TikTok Sues Montana
Hello all, and happy Thursday!Read Now
The simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline the DSAR workflow
Ensure your customers’ data is in good hands
Gain insights with privacy assessment templates and workflow management
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Don’t let data privacy compliance get in the way of growth
Preserve your competitive edge
Manage data privacy at scale
Expert insights on all things privacy
Subscribe and become a Privacy Insider
Research the most essential privacy topics
We'll scan your website for privacy risk at no cost
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
No fines, no penalties
Add Osano data privacy ratings and recommendations to your application
Fresh duds for data privacy fans
January 19, 2023
Hello all! For our subscribers in the northern hemisphere, I hope you are all staying warm during these winter months.
One of the stories in this week’s Privacy Insider caught my eye—it’s a deep dive into Apple’s data collection practices. Apple has made privacy-consciousness part of its brand. It has, for instance, set strict privacy standards in the App Store and has even refused to unlock users’ devices for the FBI. But as the device manufacturer adds services and advertising to its offerings, it has inevitably become invested in the collection of user data.
If your business involves the sale of advertisements, then at least some collection of user data is unavoidable. However, there is a fine line to tread between strictly necessary data collection and excessive, invasive, and even dangerous levels of collection. Apple may struggle to tread that line given its history of being a privacy-first brand and its recent forays into digital services and advertising.
For example, researchers have determined that though Apple claims that iPhone usage data is anonymous, it can actually identify users’ names, email addresses, and phone numbers through iPhone analytics data. Researchers have also shown that Apple can view everything you tap on in the App Store.
There have also been allegations that Apple’s pro-privacy stance is just another way for it to achieve its business goals. Apple has lobbied against right-to-repair bills on the basis that third-party repair shops could access user data and violate their privacy. (What else could explain a device manufacturer’s opposition to repairing old devices rather than buying new ones?)
It has also faced anticompetition criticism over which apps it does and does not allow on the App Store, insisting that the App Store’s restrictions are there solely to protect user privacy. User privacy is important, but it’s also a convenient way to direct consumers to Apple products and services.
It’s always instructive to see what positions Big Tech companies take on privacy issues. These businesses’ technologies shape our economy, society, and way of life; many of them have an almost hostile attitude to data privacy, while others—like Apple—appear to embrace it. The question is: Can we all still benefit even if Big Tech’s pro-privacy position is a selfish one?
TikTok fined in France for manipulative cookie-consent flow
France’s data protection authority, the CNIL, recently issued a €5 million fine against TikTok for manipulative design practices surrounding the social media app’s cookie consent mechanism. Essentially, TikTok made it far easier to accept cookies than to reject them. A notable feature of this enforcement action is that it occurred under the EU’s ePrivacy Directive rather than the GDPR, enabling France to directly penalize companies like TikTok, Google, and Meta without having to route complaints through to a business’s lead data supervisor in the EU. In TikTok’s case, this would have been the Irish Data Protection Commission.
All the data Apple collects about you—and how to limit it
In recent years, Apple has garnered a reputation for its stance on privacy. However, that doesn’t mean Apple isn’t collecting data on its users, nor that its data collection practices are wholly above board. This deep dive explains where and how Apple collects user data and what users can do to limit its collection.
Proposed state privacy law updates for 2023
The new year saw several U.S. data privacy laws come online, with more to come in 2023. Right now, even more data privacy laws are up for consideration in various state legislatures. Find out which states are considering privacy laws, and whether 2024 will feature even more privacy laws for businesses to contend with.
Court of Justice of the EU decides that GDPR Right of access allows data subjects to request the identity of each data recipient
The Court of Justice of the EU (CJEU) has determined that the GDPR’s right of access grants data subjects the right to ask for either the identity of the recipients of their data or the categories of the recipients of their data. The ruling underscores the importance of collaborating with vendors who process data on a business’s behalf and remaining aware of which vendors process user data.
Biden calls on Congress to unite on federal privacy legislation
In a Wall Street Journal op-ed, President Joe Biden laid out his administration’s goals when it comes to Big Tech and data collection practices, including the need for data privacy protections, transparency around content algorithms, and greater collaboration. To accomplish these goals, President Biden called for the new Congress to work on bipartisan proposals to protect privacy, prevent harmful content, and tackles anticompetitive conduct.
An interview with the guy who has all your data
Data brokers are a poorly understood business category, yet they have granular data on billions of individuals across the globe. Gizmodo reporters sat down with the CEO of a data broker to better understand this industry and its ramifications on society.
Osano blog: Choosing the right DSAR platform for your business
With the CPRA and other laws, more businesses are receiving data subject access requests (DSARs) than ever before. They’ll quickly discover that handling DSARs with only spreadsheets and email isn’t a sustainable business practice. DSAR solutions exist, but they aren’t made equal; check out our blog to learn more about the essentials to look for when evaluating DSAR solutions.
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.
Writer at Osano
Writer at Osano
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
Osano makes it easy. Ready to get serious about data privacy? Choose your plan and get started. All plans come with a 30-day FREE trial!