
Which Stakeholder Impacts Your Job the Most?
Hello all, and happy Thursday!
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: January 16, 2025
Hello all, and happy Thursday!
How much of an impact could a €400 fine have?
The EU General Court recently decided to award Thomas Bindl €400 when the EU Commission transferred some of his personal information to the US after Bindl logged into Facebook on a Commission-managed website.
It doesn’t make for much of a headline, especially compared to the €1.2 billion fine Meta received in 2023. Bindl’s windfall might mean he could spring for a new TV or sound system. But the compelling part of the Bindl decision isn’t the sum he was awarded, and it isn’t even the fact that one official EU body ruled against another—it’s the fact that an individual was awarded damages for a GDPR violation.
Now, precedent has been set, and we all know that most data privacy violations involve thousands or even millions of individuals’ data. With the Bindl decision, the door is open for class action in the EU. The timing is especially relevant given that NOYB was recently given the power to bring collective redress actions in Austria and Ireland.
Osano’s Head of Privacy Rachael Ormiston has written a quick post diving into more detail on the matter—check out the “What’s New” section below to find out more.
Best,
Arlo
At first glance, the headline looks like a typo: The EU rules against the EU…for breaching EU data protection law? But you read it right. Find out what this case means for compliance with EU data privacy laws.
With more privacy laws to keep track of in 2025, you may be expecting a bigger workload than last year. That doesn’t have to be the case. In this webinar, Osano’s Cait Ward and Chris Simpson teach you how to move faster, gain visibility, shorten the time to deploy banners and assessments, and automate in all the right places.
Save Your Seat | Today at 1 PM EST!
Osano’s Rachael Ormiston teams up with Husch Blackwell’s Shelby Dolen and TK Lively to break down the new requirements businesses will face in 2025.
It's a new year, and for privacy teams, that means a new budget. The question is: How do you spend that budget to get the most bang for your buck? Osano’s Head of Privacy and Chief Customer Officer walk through the most and least effective ways to spend your privacy budget.
Save Your Seat | January 29th
On January 13, the Texas Attorney General’s Office filed its first lawsuit enforcing the Texas Data Privacy and Security Act (TDPSA). The lawsuit centers on Allstate Corporation and five of its subsidiaries, alleging that the defendants developed a software development kit (SDK) that they licensed to third parties to integrate into their mobile applications. The defendants then allegedly used the SDK to harvest data like mobile phone’s geolocation data, trip attributes, GPS points, derived events (e.g., acceleration, speeding, and distracted driving), and metadata without notice or consent.
As one of her last acts in office, Oregon Attorney General (AG) Ellen Rosenblum issued guidance for businesses deploying artificial intelligence (AI) technologies. The guidance highlights the risks associated with the commercial use of AI and underscores that, despite the absence of a specific AI law in Oregon, a company’s use of AI must still comply with existing laws.
The California Privacy Protection Agency (CPPA) announced it would extend the formal public comment period for the proposed updates to the California Consumer Privacy Act regulations regarding cybersecurity audits, risk assessments, automated decision-making technology (ADMT), and insurance companies to ensure all Californians, including those affected by the devastating wildfires in Southern California, have the opportunity to participate.
Today (Thursday, January 16th), EU lawmakers will decide on the successor to Wojciech Wiewiórowski. Four candidates are hoping to become the next European Data Protection Supervisor (EDPS)—the privacy watchdog of the EU institutions.
California Attorney General Rob Bonta recently issued two legal advisories, reminding consumers of their rights and advising businesses and healthcare entities who develop, sell, or use artificial intelligence (AI) about their obligations under California law.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.