How will data privacy bills fare in the lame-duck Congress?

  • by Arlo Gilbert
  • · posted on December 1, 2022
  • · 3 min read
How will data privacy bills fare in the lame-duck Congress?

Hello all! For those of you who celebrated, I hope you had a restful Thanksgiving with friends and family. 

It’s an interesting time of year at Osano—we’re dealing with the hustle and bustle of the holiday season like everyone else, but we’re also keeping a close eye on U.S. legislatures now that the midterm elections are over. 

Several state legislatures have gained lawmakers who have been involved in crafting data privacy legislation in the past. Five U.S. states already have privacy laws on the books (California, Connecticut, Virginia, Colorado, Utah). With the new set of representatives stepping into their roles, we’re likely to see that figure grow.

At the same time, data privacy laws at the federal level face an uncertain future. Proponents have been pushing for laws like the American Data Privacy Protection Act (ADPPA), the Kids Online Safety Act (KOSA), and the Children’s Online Privacy Protection Act (COPPA) 2.0 to be advanced during the lame-duck session of Congress. 

For the unfamiliar, a “lame duck” is an elected official whose successor has been elected—normally it connotes a politician with little influence or ability to push things forward. But both the House and Senate currently reside in Democrats’ hands; when Republicans take control of the House, privacy proponents fear that the two parties’ differences will make it impossible to compromise on data privacy laws. Thus, numerous privacy advocacy groups are pushing for action on data privacy now. However, it’s important to keep in mind that data privacy enjoys bipartisan support; just because the political landscape is changing next year doesn’t mean data privacy bills are doomed.

So, there’s a lot that we’re keeping our eye on at Osano—and that’s on top of all the gift-giving, travel, and family visits that go on during the holiday season. Nevertheless, if anything major happens in the world of data privacy during this holiday season, you’ll hear about it in Privacy Insider.

Best,

Arlo


Meta fined $277 million for leak of half a billion users
The Irish Data Protection Commissioner has fined Meta €265 million ($277 million) for leaving half a billion users’ information exposed to data scrapers. The fine follows a 2021 investigation that revealed over 530 million Facebook users’ information had been leaked on a public forum.
Read more


Human rights, LGBTQ+ organizations oppose Kids Online Safety Act
In response to a push to pass the Kids Online Safety Act (KOSA) during the lame-duck session of Congress, dozens of human rights and LQBTQ+ organizations have written to members of Congress, asserting that the act would not make children safer online. Rather, the groups alleged, KOSA would undermine children’s safety “by effectively forcing providers to use invasive filtering and monitoring tools; jeopardizing private, secure communications; incentivizing increased data collection on children and adults; and undermining the delivery of critical services to minors by public agencies like schools.”
Read more


The future of state privacy legislation after the 2022 election
Numerous American data privacy laws are in the middle of the legislative process. Now that the midterm elections are over, what do their futures look like? JDSupra calls out new state privacy laws that are likely to be enacted, privacy laws that face an uncertain future, and privacy laws that are effectively dead on arrival following the midterm elections.
Read more


How Google is trying to help advertisers and publishers link their data
Google has introduced PAIR—short for Publisher Advertiser Identity Recognition—a tool it says can help advertisers and publishers reach their overlapping audiences using first-party data. It’s one of several ways that the tech giant is attempting to rework how advertising and data privacy functions on the internet and to move away from the reliance on third-party cookies for retargeting.
Read more


Australia passes the ​​Privacy Legislation Amendment Bill 2022
Following a slew of data breaches, the Australian government has passed the Privacy Legislation Amendment Bill 2022. The new bill updates Australia’s 1988 bill, the Privacy Act, and grants the Office of the Australian Information Commissioner (OAIC) significantly greater powers to enforce privacy regulation.
Read more


Microsoft 365 faces darkening GDPR compliance clouds after German report
A two-year assessment by German data protection regulators found that Microsoft has been unable to resolve identified compliance issues with the tech giant’s 365 productivity products. The conclusion comes even after German data protection regulators worked directly with Microsoft to improve its compliance posture.
Read more


Osano blog: What's going on with the Children's Online Privacy Protection Act (COPPA)?
Children’s data remains a hot-button topic in the U.S. Read our blog to find out what’s new with COPPA and other legislation regulating children’s data.
Read more

Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.

2023 privacy laws action plan guide

About The Author · Arlo Gilbert

Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 20 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.