What a Week. Lots to Unpack.
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: May 4, 2023
Hello all, and happy Thursday!
A few stories in our newsletter this week highlight the perpetually underestimated risk of being victim to a data breach. Specifically, the American Bar Association (ABA) suffered a data breach (and is, of course, being sued). T-Mobile also suffered another data breach this year, marking its eighth breach since 2018.
It’s funny—data breaches have become so common that they almost fly under the radar. In the recently released Internet Crime Report, the FBI’s Internet Crime Complaint Center (IC3) stated they received a total of 800,944 reported crime complaints in 2022, with associated losses exceeding $10.3 billion. Because these breaches are so common, we’ve almost become desensitized to them.
And even though it feels like being kicked when you’re down, data breaches are a trigger for lawsuits and data privacy enforcement action. They serve as evidence that personal data was mishandled, whether through excessive collection and retention or a lack of sufficient protection. That’s the focus of the ABA class action lawsuit—the plaintiffs allege that the ABA “grossly fail[ed] to comply with security standards.”
Unfortunately, there will never be an end to cybercrime, nor a blanket solution to protecting yourself. Malicious actors develop new techniques every year, so the only recourse to continuously develop new defenses and mitigation strategies to protect your and your consumers’ data.
Best,
Arlo
UK ICO Updates Guidance on Artificial Intelligence and Data Protection
The UK’s Information Commissioner’s Office (ICO) recently released a set of best practices for data protection-compliant AI as well as information on how it interprets data privacy law in the context of AI. The guidance is not legally binding but does provide useful insights into how to use AI ethically and how future laws regulating AI might unfold.
EU MEPs Adopt Resolution Against Adequacy Decision Of The EU-U.S. Data Protection Framework
Members of the European Parliament (MEPs) have recommended that the EU Parliament not grant the EU-U.S. Data Protection Framework an adequacy decision that would allow for the flow of personal data from the EU to the U.S. without the use of standard contractual clauses, binding corporate rules, or another lawful method of transfer.
ChatGPT Resumes Service in Italy After Adding Privacy Disclosures and Controls
Although a local probe of ChatGPT’s compliance with Italy’s data protection rules continues, the AI chatbot has resumed service in Italy. Now, Italian users are presented with a popup asking for confirmation that they are 18+ (or 13+ with consent from a parent or guardian) as well as links to OpenAI’s Privacy Policy and an article on how OpenAI develops and trains ChatGPT. These new disclosures and controls, among other changes, address the bulk of Italian authorities’ objections.
American Bar Association Accused of Data Breach Affecting 1.4 million people
In a class action lawsuit, the American Bar Association (ABA) has been accused of “grossly fail[ing] to comply with security standards” and causing a data breach that affected approximately 1.5 million people. The breach occurred in March of 2023, and the stolen data included personal information such as names, phone numbers, addresses, email addresses, and financial information.
All SMS Will Now Be Intercepted, Screened in Malaysia
Based on a directive from the Malaysian government, telecommunications providers will now seize and screen all SMS sent out in Malaysia for “prohibited contents.” Ostensibly to protect individuals from falling victim to online scams, all SMSs containing URLs, phone numbers, identity card numbers, bank accounts, or other personal details will be blocked.
T-Mobile Discloses Second Data Breach Since the Start of 2023
After discovering a data breach that leaked the personal information of 37 million customers, T-Mobile disclosed that it was hit by another data breach in February 2023. In part due to precautions the telecommunications company put in place after its first data breach, this most recent breach only affected 836 customers. It is the eighth data breach disclosed by T-Mobile since 2018.
Osano Blog: ChatGPT vs Privacy—How Concerned Should We Be?
ChatGPT is once again available in Italy after being initially banned by Italian data protection authorities. But what does the future of AI and privacy look like? How long will ChatGPT remain available in the EU? Read our blog to find out.
If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you.
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.