Platform
- The Osano Platform Overview
  
  Get an overview of the simple, all-in-one data privacy platform
- Features & Integrations
  
  Key Features & Integrations
Solutions
- By Regulation
- CPRA
  
  Discover how Osano supports CPRA compliance
- CCPA
  
  Learn about the CCPA and how Osano can help
- GDPR
  
  Achieve compliance with one of the world’s most comprehensive data privacy laws
- By Organization Type
- Start-Up
  
  Don’t let data privacy compliance get in the way of growth
- Mid-Sized
  
  Preserve your competitive edge
- Enterprise
  
  Manage data privacy at scale
- By Use Case
- Consent Management
  
  Manage consent without the complexity
- DSAR Automation
  
  Never miss a DSAR deadline again
- Privacy Program Management
  
  Build and grow an end-to-end privacy program
- Vendor Risk Management
  
  Regain insight and control over your customers’ data
Resources
- Resources
  
  Key resources on all things data privacy
- Articles
  
  Expert insights on all things privacy
- Resource Center
  
  Key resources to further your data privacy education
- Customer Stories
  
  Meet some of the 5,000+ leaders using Osano to transform their privacy programs
- U.S. Data Privacy Laws
  
  A guide to data privacy in the U.S.
- Product Updates
  
  What's the latest from Osano?
- Become a Privacy Insider
  
  Data privacy is complex but you're not alone
- The Newsletter
  
  Join our weekly newsletter with over 35,000 subscribers
- The Podcast
  
  Global experts share insights and compelling personal stories about the critical importance of data privacy
- The Book
  
  Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
- Events
  
  Upcoming webinars and in-person events designed for privacy professionals
Latest Blog post

Ch-Ch-Ch-Changes

Hello all, and thanks for reading today.
Read Now
Company
- About Us
  
  The Osano story
- Careers
  
  Become an Osanian and help us build the future of privacy!
- Contact
  
  We’re eager to hear from you
- Our Pledge
  
  No fines, no penalties
- Data Licensing
  
  Add Osano data privacy ratings and recommendations to your application
- Osano Swag Store
  
  Increase Trust. Stay Compliant. Get Cool Swag.
- Press & Media
  
  Inquiries and Osano in the news
- Partners & Resellers
  
  Interested in partnering with us?
Pricing
Sign In Book a Demo

Sephora serves as a wakeup call before 2023

Arlo Gilbert

Published: September 29, 2022

Sign up for our newsletter

Happy Thursday, and a happy fourth quarter! With October mere days away, it’s a good time to start thinking about what needs to be done before 2023. We’re always striving to communicate the importance of data privacy at Osano, but with the new year around the corner, we’re putting in overtime to inform and educate.

2023 is a big year for data privacy. A number of new data privacy laws will be coming online in 2023, the most significant being the CPRA. With Sephora being hit with a $1.2 million fine after failing to meet the requirements of the CCPA, businesses have been scrambling to get compliant.

We’ve covered the Sephora settlement in a previous edition of Privacy Insider and have linked to another piece focused on the business community’s reaction in this edition of the newsletter. We’ll have our own blog post analyzing the enforcement action, too. Keep your eyes on our blog and this newsletter to read that article in the near future.

Notably, the California Attorney General notified Sephora that it was in violation of the CCPA and gave them 30 days to address their violations. Sephora, however, didn’t meet the deadline. This 30-day period is actually baked into the CCPA — since the law is relatively new, this “cure period” is an opportunity for businesses to learn and adapt.

Why bring this up now? The CPRA, which goes into effect on January 1, does away with the CCPA’s cure period. Any grace periods will be completely at the whim of the AG and the newly created Consumer Privacy Protection Agency.

Sephora wasn’t able to become compliant within 30 days, and the CPRA won’t even provide that short cure period. Now that Q4 is here, the Sephora settlement is a clarion call to get ready for 2023. After all, early preparedness is rarely regretted.

