Platform
- The Osano Platform Overview
  
  Get an overview of the simple, all-in-one data privacy platform
- Features & Integrations
  
  Key Features & Integrations
Solutions
- By Regulation
- CPRA
  
  Discover how Osano supports CPRA compliance
- CCPA
  
  Learn about the CCPA and how Osano can help
- GDPR
  
  Achieve compliance with one of the world’s most comprehensive data privacy laws
- By Organization Type
- Start-Up
  
  Don’t let data privacy compliance get in the way of growth
- Mid-Sized
  
  Preserve your competitive edge
- Enterprise
  
  Manage data privacy at scale
- By Use Case
- Consent Management
  
  Manage consent without the complexity
- DSAR Automation
  
  Never miss a DSAR deadline again
- Privacy Program Management
  
  Build and grow an end-to-end privacy program
- Vendor Risk Management
  
  Regain insight and control over your customers’ data
Resources
- Resources
  
  Key resources on all things data privacy
- Articles
  
  Expert insights on all things privacy
- Resource Center
  
  Key resources to further your data privacy education
- Customer Stories
  
  Meet some of the 5,000+ leaders using Osano to transform their privacy programs
- U.S. Data Privacy Laws
  
  A guide to data privacy in the U.S.
- Product Updates
  
  What's the latest from Osano?
- Become a Privacy Insider
  
  Data privacy is complex but you're not alone
- The Newsletter
  
  Join our weekly newsletter with over 35,000 subscribers
- The Podcast
  
  Global experts share insights and compelling personal stories about the critical importance of data privacy
- The Book
  
  Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
- Events
  
  Upcoming webinars and in-person events designed for privacy professionals
Latest Blog post

Ch-Ch-Ch-Changes

Hello all, and thanks for reading today.
Read Now
Company
- About Us
  
  The Osano story
- Careers
  
  Become an Osanian and help us build the future of privacy!
- Contact
  
  We’re eager to hear from you
- Our Pledge
  
  No fines, no penalties
- Data Licensing
  
  Add Osano data privacy ratings and recommendations to your application
- Osano Swag Store
  
  Increase Trust. Stay Compliant. Get Cool Swag.
- Press & Media
  
  Inquiries and Osano in the news
- Partners & Resellers
  
  Interested in partnering with us?
Pricing
Sign In Book a Demo

Privacy Insider newsletter: March 23, 2021

Osano Staff

Published: March 23, 2021

Sign up for our newsletter

Welcome to Privacy Insider newsletter, a round-up of the week's most important privacy news.

When lawmakers can finally boast that they've completed the ePrivacy Regulation, it will be a big deal. It will update a now 20-year-old law, the ePrivacy Directive, and keep electronic communications protected. Updating the Directive means it will apply to telecommunications and internet companies that the law currently covers, but also other technology services such as web-based email and social media messaging services

Of note: A regulation updating what can and can't be done with electronic data is not something that thrills the ad tech industry, for one.

I have to admit that I frequently roll my eyes when the ePrivacy Regulation comes up in conversation. It's sort of akin to the U.S. talking about a federal privacy law. Though a direct comparison wouldn't be accurate, both have struggled legislatively to gain enough traction to become real-life laws. While the European Commission adopted a proposal in 2017, progress has stalled throughout several leadership changeovers (the Council of the European Union rotates member-state presidencies every six months). It's stalled for four straight years under nine different presidencies, despite promises from each that they'd be the country to get it done.

Now, Portugal holds the presidency and has reportedly made substantial efforts to jumpstart negotiations again. For the draft to become final, it must go through the "Trilogue" process, negotiations between the European Commission, the European Parliament and the Council.

While European politicians and onlookers alike were thrilled when, on Feb. 10 of this year, the European Council found agreement on the text and moved it along to negotiations with the European Parliament, it doesn't mean the draft is signed, sealed, delivered.

Margrethe Vestager, executive vice president of the European Commission, said this week she's worried that the Regulation as drafted doesn't align with the EU General Data Protection Regulation as intended.

So, while things are looking up, and even Vestager admits that "things are finally happening and moving forward," there's a whole lot to negotiate — like data retention requirements and rules on processing metadata — before compliance planning can begin.

