Platform
- The Osano Platform Overview
  
  Get an overview of the simple, all-in-one data privacy platform
- Cookie Consent
  
  Manage consent for data privacy laws in 50+ countries
- Unified Consent & Preference Hub
  
  Streamline consent, utilize non-cookie data, and enhance customer trust
- Subject Rights Management
  
  Streamline and automate the DSAR workflow
- Data Mapping
  
  Automate and visualize data store discovery and classification
- Vendor Privacy Risk Management
  
  Ensure your customers’ data is in good hands
- Assessments
  
  Efficiently manage assessment workflows using custom or pre-built templates
- Features & Integrations
- Privacy Templates
- GDPR Representative
- Consult Privacy Team
- Regulatory Guidance
- Integrations
Solutions
- By Regulation
- CPRA
  
  Discover how Osano supports CPRA compliance
- CCPA
  
  Learn about the CCPA and how Osano can help
- GDPR
  
  Achieve compliance with one of the world’s most comprehensive data privacy laws
- By Organization Type
- Start-Up
  
  Don’t let data privacy compliance get in the way of growth
- Mid-Sized
  
  Preserve your competitive edge
- Enterprise
  
  Manage data privacy at scale
- By Use Case
- Consent Management
  
  Manage consent without the complexity
- DSAR Automation
  
  Never miss a DSAR deadline again
- Vendor Risk Management
  
  Regain insight and control over your customers’ data
- Privacy Program Management
  
  Build and grow an end-to-end privacy program
Resources
- View All Resources
- Articles
  
  Expert insights on all things privacy
- Resource Center
  
  Key resources to further your data privacy education
- U.S. Data Privacy Laws
  
  A guide to data privacy in the U.S.
- Topics
  
  Research the most essential privacy topics
- Newsletter
  
  Subscribe and become a Privacy Insider
- Our Pledge
  
  No fines, no penalties
- Product Updates
  
  What’s the latest with Osano?
- System Status
  
  What’s the status of account management systems, the platform, and support systems?
Stay in the loop with data privacy.
Get Your Copy of the Book
Company
- About Us
  
  The Osano story
- Careers
  
  Become an Osanian and help us build the future of privacy!
- Contact
  
  We’re eager to hear from you
- Our Pledge
  
  No fines, no penalties
- Data Licensing
  
  Add Osano data privacy ratings and recommendations to your application
- Osano Swag Store
- Press & Media
  
  Inquiries and Osano in the news
- Partners & Resellers
  
  Interested in partnering with us?
Pricing
Sign In Book a Demo

Data privacy never sleeps

Arlo Gilbert

January 5, 2023

Sign up for our newsletter

Hello all, and happy new year! Privacy Insider is back and running after our holiday hiatus. Although we may have been on a break, the world of data privacy didn’t see fit to pause for the holidays.

Plenty happened over the course of the previous few weeks—namely, plenty of end-of-year fines and penalties. Take a look at our newsletter below to see who got dinged for data privacy violations over the holidays as well as other data privacy developments and news.

And for those of you who came to this newsletter looking for CPRA guidance now that January 1st has come and gone, just scroll down to access our CPRA Survival Kit. In the coming weeks and months, as the CPRA and other 2023 laws come into force, we’ll be sure to continue to serve up actionable resources to help you maintain compliance.

Best,

Arlo

Cyber attacks set to become ‘uninsurable’, says Zurich chief
Mario Greco, chief executive of one of Europe’s biggest insurance companies, warned that cyber attacks may become uninsurable. As ransomware and other cyberattacks continue to rise and payments to resolve those incidents spirals higher, insurers may struggle to develop adequate policies for both insurers and insureds.
Read more

Twitter faces data-protection probe after '400 million' user details up for sale
A hacker operating under the pseudonym "Ryushi" is demanding $200,000 (£166,000) to delete data associated with 400 million user accounts. As a response to the leak, Irish data protection authorities have launched a probe into Twitter’s compliance data protection laws in relation to the incident.
Read more

