Hello all, and happy Thursday!
When folks first start digging into privacy compliance, they quickly realize how complex and technical it can get. Well, regulatory agencies struggle with the complexity of compliance (or rather, non-compliance) too.
CalPrivacy recently announced that it has hired Sabrina Boyson Ross as its first Chief Privacy Auditor. Getting compliant might involve a lot of technical and organizational work, but uncovering non-compliance from an outsiderâs perspective can be even more difficult.
Ross and the newly formed CalPrivacy Audits Division will be dedicated to auditing and analyzing organizationsâ privacy and technical records to probe for compliance gaps, assess business practices, and provide recommendations to CalPrivacyâs Enforcement Division.
What does this mean for you and me? More enforcement, and more granular enforcement.At the start of the year, the Osano team predicted that 2026 would be the year we start seeing the technical aspect of privacy enforcement take center stage. It looks like that prediction is already starting to come true.
Best,
Arlo
Highlights From OsanoWebinar: Untap Those Wires: How to Reduce CIPA Risk with Your CMP
The Cold War may be over, but wiretap laws are alive, well, andâif youâre a member of the plaintiffâs barâvery lucrative. Thousands of lawsuits have been filed under decades-old wiretap laws in recent years, with the California Invasion of Privacy Act (CIPA) chief among them. How can you protect your business against opportunistic CIPA lawsuits? Join Osanoâs Chief Customer Officer Skye McCullough and Strategic Customer Success Manager Mark Brown on February 5th to discover the answer.
Save your seat | February 5th, 1 pm EST
Blog: Q&A From Our 2026 Privacy Laws Webinar
Whether you were in attendance at our recent webinar, Untangling 2026 Privacy, and didnât get a chance to hear your questionâs answer, or you werenât able to make it, hereâs your chance to learn more. We collected the questions asked by our audience and answered them here in this blog. Learn what there is to know about wiretap lawsuits, assessment workflows, enforcement priorities, and more.
Spain announced plans to introduce an Australia-style social media ban for under-16s as part of a broader crackdown on tech giants over systemic failures to protect users from harm. Spanish Prime Minister Pedro Sanchez said teens under 16 will be unable to access social media platforms starting next week as part of a series of government measures targeting tech platforms.
CalPrivacy has selected Sabrina Boyson Ross to serve as the agencyâs inaugural Chief Privacy Auditor. Ross will lead the CPPAâs newly formed Audits Division, which develops and applies privacy compliance audit procedures and conducts complex regulatory examinations of businesses and business practices. The division obtains and analyzes privacy and technology records to determine compliance with the California Consumer Privacy Act.
The main data protection reforms contained in the UKâs reform law, the Data (Use and Access) Act 2025 (DUAA), are now rapidly coming into force on Thursday, 5 February 2026, nearly eight months after becoming law. Here are the key updates that businesses subject to UK data laws need to know about today.
The European Commission reportedly missed a deadline to provide guidance on how operators of high-risk artificial intelligence systems can meet their obligations under the AI Act, another sign of an ongoing struggle over implementation amid considerations for a delay. The Commission had until 2 Feb. to produce information about adherence to Article 6 of the AI Act.
California Attorney General Rob Bonta recently announced an investigative sweep focused on businessesâ use of consumersâ personal information to set targeted, individualized prices for products and services, a practice known as surveillance pricing that may violate the CCPA. The California Department of Justice is sending letters to businesses in the retail, grocery, and hotel sectors requesting information regarding how they use consumersâ data to set the prices of goods or services.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
Join our official subreddit to stay up to date on the latest news, analysis, guidance, and content from Osano!
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If youâre interested in working at Osano, check out our Careers page!