Hello all, and happy Thursday!
Everyone is abuzz about the American Privacy Rights Act (APRA)! It should come as no surprise—a U.S. federal data privacy regulation seems like it’s only a matter of time now. However, if you read through our newsletter last week, you’ll know that there is a long legislative path ahead for the APRA. If it is passed, it will almost certainly differ substantially from the way the bill is written today. Nevertheless, our newsletter features multiple stories this week discussing the nitty-gritty of the law.
Meanwhile, states are charging ahead with their own data privacy laws. Kentucky, Maryland, and Nebraska have recently enacted or are on the brink of enacting their own laws—in lieu of a federal law, state legislators recognize the need to protect their constituents’ data privacy rights.
But it’s a mistake to let U.S. data privacy news take the oxygen out of the room. Data privacy is an evolving space; that means legislators and regulators are watching each other. Trends are global, and what happens in one jurisdiction affects what happens in others. Even though U.S. privacy laws’ approach to consent differs from the EU’s, I’d keep a close eye on the European Data Protection Board’s ruling on Meta’s “Pay or Okay” model. Not only will that affect how platforms choose to interact with Europe going forward, it could have unpredictable impacts on how organizations choose to comply with other data privacy regulations globally.
Best,
Arlo
Top Privacy Stories of the Week
IAPP's J. Trevor Hughes discusses proposed APRA on NYT podcast
On the 12 April edition of The New York Times' "Hard Fork" podcast, The International Association of Privacy Professionals’ (IAPP’s) President and CEO J. Trevor Hughes, recently spoke on The New York Times’ “Hard Fork” podcast on the key provisions of the proposed American Privacy Rights Act (APRA) as well as the dwindling sources of training data available for AI developers.
APRA: A Real Privacy Law? House Lawmakers Are Optimistic This Time
On Wednesday, U.S. House lawmakers discussed a variety of proposed data privacy bills during a hearing in the Energy and Commerce subcommittee on innovation, data, and commerce—notably including the American Privacy Rights Act (APRA). Lawmakers also touched on children’s online safety proposals like the Kids Online Safety Act, which recently got a House companion to the popular Senate bill, and COPPA 2.0, which would update and raise the age for protections for a long-standing online privacy bill for children.
EU Rights Groups Warn Meta’s ‘Consent or Pay’ Tactic Must Not Prevail Over Privacy
Nearly two dozen civil society groups and nonprofits have written an open letter to the European Data Protection Board (EDPB), urging it not to endorse a strategy used by Meta that they say is intended to bypass the EU’s privacy protections for commercial gain. The letter comes ahead of a meeting of the EDPB this week that is expected to produce guidance on a controversial tactic used by Meta that forces Facebook and Instagram users to consent to its tracking.
UK Privacy Regulator Details Next Stages of Its Strategy to Protect Children Online
The UK Information Commissioner’s Office (ICO) recently released a statement setting out its strategy for the next phase of implementing its children’s code of practice (also known as the (AADC). The ICO will look at social media platforms’ default settings for children’s profiles, recommender systems, and how they obtain consent to the processing of children’s data. The statement also indicates that the ICO will conduct audits of EdTech providers to identify privacy risks and potential noncompliance with applicable legislation.
Osano Blog: AI and Privacy: Why AI Governance Is Turning to Privacy Leaders
Need to clarify why data privacy matters for AI? Our post, written by Osano Head of Privacy Rachael Ormiston, illustrates why and how AI intersects with multiple domains, including data privacy.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert
Arlo Gilbert
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.