Draft adequacy decision on EU-U.S. Data Privacy Framework published by the European Commission
The European Commission has published its draft adequacy decision on the new EU-U.S. Data Privacy Framework, essentially affirming that the framework provides a comparable level of safeguards for data subjects as the GDPR. As a next step, the European Data Protection Board will perform its own assessment and publish its opinion.
Read more

Epic Games to pay $520 million over FTC claims of children’s privacy violations
Epic Games, the publisher of the popular video game Fortnite, has settled an FTC lawsuit by paying $520 million. The FTC alleged that Epic Games unlawfully collected personal information and illegally used digital dark patterns to bill Fortnite users for unintentional in-game purchases. This included saving and using credit card information without parental consent, making it difficult for parents to review in-game purchases, alternating the buttons for previewing and purchasing an item to encourage mistaken purchases, and more.
Read more

New draft regulations for Colorado’s privacy law
The Colorado Attorney General has released a second set of draft regulations on the Colorado Data Privacy Act, which goes into effect July 1 of 2023. The draft regulations make updates related to the definitions of employee, employment records, and biometric identifiers, among other terms; notice requirements; universal opt-out mechanisms; security measures; consent; and data protection assessment requirements.
Read more

Meta agrees to pay $725 million to settle privacy lawsuit
After improperly disclosing the personal information of 87 million users in the Cambridge Analytica scandal, Meta has agreed to settle a class-action lawsuit with a $725 million payment. The settlement follows on the heels of a $5 billion payment made to the FTC over the same scandal as well as a $100 million payment to the SEC.
Read more

Irish data protection authorities levy a $400 million fine against Meta
After a European Court found that Meta’s legal justification for personalized ads was not valid, Irish data protection authorities have enforced that decision with a $400 million penalty and an order to identify a different legal basis. Previously, Meta argued that users consented to personalized advertising by reviewing their terms and conditions, an approach which European authorities have invalidated.
Read more

Meta paid over 80% of the EU’s 2022 GDPR fines
Of the €832,000 in fines levied out by European data protection authorities for GDPR violations in 2022, Meta paid more than 80%. This figure comes from a recent analysis by Atlas VPN on the GDPR enforcement in 2022. In total, Meta has paid over a billion euros in GDPR fines over the years.
Read more

Osano’s CPRA survival kit
2023 is here and with it, the CPRA. Since you’re subscribed to this newsletter, you’ve surely heard us ring the alarm bells about getting prepared for the CPRA—right?! If CPRA compliance at your organization is still a work in progress, don’t panic. We’ve gathered all of our most actionable CPRA-related resources on one page. Consider bookmarking it to review at your leisure.
Review the survival kit

Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.

Schedule a demo of Osano today

Privacy Policy Checklist

Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.

Download Now

Arlo Gilbert

Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.

Blog

Check out some of our latest articles

Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.

View All Blog Posts View All Resources

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Book a Demo

Cookie Consent

Unified Consent & Preference Hub

Subject Rights Management

Data Mapping

Vendor Privacy Risk Management

Assessments

Privacy Templates

GDPR Representative

Consult Privacy Team

Regulatory Guidance

Integrations

CPRA

CCPA

GDPR

Start-Up

Mid-Sized

Enterprise

Consent Management

DSAR Automation

Vendor Risk Management

Privacy Program Management

Articles

Resource Center

U.S. Data Privacy Laws

Topics

Newsletter

Our Pledge

Product Updates

System Status

About Us

Careers

Contact

Our Pledge

Data Licensing

Osano Swag Store

Press & Media

Partners & Resellers

Data privacy never sleeps

Arlo Gilbert

In this article

Sign up for our newsletter

Share this article

Privacy Policy Checklist

Arlo Gilbert

Arlo Gilbert

Share this article

Blog

Check out some of our latest articles

The Buzz About the APRA

Federal Data Privacy 2.0

Announcing the Launch of the Osano Platform!

Simplify Data Privacy Compliance