Tryptophan Won’t Put the Privacy World to Sleep
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: August 8, 2024
Hello all, and happy Thursday!
For some time, Illinois has been the wrong place to play fast and loose with consumer biometric data. That’s still true for a variety of reasons—not least of which is the simple fact that it’s wrong to abuse people’s personal data. But now, violators of Illinois’s Biometric Information Protection Act (BIPA) face significantly reduced financial penalties.
Previously, businesses that misused consumer biometric data in violation of BIPA were penalized per instance of misuse. Since a business could conceivably misuse one individual’s biometric data over and over again before getting caught, BIPA fines could reach stratospheric levels, like Facebook’s eye-watering $650 million fine.
However, Governor Pritzker recently signed legislation that changed the method for calculating fines. Now, penalties apply on a per-person basis, which considerably reduces a business’s potential liability.
Does that mean it’s open season for Illinoisan’s biometric data? Nope.
BIPA’s penalties can still be significant, even with the new method for calculating fines. And while Illinois lacks a state data privacy law, the number of other state privacy laws that now exist make it difficult for a business to selectively misuse Illinoisan’s biometric data, especially since biometric data is often classified as “sensitive” personal informpeoation subject to additional requirements under data privacy law.
All in all, this change doesn’t mean too much for businesses; keep investing in your privacy program and protecting consumer personal data, and you won’t ever have to think about how BIPA penalties are calculated.
Best,
Arlo
The Data Protection Commission (DPC) has launched High Court proceedings against Twitter International Unlimited Company over concerns about how the personal data of millions of European users of X, as the social network is now called, is being processed. The DPC says its concerns center around the use of this data, in public posts by X users, in the European Union/European Economic Area to train artificial intelligence (AI) systems utilized by Twitter, including its enhanced search tool known as “Grok.”
While the recent proliferation of comprehensive privacy laws enacted by at least eighteen states has dominated the news in the US, another development threatens to further impact companies operating websites accessed by California consumers—the recent wave of lawsuits and arbitration demands under the California Invasion of Privacy Act (CIPA). The American Bar Association (ABA) breaks down these CIPA lawsuits here.
Google has violated U.S. antitrust law with its search business, a federal judge ruled Monday, handing the tech giant a staggering court defeat with the potential to reshape how millions of Americans get information online and to upend decades of dominance. “After having carefully considered and weighed the witness testimony and evidence, the court reaches the following conclusion: Google is a monopolist, and it has acted as one to maintain its monopoly,” US District Judge Amit Mehta wrote in Monday’s opinion.
Illinois Governor J.B. Pritzker has signed a bill into law that will significantly curb the penalties companies could face for improperly collecting and using fingerprints and other biometric data from workers and consumers. The bill, passed by the legislature in May and signed by Pritzker on Friday amends the state's Biometric Information Privacy Act (BIPA) so that companies can be held liable only for a single violation per person, rather than for each time biometric data is allegedly misused.
Following a Federal Trade Commission (FTC) investigation, the Department of Justice sued video-sharing platform TikTok, its parent company ByteDance, as well as its affiliated companies with violating the Children’s Online Privacy Protection Act (COPPA) and also alleged they infringed an existing FTC 2019 consent order against TikTok for violating COPPA.
Should the suit be successful, TikTok may be fined up to $51,744 per violation, per day.
For many organizations, the problem isn’t how to handle a DSAR; it’s how to handle multiple DSARs all at once, with complete accuracy, and on time. Our blog identifies five common challenges businesses face when trying to manage their DSARs more effectively as well as five solutions.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.