ADMT & Employment
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: November 10, 2022
Hello all! American Thanksgiving is right around the corner, and before you know it, it’ll be Christmas and the New Year—and with it, a cavalcade of new data privacy laws.
With rapidly changing regulations, I am expanding our regulatory team at Osano and am hiring several full-time Privacy Analysts. If you think you would be a good fit, check out the role description here!
But I won’t harp on about how busy 2023 will be for data privacy compliance. If that’s something you’re interested in diving into, I recommend reviewing our six-month and three-month countdown blogs. (Keep your eyes peeled for the one-month installment in the near future.)
Instead, I’d like to draw attention to a topic covered in one of our stores in this edition of Privacy Insider: Data brokers.
NPR’s Planet Money podcast recently provided an overview of what data brokers are, and how many app developers aren’t even aware that some of the SDKs they rely on to build their apps’ functionality supply these brokers with their end users’ data. In fact, some data brokers market their SDKs to developers precisely so they can tap into end users’ data.
It’s an excellent example of how data collection and processing are so frequently concealed from the general public. The average consumer has a decent understanding that if they use a free social media platform, their data is being collected. That’s thanks in part to regulation and clear privacy policies. But social media is just the tip of the iceberg when it comes to data collection.
The average consumer will almost never interact with a data broker or become familiar with the million different ways their data is being collected, analyzed, packaged, and sold. Not all of this data collection is necessarily noncompliant or opaque—but a lot of it is. When consumers aren’t informed about data collection and when there are no checks on what businesses can do with that data, everybody loses.
So, if 2023’s new data privacy laws have you feeling anxious, just know that these regulations have been a long time coming and will ultimately lead to a safer, more privacy-aware internet.
Best,
Arlo
California’s new child privacy law could become a national standard
The California Age-Appropriate Design Code Act serves as the U.S.’s most comprehensive children’s privacy law since 1998’s Children’s Online Privacy Protection Act (COPPA). Due to the technical challenges of implementing different technological designs in different regions, tech companies may be forced to apply privacy protections for all users in the U.S. The law requires tech companies to design their platforms with children’s well-being in mind and regulates eight common data-collection practices.
Read more
CPRA regulations enter the home stretch
The California Privacy Protection Agency (CPPA) recently approved draft regulations for the California Privacy Rights Act (CPRA) and opened a public comment period that will run until November 21st. If no further action is needed after that comment period closes, then the CPRA’s rules will be finalized, offering businesses much-needed insight into their obligations. Notably, a potential delay to the beginning of enforcement is on the table.
Read more
California expands scope of Confidentiality of Medical Information Act
After a rise in telemental health services, California passed Assembly Bill 2089, which will broaden the scope of the Confidentiality of Medical Information Act (CMIA) to explicitly cover “mental health application information.” Under the expanded law, telemental health services will be subject to the CMIA.
Read more
What data brokers do with your geolocation data
NPR’s Planet Money Podcast dives into how app developers are (sometimes inadvertently) funneling users’ geolocation data to data brokers. These data brokers then sell that information to third parties who use the data for a multitude of purposes, ranging from the innocuous to the nefarious, and sometimes expose that data to outside parties unintentionally.
Listen
What you need to know about Indonesia’s Personal Data Protection Law
Indonesia has joined a host of other countries with a data privacy law on the books. Ratified on 17 October 2022, the Personal Data Protection Law (PDP Law) contains 76 articles, which are divided into 16 chapters, and broadly mirrors the EU’s General Data Protection Regulation (GDPR). JDSupra covers key concepts in the law around data processing, personal data controllers and personal data processors, data protection officers, and data transmission.
Read more
Tech giants warn that Australian privacy bill applies to customers outside of Australia
A potential bill that would strengthen data privacy protections and penalties for data breaches in Australia has been criticized by tech giants, including Meta, Google, and Twitter. The businesses claim that the bill’s current language implies that any foreign organization carrying on business in Australia would be regulated, regardless of whether it actually processed the personal information of Australian citizens.
Read more
LinkedIn wins suit against data scraper
hiQ labs, a “people analytics” company, was sued by LinkedIn after the social media platform discovered hiQ was violating their terms of service by scraping data from user profiles and avoiding technical defenses against such actions. After a six-year battle, the U.S. District Court for the Northern District of California ruled in favor of LinkedIn. The ruling has implications for the unauthorized use and collection of profile data by bots.
Read more
Listen to Osano’s VP of Finance & Operations, Jonathan Grant, on the Founders & Friends Podcast
Recently, our very own Jonathan Grant, VP of Finance & Operations at Osano, was invited to make a guest appearance on Kruze Consulting’s Founder and Friends Podcast. On the podcast, Jonathan talked about his experiences working at a SaaS startup, the impact of strategic finance on businesses and the insights it can produce, and the future of Osano.
Listen
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.