Best,

Arlo

Snapchat biometric privacy $35M class action settlement
Snap Inc. has settled a class action lawsuit, agreeing to pay the litigants $35 million. The suit alleged that Snap Inc. collected, possessed, and disclosed biometric data when users activated the lens and filter features in the Snapchat app. This would be a violation of Illinois’s Biometric Information Privacy Act (BIPA).
Read more

ICO could impose a multi-million pound fine on TikTok for failing to protect children’s privacy
The UK’s Information Commissioner's Office (ICO) has issued a TikTok a notice of intent, signaling that it may levy a fine against the social media company. The notice of intent follows an investigation by the ICO that found the company may have processed the data of children under the age of 13 without parental consent, failed to provide the appropriate information to its users, and processed special category data. While these findings are provisional, they may translate to a £27 million fine.
Read more

Senators push to reform police’s cellphone tracking tools
Following an AP investigation and a Federal Trade Commission (FTC) hearing on the use of the “Fog Reveal” tool, senators are pushing for legislation to regulate law enforcement’s ability to track citizens’ whereabouts using cellphone data.

“Americans are increasingly aware that their privacy is evaporating before their eyes,” said Senator Ed Market, a Massachusetts Democrat, “and the real-world implications can be devastating. Today, companies we’ve all heard of as well as companies we’re completely unaware of are collecting troves of data about where we go, what we do, and who we are.”
Read more

Google adds new elements to its ‘Consent Mode’ to ensure your site aligns with user data permissions
Google recently updated its Consent Mode feature, which adjusts what data website pages collect based on visitors’ consent preferences. Primarily, the updates help website owners with debugging, provide greater insights into tagging and consent rates, and more.
Read more

Brands review data privacy policies after $1.2 million Sephora settlement
The recent $1.2 million Sephora settlement has alerted businesses to the importance of data privacy and the need to become compliant before the CPRA goes into effect on January 1. The Wall Street Journal covers how companies are reacting.
Read more

Osano blog: The lessons we learned at INBOUND 2022
Earlier this month, the Osano team had the pleasure of attending one of the most significant marketing events of the year: HubSpot’s INBOUND. Talking with marketing professionals about data privacy and how it impacts their roles was equal parts informative and surprising. Check out our blog to see what lessons we learned.
Read more

Osano blog: What we do to stay compliant
Ever wondered what a data privacy company’s compliance activities look like? We detailed Osano’s approach to data privacy compliance in this blog post.
Read more

Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.

Schedule a demo of Osano today

Privacy Policy Checklist

Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.

Download Now

Arlo Gilbert

Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.

Blog

Check out some of our latest articles

Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.

View All Blog Posts View All Resources

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Book a Demo

The Osano Platform Overview

Cookie Consent

Subject Rights Management

Assessments

Unified Consent & Preference Hub

Data Mapping

Vendor Privacy Risk Management

Features & Integrations

Privacy Templates

GDPR Representative

Consult Privacy Team

Regulatory Guidance

Integrations

CPRA

CCPA

GDPR

Start-Up

Mid-Sized

Enterprise

Consent Management

DSAR Automation

Privacy Program Management

Vendor Risk Management

Articles

Resource Center

Customer Stories

U.S. Data Privacy Laws

Product Updates

The Newsletter

The Podcast

The Book

Events

Ch-Ch-Ch-Changes

About Us

Careers

Contact

Our Pledge

Data Licensing

Osano Swag Store

Press & Media

Partners & Resellers

Sephora serves as a wakeup call before 2023

Arlo Gilbert

In this article

Sign up for our newsletter

Share this article

Privacy Policy Checklist

Arlo Gilbert

Arlo Gilbert

Share this article

Blog

Check out some of our latest articles

Ch-Ch-Ch-Changes

What a Week. Lots to Unpack.

No Data Protections for Employees?

Simplify Data Privacy Compliance