Enjoy reading, and I'll see you next week!

Coalition calls for a ban on 'surveillance advertising'

A group of nearly 40 organizations has called for a ban on "surveillance advertising," TechCrunch reports. In an open letter, the organizations write, "Social media giants are eroding our consensus reality and threatening public safety in service of a toxic, extractive business model. That's why we're joining forces in an effort to ban surveillance advertising." The groups include privacy, antitrust, consumer protection and civil rights groups.
Read Story

2. California appoints five privacy experts to inaugural privacy enforcement agency

On March 18, California government officials announced the five experts in privacy and technology to lead the administrative agency responsible for enforcing California's privacy law. Five experts in privacy, technology and consumer rights will staff the Consumer Privacy Protection Board, Lake County News reports. The California Privacy Rights Act (CPRA) established the board's existence. The CPRA passed the ballot in 2020 and will supplant the California Consumer Privacy Act.
Read Story

3. EU Commissioner: Current ePrivacy proposal needs work

The executive vice president of the European Commission said she has reservations about the Portugal presidency's bid to push the ePrivacy Regulation forward. The regulation has been in limbo for years, though it was meant to pass at the same time as the EU General Data Privacy Regulation (GDPR) in 2018. Margrethe Vestager said Portugal's proposal, which the European Council approved, doesn't align with the GDPR's rules as intended. "They are not supposed to play the same role, but they should be aligned, and we will work on that issue," Vestager said.
Read Story

4. Privacy commissioner wants more protections in data-sharing bill

The Australian privacy commissioner has called for additional privacy protections in a proposed law to facilitate government data sharing. The commissioner's office said the Data Availability and Transparency Bill must contain other safeguards and has asked that it incorporate the same definitions as those in the country's Privacy Act. Digital Rights Watch also has problems with the draft text, citing it would make it easier for government agencies to share individuals' personal data among themselves and accredited third parties.
Read Story

5. Advertisers unclear on what to expect from Google in a post-third-party cookie world

Google's Privacy Sandbox and its plans to replace third-party cookies in the coming year are causing some confusion. It's not entirely clear what advertisers can do with their first-party data once Chrome makes the change. "I think the issue is people refer to the Google Privacy Sandbox as one thing when it's really a collection of many potential solutions," said one stakeholder. Digiday reports on what we know so far.
Read Story

6. NIST wants feedback on new BYOD privacy and security guide

The National Institute of Standards and Technology (NIST) has released draft guidance for enterprise bring-your-own-device policies, Health IT Security reports. The guidance aims to "provide system administrators with a standards-based approach" to employee mobile devices that might contain company data. NIST has asked stakeholders for feedback on the guidance by May 3.
Read Story

Schedule a demo of Osano today

Privacy Policy Checklist

Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.

Download Now

Osano Staff

Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.

Blog

Check out some of our latest articles

Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.

View All Blog Posts View All Resources

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Book a Demo

The Osano Platform Overview

Cookie Consent

Subject Rights Management

Assessments

Unified Consent & Preference Hub

Data Mapping

Vendor Privacy Risk Management

Features & Integrations

Privacy Templates

GDPR Representative

Consult Privacy Team

Regulatory Guidance

Integrations

CPRA

CCPA

GDPR

Start-Up

Mid-Sized

Enterprise

Consent Management

DSAR Automation

Privacy Program Management

Vendor Risk Management

Articles

Resource Center

Customer Stories

U.S. Data Privacy Laws

Product Updates

The Newsletter

The Podcast

The Book

Events

Ch-Ch-Ch-Changes

About Us

Careers

Contact

Our Pledge

Data Licensing

Osano Swag Store

Press & Media

Partners & Resellers

Privacy Insider newsletter: March 23, 2021

Osano Staff

In this article

Sign up for our newsletter

Share this article

Privacy Policy Checklist

Osano Staff

Osano Staff

Share this article

Blog

Check out some of our latest articles

Ch-Ch-Ch-Changes

What a Week. Lots to Unpack.

No Data Protections for Employees?

Simplify Data Privacy Compliance