.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.webp?width=1220&height=1090&name=Osano-guarantee-seal%20(1).webp)
Hello all, and happy Thursday!
If you’ve ever endeavored to keep your understanding of the privacy landscape current, then you know it’s basically a full-time job. There are too many new laws, regulatory updates, changing best practices and guidance, and enforcement actions to track, digest, and translate into action.
We know it’s hard because we do all the same stuff at Osano (we are a privacy company, after all). To make it manageable, we use a variety of internal tools to stay organized and up to date. These tools help us quite a bit—so we figured, why not share them with the world?
To that end, I’m pleased to present Osano’s Privacy Enforcement Tracker. It’s what we use to keep track of the latest in privacy enforcement, and now you can use it too.
It’s great for:
- Staying up to date with the latest in privacy enforcement
- Filtering to find patterns and cases that are most relevant for your organization
- Reporting on enforcement as part of your communications with your company and leadership
- Understanding the steps you need to take to avoid a similar fate
- Developing a sense for enforcement volume and its focus at any given time
I hope you find it as useful as we do!
Best,
Arlo
.png?width=800&height=418&name=The-Reluctant-Privacy-Pro-1200x627%20(1).png)
Highlights from Osano
New From Osano
Blog: The Osano Privacy Enforcement Tracker Is Here: Fines, Penalties, and How to Avoid Them
"Out of sight, out of mind”—it’s human nature. But in privacy compliance, the one thing you don’t want to lose sight of is regulators’ current enforcement actions. Read our blog to learn more about Osano’s enforcement tracker and how to use it to maximum effect.
Blog: 3 Ways GRC Pros Can Manage Privacy Risk (and Still Have Time to Sleep, Eat, and Relax)
Do you manage all manner of risks from A to Z? Does it get a little harder to manage those risks that come later on in the alphabet—like, say, under “P” for “Privacy”? You’re not alone. Fortunately, there are strategies you can employ to manage privacy risk without burning out. Check out our blog to learn more.
In Case You Missed It...
Podcast: The Elephant in the Chatroom: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
The shift towards virtual third spaces—like social media and online platforms—has transformed how we connect and share personal data. This evolution raises important questions about privacy, community building and the future of human interaction. Christine Rosen, Fellow of The American Enterprise Institute, explores these themes in her work.
Upcoming Webinars and Events
Monthly Meet-Up: Out of the Spotlight: Celebrities, Influencers, & Data Privacy
As society grows increasingly aware of the costs of digital exposure, the conversation around data privacy is shifting—raising timely legal and ethical questions about what it means to live in public. This meetup will explore the complex intersection of fame, influence, and data privacy—unpacking what we willingly trade for convenience and connection, and what gets taken without consent.
Save Your Seat | May 14th
Webinar: The Reluctant Privacy Pro: Shortcuts and Tips for Marketing, Security, IT & More
If you are in marketing, IT, HR, or any other function that handles personal or sensitive data, you may find yourself managing data privacy on top of your regular duties. How can you do right by data privacy, reserve the time and energy for your core work, and do it all without losing your mind? Find out how in our upcoming webinar.
Save Your Seat | May 15th
Webinar: The Strategic Privacy Pro: How to Be a Partner, not a Blocker
Legal and compliance experts are used to being advisors—but modern privacy compliance doesn’t just require you to understand and keep up with regulations (even though that’s a full-time job in and of itself). It requires you to provide guidance on how to translate that regulatory knowledge into practice. Join this webinar to learn how to avoid being a bottleneck and become a valuable business and privacy enabler.
Save Your Seat | May 29th
Top Privacy Stories of the Week
Status Check: Support Is Quickly Eroding for the EU-US Data Privacy Framework
After years of litigation, false starts, and invalidated frameworks, the US had finally achieved a simplified path for GDPR compliant transfers of personal data from Europe. However, European reaction to the recent changes in the US indicates a wavering in the support of the EU-US Data Privacy Framework (DPF) and threatens to send the US back into the data transfer dark ages.
IAB, Others Urge SCOTUS To Intervene in Video Privacy Battle
The Interactive Advertising Bureau (IAB) and other organizations are asking the Supreme Court to rule that web companies don't violate the Video Privacy Protection Act (VPPA), a Reagan-era video privacy law, by embedding online tracking technology on their websites. They are urging the court to hear an appeal relating to the National Basketball Association’s (NBA’s) use of tracking pixels.
From Driver's License to Digital Dossier? Why Some Are Worried About REAL ID.
The REAL ID enforcement deadline will take effect in less than a week, following years of delays. Adults will need a compliant driver’s license or ID to board a commercial domestic flight and enter certain other facilities on May 7—though travelers can continue to use accepted alternatives like a passport. States and advocacy groups have raised concerns over the privacy implications of relying on REAL ID.
EU Denies Data Export to India Over Gaps in Data Protection Law Equivalent to GDPR Standards
In February 2024, the European Data Protection Supervisor (EDPS) refused to let the European Investment Bank (EIB) transfer contact data to India. The EU’s independent data protection agency didn’t find enough “evidence and proof” that India could protect personal data the way the GDPR requires, despite India’s data privacy law the Digital Personal Data Protection Act (DPDPA).
TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
The Irish Data Protection Commission fined TikTok €530 million ($600 million) recently after a four-year investigation found that the video sharing app’s data transfers to China put users at risk of spying, in breach of strict EU data privacy rules. Ireland’s data privacy watchdog also sanctioned TikTok for not being transparent with users about where their personal data was being sent and ordered the company to comply with the rules within six months.
Like what you hear from the Privacy Insider newsletter?
There's more to explore:
🎙️The Privacy Insider Podcast
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
📖 The Privacy Insider: How to Embrace Data Privacy and Join the Next Wave of Trusted Brands
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
