VPPA: The 40-Year-Old Law Being Used to Protect Privacy
Hello all, and happy Thursday!Read Now
The simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline the DSAR workflow
Ensure your customers’ data is in good hands
Gain insights with privacy assessment templates and workflow management
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Don’t let data privacy compliance get in the way of growth
Preserve your competitive edge
Manage data privacy at scale
Expert insights on all things privacy
Subscribe and become a Privacy Insider
Research the most essential privacy topics
We'll scan your website for privacy risk at no cost
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
No fines, no penalties
Add Osano data privacy ratings and recommendations to your application
Fresh duds for data privacy fans
December 22, 2020
Welcome to the latest edition of the Privacy Insider newsletter. Each week, we send you the latest and smartest news in the world of data privacy.
It might be the end of 2020, but that doesn't mean on privacy and data protection news slows down. This week, Facebook announced changes to its product to comply with a new EU privacy rule in effect. The ePrivacy Directive's rules have expanded to accommodate more forms of communication.
In addition, a new privacy enforcement agency, established under the law that California voters passed in November, is beginning to take shape. The agency will oversee the implementation of the Consumer Privacy Rights Act, and it's an interesting story because it's unprecedented here in the U.S. The EU's data protection authorities are becoming well seasoned regulators, having overseen compliance with the EU General Data Protection Regulation for two years now. But in the U.S., we've historically had to look to attorneys generals to enforce their state's privacy laws, given the absence of a federal privacy law in the U.S. Most agree they've done a great job, but their mandate is much broader than just privacy. The new agency has a singular purpose.
What's more, the establishment of the California agency could ostensibly be the start of something good here in the U.S. If other states follow suit, perhaps the EU will look more kindly on the seriousness with which the U.S. takes protecting privacy, a shift the U.S. very much needs if it wants to continue a collaborative relationship on both fighting terrorism and commerce, among other priorities.
In fact, a story in today's Privacy Insider looks at one of those important relationships and the privacy criticisms levied against it.
Stay safe and warm this holiday season, and we hope you enjoy this week's edition.
Here are the top stories you might have missed:
New Enforcer of California Privacy Rights Act is faceless, for now
In November, California voters approved Proposition 24, the Consumer Privacy Rights Act (CPRA). The law will replace the California Consumer Privacy Act (CCPA) when it comes into force in January 2023. Importantly, the new law assigns a new data privacy cop on the beat, changing enforcement responsibilities from the state’s attorney general to the California Privacy Protection Agency, reports this Osano blog post.
Facebook announces ‘messaging’ changes to accommodate ePrivacy Directive expansion
Responding to changes in the EU’s Privacy and Electronic Communications Directive, which become effective this week, Facebook has announced changes to its messaging products for users, SocialMediaToday reports. The ePrivacy Directive will now cover more forms of digital communication. Facebook said, "People using our messaging and calling services in Europe or interacting with friends and family in Europe may notice some changes to features on Messenger, Instagram and Facebook. In order to comply with the law, we needed to adjust the way our services work, such as further segregating messaging data from other parts of our infrastructure."
New Zealand’s updated law carries an ‘I’m sorry’ provision
On Dec. 1, New Zealand’s revised privacy law came into effect. Compliance Week reports on a provision that hasn’t made as much news as the law’s mandatory breach reporting and potential fines: the ability to apologize without admitting guilt. “This brings a very human touch to the legislation that will likely make a big difference in the mediation and settlement process. …. Being able to say ‘I’m sorry this happened to you’ is very different than ‘I’m sorry I caused you harm,’” the report states.
Privacy group finds menstruation apps ‘unnecessarily’ storing personal data
Privacy International, a U.K.-based advocacy charity, has found that menstruation apps are unnecessarily storing personal information, The Guardian reports. The group studied five of the most popular menstruation apps and found companies storing “intimate information on users,” including the medication she takes, birth control plans and sexual habits. The group is calling on apps to restrict the amount of information they store and allow for registration to be optional, omitting the requirement for an email address.
Opinion: Privacy concerns over EU/US data-sharing valid, but program essential
In an opinion piece for The Hill, a member of the U.S. Civil Liberties and Oversight Board describes the board’s recent review of the Terrorist Finance Tracking Program (TFTP). The program allows the U.S. to provide “a steady dream of valuable intelligence to EU member states” to thwart terrorism on both sides of the Atlantic. However, writes board member Adam Klein, EU officials have repeatedly expressed concerns about the program’s impact on privacy, which Klein calls “legitimate and important,” but notes TFTP “is a truly cooperative arrangement that works well for both sides.”
EU data supervisor’s Christmas letter: COVID identified new challenges for privacy leaders
In a Christmas letter, European Data Protection Supervisor Wojciech Wiewiórowski describes his first year in the role under “these extraordinary circumstances.” The EDPS writes that the global COVID pandemic has “served as a magnifying glass for global trends that pervade our societies” and “risks being the perfect occasion for some to exploit the most sensitive attributes of human beings, health data.”
Attorneys general coordinating on breach enforcement, settlements
JD Supra reports on an on-the-rise trend: state attorneys general coordinating data breach enforcement. The “AG community is now motivated and experienced when it comes to pursuing such settlements, said Tennessee's chief deputy attorney general Jonathan Skrmetti. His office recently let a joint effort on a Community Health Systems breach in which 6.1 million records were hacked. Collaborating allows the regulators to leverage each others’ resources and experiences, Skrmetti said.
Privacy group calls for Florida county to halt student-data program
In a legal analysis published Dec. 19, privacy think-tank the Future of Privacy Forum called on a Florida county’s sheriff’s office and schools to change a program that uses student data to predict future criminality. “The Sheriff’s Office’s current data practices violate not only its contract with the school board but also the privacy protections required by the federal education privacy law,” said the Future of Privacy Forum. It called for “increased transparency, additional training and proactive steps from school administrators to mitigate legal and ethical issues.”
Writer at Osano
Writer at Osano
The Osano staff is a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet. Occasionally, the team writes under the pen name of our mascot, “Penny, the Privacy Pro.”
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
Osano makes it easy. Ready to get serious about data privacy? Choose your plan and get started. All plans come with a 30-day FREE trial!