AI Bellwethers in the US and EU
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: September 28, 2023
Hello all, and happy Thursday!
Last week, the UK Parliament passed the Online Safety Bill, or OSB.
You might have heard about the OSB before—businesses and privacy advocacy groups alike have raised concerns around some of the bill’s provisions. In fact, nearly 70 cybersecurity academics published an open letter regarding their concerns about the OSB back in July.
For the most part, the OSB is intended to regulate content platforms by requiring the removal of illegal content and additional protections for children. It requires providers to:
The idea that content platforms need further regulation regarding the content that appears on them isn’t the controversial bit, however (though social media and messaging companies likely disagree); rather, it’s the OSB’s so-called “spy clause” that has everybody up in arms.
Specifically, this clause permits British telecom regulators to force tech companies to scan all of their users for child abuse content—the issue here is that it also forces companies to scan messages and files that are end-to-end encrypted. In order to comply, businesses will need to build a backdoor into their encryption technology, providing access to ostensibly secure messaging services.
Nobody wants to enable the proliferation of content that could harm children, but nobody wants to sacrifice their privacy, either. Bills like this highlight a perennial question in data privacy: How do you balance safety with security and privacy?
According to groups like the Electronic Frontiers Foundation, tech companies like Apple, and cybersecurity researchers, the OSB doesn’t quite strike the ideal balance.
Best,
Arlo
Recently, the U.K. Secretary of State for Science, Innovation and Technology Michelle Donelan laid regulations in the U.K. Parliament, giving effect to a U.K.-U.S. Data Bridge, the UK equivalent of the EU-US Data Privacy Framework. With the Data Bridge, organizations in the U.K. will be able to transfer personal data to U.S. organizations without the need for further safeguards, such as international data transfer agreements.
The Kenyan Data Protection Commissioner recently issued three penalties totaling KES 9,375,000 (~$63,000 USD) for alleged violations of the Data Protection Act. Each penalty concerns claims of nonconsensual uses of personal data.
The OSB—a children’s online safety bill—was recently passed by the UK parliament. Now, it only has to be given Royal Assent to be made effective, a stage which is mostly considered a formality. Controversially, the OSB allows the government to force companies to build technology that can scan messages regardless of encryption, undermining the privacy of conversations.
The Data Governance Act entered into application on 24 September 2023. The act aims to promote data sharing and trust among EU member nations through a variety of mechanisms, such as allowing data intermediaries to act as trustworthy partners in the data economy and the creation of a new “data altruism organization” category.
On September 22nd, the majority of Law 25’s provisions went into effect. Quebec’s Law 25 provides individuals within the Canadian province with greater data privacy protections compared to Canada’s overall privacy law, PIPEDA.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.