Major News from Osano!
Hello all, and happy Thursday!Read Now
November 3, 2022
Happy November, everybody!
Unless you’ve achieved a zen-like ability to ignore the headlines, you’re probably aware of Elon Musk’s purchase of Twitter.
Normally, we like to focus this newsletter on a variety of important data privacy stories and not endlessly report on the foibles of big tech giants, but this news story merits the attention. It’s not every day that a social media company with hundreds of millions of users gets acquired by a new entity after all. When that happens, our first question is how that new entity treats data privacy.
We feature one article in our newsletter this week that raises privacy concerns over the acquisition, but it’s by no means the only article about Twitter’s existing data privacy issues and the potential for additional issues now that Musk is at the helm. For example: would Musk combine customer data from one of his many other enterprises with Twitter user data to create more precise ad targeting on Twitter? Will Twitter get around to encrypting its DMs from end to end, so internal employees can no longer access their content? Will Twitter update its data retention policy to delete deactivated user data?
Musk has already indicated that Twitter will comply with the EU’s new Digital Services Act (DSA), which enforces rules around illegal and harmful content and the use of personal information in targeted advertisements, among other requirements. Signaling the intention to comply with this new regulation would suggest that Musk also intends to comply with other existing regulations like the GDPR.
However, Musk’s public comments seem to contradict his plans to comply with the DSA. And we’ve seen plenty of evidence demonstrating how big tech companies struggle with data privacy compliance in general.
At the end of the day, the fundamental business model of social media platforms like Twitter is to show its users targeted advertisements. As long as that remains true, there will always be conflict between social media platforms and data privacy.
FCC commissioner says government should ban TikTok
Brendan Carr, one of five commissioners at the Federal Communications Commission (FCC), advocated for the Council on Foreign Investment in the U.S. (CFIUS) to ban TikTok in a recent interview. "I don’t believe there is a path forward for anything other than a ban," said Carr. However, the FCC lacks the authority to ban TikTok itself; only the CFIUS can take such an action.
The EU adopts the Digital Services Act
On October 27, 2022, the EU adopted the Digital Services Act (DSA), which forces digital service providers to moderate content, meet requirements around online advertising, and enforce trader transparency. Much like the GDPR, the DSA is a sweeping regulation that will likely impact how digital services providers conduct business outside of the EU.
TikTok users receive first payments resulting from a class-action lawsuit
TikTok users who created videos before September 30, 2021, began receiving payments between $27.84 and $167.04 this week as a result of a $92 million settlement against the social media company. Without a comprehensive federal privacy regulation, the lawsuit relied on a patchwork of different state privacy laws, such as Illinois’s biometric data privacy law.
Meta hit with antitrust breach order in Turkey for combining user data
Meta was recently fined the equivalent of ~$18.6 million in Turkish Lira over the social media company’s creation of highly detailed user profiles that combined data from WhatsApp, Facebook, and Instagram. While the fine isn’t the largest levied against Meta, the basis of the fine—that Meta violated antitrust laws over the combination of user data across its portfolio of apps—has big consequences for Meta, as the company depends upon the creation of detailed user profiles for micro-targeted advertisements.
UK watchdog warns against AI for emotional analysis
The Information Commissioner’s Office (ICO) warned against companies relying on AI to conduct emotional analyses of human facial expressions using biometric data. “Developments in the biometrics and emotion AI market are immature. They may not work yet, or indeed ever,” said the ICO’s deputy commissioner. “While there are opportunities present, the risks are currently greater. At the ICO, we are concerned that incorrect analysis of data could result in assumptions and judgements about a person that are inaccurate and lead to discrimination.
Elon Musk’s ownership of Twitter highlights data privacy gaps in the social media company
Twitter has been criticized for poor data privacy practices in the past, particularly its lack of end-to-end encryption for direct messages (DMs). As a result, Twitter employees have access to the content of user DMs. Now that Elon Musk has taken over control of the social media company, those criticisms have been renewed.
A controversial ballot initiative allowing for the use of psychedelics in therapy draws data privacy concerns
Colorado is voting on the passage of Proposition 122, which would allow for the production and use of psilocybin for therapeutic purposes. However, Proposition 122 would enable psilocybin access outside of the scope of the Health Insurance Portability and Accountability Act (HIPAA). Instead, experts believe Proposition 122’s data collection regulation would be closer to commercial data practices, such as those adhered to by Google, Facebook, or 23andMe.
FTC sues Chegg after the homework helper suffered four data breaches in three years
After exposing approximately 40 million students’ data—including names, religion, sexual orientation, disabilities, and parents’ income—across four separate data breaches, Chegg has been sued by the Federal Trade Commission (FTC).
Osano blog: Free CMP scorecard
Considering whether to make an investment in a consent management platform (CMP)? We developed a handy scorecard that identifies the right questions to ask and guides you through the evaluation process.
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you..
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.