California Remains a Privacy Bellwether
Hello all, and happy Thursday!Read Now
June 15, 2023
Hello all, and happy Thursday!
In what is becoming a reoccurring theme to this newsletter, I wanted to take the time to remind our subscribers of some upcoming enforcement dates for U.S. data privacy regulations: Specifically, Colorado and Connecticut both have data privacy laws that take effect July 1.
Now, Colorado and Connecticut may not be in the same weight class as California, but there are still plenty of potential website visitors and customers from those states who will suddenly have new rights as of July. Colorado has a little under 6 million residents, and Connecticut has a little under 4 million—that’s a far cry from California’s 39 million, but it’s nothing to sneeze at either.
Nine states have their own data privacy laws, and ten more have active bills in the legislative process; I expect to announce many more upcoming effective dates in the future. If you want to keep tabs on all of these laws, you can check in on this regularly updated resource from the International Association of Privacy Professionals—or just keep checking in on this newsletter.
The EU has passed the first comprehensive AI regulation, called the AI Act. The act prohibits the use of AI for social scoring and real-time biometric identification systems, among other use cases.
Google's plan to roll out Bard, its AI chatbot, throughout the EU has been blocked after the Irish Data Protection Commission, the company's primary data regulator in the region, voiced privacy concerns.
Both chambers of the Louisiana State Legislature voted unanimously to pass a bill that requires under-18-year-olds to gain parental permission before making social media accounts. The bill is part of a trend of laws in conservative states like Utah and Arkansas that seek to limit adolescents’ unrestricted access to social media.
Apple will remove tracking data from links shared in Messages and Mail. Marketers rely on these tracking parameters to measure ad campaign performance; however, they can also be used to profile users’ behavior.
"Clean rooms” have been presented as a solution to privacy-centric advertising—in essence, they give advertisers, platforms, and publishers a way to securely share their own aggregated data without giving too much information away to other parties. Now, Wayfair is piloting new clean room tech to gain insight into the performance of their ads on Pinterest.
Two years after opening an investigation into Google for favoring its own advertising services, the European Commission said Google might have to sell part of its adtech business because of its anti-competitive practices.
In mid-March, the Consumer Finance Protection Bureau (CFPB) launched a public inquiry into the data broker industry to better understand how to regulate companies whose primary business is the collection and sale of personal information to others. Now, the CFPB is extending the deadline for public comments to July 15.
With the CTDPA going into effect July 1, businesses serving Connecticut residents have little time left to become familiar with the law and their obligations to consumer data privacy. Check out our blog to learn the essentials of CTDPA compliance.
If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you.
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.