Another Privacy Law is Online!
Hello all, and happy Thursday!
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: August 1, 2024
Hello all, and happy Thursday!
As one might guess, COPPA 2.0 merely serves as an update to COPPA (1.0). KOSA, however, may serve as more of a sea change for children’s data privacy and digital platforms.
In essence, the bill will require platforms used by minors to take steps to mitigate certain specific risks, such as cyberbullying and harmful content. Several privacy proponents are actually against the passage of this bill—not because they’re fans of cyberbullying worried about missing out on their favorite pastime but because meeting the laws’ requirements may result in significant violations of users’ privacy rights.
According to the Electronic Frontiers Foundation (EFF), KOSA “actually requires tech companies to collect more data on internet users than they already do.” Since KOSA would penalize organizations that show regulated content to children, it would force them to collect more data on users to ensure they’re of an appropriate age when accessing certain content. And, while unrelated to privacy, the EFF also argues the bill's vague language may cause organizations to filter out helpful content related to mental health care, addiction recovery, and LGBTQ+ issues.
Of course, all of this is hypothetical as the bill has yet to be passed into law. However, it does highlight the challenges behind crafting effective regulation. Bills with the best of intentions can inadvertently lead to violations of the rights we hold dear—including (and sometimes especially) our right to privacy.
Best,
Arlo
P.S. Proposed laws like KOSA and COPPA 2.0 also highlight the importance of knowing where and when you collect sensitive information (such as children’s data). Data mapping is key to understanding your data landscape, but many organizations feel overwhelmed by it. If that sounds like you, register for our upcoming webinar on August 15th, It’s Time to Think About Data Mapping Differently.
KOSA, along with COPPA 2.0, recently passed a Senate vote and now moves to the House. The bill works by creating a duty of care for online platforms that are used by minors, requiring they take “reasonable” measures in how they design their products to mitigate a list of harms, including online bullying, sexual exploitation, drug promotion, and eating disorders. It specifies that the bill doesn’t prevent platforms from letting minors search for any specific content or providing resources to mitigate any of the listed harms, “including evidence-informed information and clinical resources.”
Meta has agreed to a $1.4 billion settlement with Texas in a privacy lawsuit over allegations that the tech giant used biometric data of users without their permission. Texas Attorney General Ken Paxton said the settlement is the largest secured by a single state. In 2021, a judge approved a $650 million settlement with the company over similar allegations of users in Illinois.
Senators Ron Wyden a Democrat from Oregon, and Edward Markey, a Democrat from Massachusetts, want the Federal Trade Commission (FTC) to investigate how car companies collect data and punish them if they’ve violated the law. The two senators called on the commission to look into auto manufacturers in a July 26 letter to FTC Chair Lina Khan.
In a recent blog post, FTC staff from the Office of Technology explained how hashing (a common method of obscuring data) doesn’t count as true anonymization. “Companies often claim and act as if data that lacks clearly identifying information is anonymous,” states the blog “but data is only anonymous when it can never be associated back to a person.”
In a tentative ruling, a Los Angeles County judge concluded that punitive damages were appropriate in a CIPA case, before reversing this ruling. The particulars of the case could have implications for future CIPA rulings.
Worried about throwing away previous data mapping efforts if you switch to Osano? Don’t be—we've made it easy to migrate your existing data map. Check out our blog to find out more!
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.