Platform
- The Osano Platform Overview
  
  Get an overview of the simple, all-in-one data privacy platform
- Features & Integrations
  
  Key Features & Integrations
Solutions
- By Regulation
- CPRA
  
  Discover how Osano supports CPRA compliance
- CCPA
  
  Learn about the CCPA and how Osano can help
- GDPR
  
  Achieve compliance with one of the world’s most comprehensive data privacy laws
- By Organization Type
- Start-Up
  
  Don’t let data privacy compliance get in the way of growth
- Mid-Sized
  
  Preserve your competitive edge
- Enterprise
  
  Manage data privacy at scale
- By Use Case
- Consent Management
  
  Manage consent without the complexity
- DSAR Automation
  
  Never miss a DSAR deadline again
- Privacy Program Management
  
  Build and grow an end-to-end privacy program
- Vendor Risk Management
  
  Regain insight and control over your customers’ data
Resources
- Resources
  
  Key resources on all things data privacy
- Articles
  
  Expert insights on all things privacy
- Resource Center
  
  Key resources to further your data privacy education
- Customer Stories
  
  Meet some of the 5,000+ leaders using Osano to transform their privacy programs
- U.S. Data Privacy Laws
  
  A guide to data privacy in the U.S.
- Product Updates
  
  What's the latest from Osano?
- Become a Privacy Insider
  
  Data privacy is complex but you're not alone
- The Newsletter
  
  Join our weekly newsletter with over 35,000 subscribers
- The Podcast
  
  Global experts share insights and compelling personal stories about the critical importance of data privacy
- The Book
  
  Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
- Events
  
  Upcoming webinars and in-person events designed for privacy professionals
Latest Blog post

Ch-Ch-Ch-Changes

Hello all, and thanks for reading today.
Read Now
Company
- About Us
  
  The Osano story
- Careers
  
  Become an Osanian and help us build the future of privacy!
- Contact
  
  We’re eager to hear from you
- Our Pledge
  
  No fines, no penalties
- Data Licensing
  
  Add Osano data privacy ratings and recommendations to your application
- Osano Swag Store
  
  Increase Trust. Stay Compliant. Get Cool Swag.
- Press & Media
  
  Inquiries and Osano in the news
- Partners & Resellers
  
  Interested in partnering with us?
Pricing
Sign In Book a Demo

Privacy Insider Newsletter: June 15

Osano Staff

Published: June 15, 2021

Sign up for our newsletter

Welcome to Privacy Insider, a round-up of the week's most important stories.

Hello! Happy mid-June! While things sometimes slow down in the summertime as legislatures adjourn for breaks and the EU prepares for its August off, there have still been some significant developments in the last week.

While the news that Amazon could soon face a $425 fine for violations of the EU General Data Protection Regulation is pretty sexy, I'm more interested in the news out of the EU's highest court on which DPA can take action in privacy enforcement and when (story #3 below).

It indicates some problems with the EU General Data Protection Regulation's one-stop-shop mechanism. In practice, it aims to streamline data privacy enforcement by identifying a lead data protection authority for each company, depending on its geolocation. The idea is that each regulator can handle its jurisdictions' enforcement cases, with backup from two other DPAs. But the problem has been that each member state's DPA has a different sized staff, personality and speed. In addition, many companies have EU headquarters in countries like Ireland, leading to an overburden of cases and subsequent complaints about the efficiency with which it performs its duties.

This week, the European Court of Justice has ruled that DPAs could ostensibly take action even if they aren't the lead authority in a case. That differs from the unified approach anticipated and could lead to an uptick in privacy enforcement.

However, the court said that this could only happen in certain circumstances, and it's not yet clear what those circumstances are.

Enjoy reading, and I'll see you next week!

Colorado's new privacy law: What is it?

Last week, Colorado dominated the privacy Twittersphere when it announced its privacy law had passed the state's legislature. The Colorado Privacy Act contains some similarities to California and Virginia's privacy laws with some fundamental changes, including its provisions on how companies handle "sensitive data." Here, learn which businesses the law captures and where you should start to become compliant ahead of its 2023 effective date.
Read Story

2. Amazon likely to face $425 million fine for alleged GDPR violations

Amazon could face a $425 million fine under the EU General Data Protection Regulation, Reuters reports. Luxembourg's data protection authority (DPA), which is Amazon's DPA since its EU headquarters is there, has circulated a draft decision to the 26 other DPAs. The specific allegations against Amazon haven't been made public but relate to the company's collection and use of personal data and not its cloud services, the report states. DPAs must agree on the fine before it can be final.
Read Story

3. CJEU ruling could mean increased EU privacy litigation

The Court of Justice of the European Union (Europe's highest court) ruled today that in certain circumstances, national data protection authorities (DPA) can take action even if they aren't the designated lead DPA. It's significant because of the number of complaints recently about DPAs not moving fast enough in data privacy investigations. The ruling stems from an initial case by the Belgian DPA against Facebook's cookie tracking of non-users, TechCrunch reports.
Read Story

4. IKEA fined $1.2 million for allegedly spying on employees

A French court has ordered furniture retailer IKEA to pay $1.2 million for spying on its French staff, Reuters reports. Ingka Group, which owns most IKEA stores worldwide, faces the fine after its French branch was found guilty of "improperly gathering and storing data on its employees." The group was accused of reviewing employees' bank accounts, targeting union leaders and paying for access to police files.
Read Story

5. A roundup of Apple's forthcoming privacy and security features

WIRED reports on the privacy and security changes Apple announced last week coming to iOS and macOS. Among the highlights is Apple Mail's new feature called "Mail Privacy Protection," which aims to stop marketers and others from collecting tracking pixels embedded in emails that can deliver information back to the sender, such as a user's location and software platform. Its new "App Privacy Report" will allow users to see how many times an app has accessed information like location, camera and contacts.
Read Story

6. WhatsApp launches privacy campaign following backlash

Following significant backlash over changes to its terms and conditions, WhatsApp has launched a privacy-focused advertising campaign, BBC News reports. The company also said it is "standing firm against pressure from governments … to compromise on the way that it encrypts messages," the report states. WhatsApp is banned in China and has filed suit against the Indian government over rules that would force it to break its own encryption policies.
Read Story

Schedule a demo of Osano today

Privacy Policy Checklist

Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.

Download Now

Osano Staff

Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.

Blog

Check out some of our latest articles

Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.

View All Blog Posts View All Resources

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Book a Demo

The Osano Platform Overview

Cookie Consent

Subject Rights Management

Assessments

Unified Consent & Preference Hub

Data Mapping

Vendor Privacy Risk Management

Features & Integrations

Privacy Templates

GDPR Representative

Consult Privacy Team

Regulatory Guidance

Integrations

CPRA

CCPA

GDPR

Start-Up

Mid-Sized

Enterprise

Consent Management

DSAR Automation

Privacy Program Management

Vendor Risk Management

Articles

Resource Center

Customer Stories

U.S. Data Privacy Laws

Product Updates

The Newsletter

The Podcast

The Book

Events

Ch-Ch-Ch-Changes

About Us

Careers

Contact

Our Pledge

Data Licensing

Osano Swag Store

Press & Media

Partners & Resellers

Privacy Insider Newsletter: June 15

Osano Staff

In this article

Sign up for our newsletter

Share this article

Privacy Policy Checklist

Osano Staff

Osano Staff

Share this article

Blog

Check out some of our latest articles

Ch-Ch-Ch-Changes

What a Week. Lots to Unpack.

No Data Protections for Employees?

Simplify Data Privacy Compliance