powers Act (IPA) could enable the UK government to “secretly veto” privacy and security updates to Apple’s products and services, said the tech giant. If passed, the amendment would require that any company that fields government data requests must notify UK officials of any updates they plan to make that could restrict the UK government's access to this data, including any updates impacting users outside the UK. Apple contends this would enable the UK Secretary of State to approve or refuse technical changes.
When third-party vendors handle your consumers’ data, it can be a major challenge to maintain and monitor compliance—not to mention ensure your consumers’ data stays safe. Vendor risk management can help, but effective vendor risk management requires robust collaboration between your privacy and information security teams. Find out how to encourage that collaboration here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.