AI Bellwethers in the US and EU
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Updated: June 20, 2021
Published: March 9, 2021
For some time now, it's felt like consumers are starting to pay attention to privacy.
Here's an example: When I started working in the field about a decade ago, I dreaded cocktail parties. Now, that's not because I don't enjoy a nice pour of cabernet sauvignon; especially when it comes in those nice round goblet-like glasses. No, I feared cocktail parties because I always felt nervous explaining my beat as a writer. Telling people I write about data privacy generally resulted in one of two scenarios: The person wanted to know more, only to glaze over when I went into details. Or, the person had no idea what I was talking about, and what could have been a fun chat took a nosedive.
"I'm going to get some more hummus," they might say, quickly moving away from the topic and myself.
Now, when people ask about my job, there are quick references to make. "You know how Facebook got in a lot of trouble for secretly sharing data?" Or, "Have you heard of Edward Snowden?"
There seems to be a recognition — fueled perhaps because mainstream media now dedicate full-time reporters to cover data privacy — that our personal data is at constant threat via invisible forces insider our computer screens. There seems to be more understanding among the populace that if you're not paying for the product, you are the product. And that scares people — rightfully so.
This week, The New York Times Editorial Board called on companies to use an "opt-in" approach when collecting user data, versus the opt-out approach, which is often the default. That is: Companies should ask users for explicit, clear permission to track and collect their data. In most cases today, the default is to take the data unless the user takes action on their own to say, "No."
It feels the tide is turning. It's not just The New York Times' editorial. We hear the calls from the European Data Protection Supervisor to ban targeted advertising in the EU. Or Google's recent decision to phase out third-party tracking cookies. Or Apple's decision to require apps on its store to get opt-in consent from users.
While legislatively, it may be too early to predict mandatory opt-in frameworks, some U.S. states are moving in that direction. Virginia's privacy law, passed this month, requires opt-in consent before companies can collect "sensitive" data. It seems a matter of time before opt-in regimes become best practice. In this writer's humble opinion, organizations that recognize the writing on the proverbial wall and take action are positioning themselves ahead of competitors that aren't paying attention.
Enjoy reading the news we've rounded up for you, and I'll see you next week!
New York Times calls for opt-in approach to data collection
The New York Times Editorial Board calls for companies to use an opt-in approach in apps and on websites when seeking to collect personal data. That differs from the opt-out approach most companies take now. "It should not be the role of consumers to make marketers' jobs easier. Furthermore, there is evidence that such highly targeted advertising isn't really necessary to support the free web, as technology companies that are against opt-in provisions often argue," writes the board in the op-ed.
Read Story
2. French lobbying group files privacy complaint against Apple
A French start-up lobbying group has filed a complaint against Apple, alleging the iPhone's operating system breaches EU data privacy rules, CNBC reports. France Digitale told the French data protection authority (CNIL) that Apple's iOS14 software allows the company to collect user data "for ad tracking services without explicitly asking permission," the report states. The group has asked the CNIL to investigate.
Read Story
3. Lawmakers urge Federal Trade Commission to police bad health-app actors
Three lawmakers are urging the U.S. Federal Trade Commission to better police health apps that "share personal health information with third parties without user consent," Health IT Security reports. The three Democrats, all representing New Jersey, wrote a letter to the agency asking it to use its authority under the Health Breach Notification Rule to punish bad actors. The request follows a lawsuit against Easy Healthcare, whose fertility app allegedly shares personal data with marketing firms.
Read Story
4. Google rejects claim its 'Workspace" suite contains privacy risks
Google says its Google Workspace suite does not contain several data protection risks to users, IT Pro reports. Recently, the Dutch government published data protection impact assessments that found "eight highly-rated data protection risks" in Google Workspace. The risks include a "lack of purpose limitation for content and diagnostic data collection, a lack of transparency on the same data types, and a lack of privacy controls for administrators and users, among other glaring issues," the report states.
Read Story
5. EU could ban 'microtargeting' with political ads
As the European Union continues legislative talks on targeting advertising for political purposes, Euractiv reports there's a chance the European Commission could prohibit it outright. The European Commission is currently considering legislative action on paid political advertising. The head of cabinet for Commission Vice-President Vera Jourova said the measures "may very well hone in on the practice of microtargeting, and could potentially introduce a ban."
Read Story
6. Supreme Court says man can sue Costco for RX disclosure
An Arizona Supreme Court has said a Phoenix man may proceed with a lawsuit against Costco over alleged violations of his health care privacy, KTAR News reports. The man claims a Costco pharmacist "joked with his ex-wife about an erectile dysfunction prescription" of his. The court said for the man to win, he must "show by 'clear and convincing' evidence that the store and its pharmacist did not act in good faith when the woman was told about the prescription," the report states.
Read Story
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.