Another Privacy Law is Online!
Hello all, and happy Thursday!
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: July 25, 2024
Hello all, and happy Thursday!
Bucking industry trends (and its own plans), Google has announced that it will not be phasing out support for third-party cookies after all. For any Lord of The Rings fans out there, I’m reminded of when Bilbo hesitates to leave the ring to Frodo after his birthday party in The Fellowship of the Ring. “After all, why not?” said Google (more or less) in its blog post. “Why shouldn't I keep [third-party cookies]?"
The announcement comes after multiple postponements of its third-party cookie deprecation. Now, it appears that Google will be taking a hybrid approach that “lets people make an informed choice that applies across their web browsing,” combining its proposed alternative, the Privacy Sandbox, with third-party cookies. Google’s post isn’t exactly clear on what this approach will look like in practice, but more details will surely come in the future.
So, what does this mean from a consent management perspective?
Not much! Third-party cookies can violate data privacy rights but are perfectly fine when managed correctly. At the same time, first-party cookies still collect personal information that requires consent under data privacy regulations. If you choose to use third-party cookies on your website, you’ll just need to configure your consent management solution appropriately.
Meanwhile, other browsers’ decisions to drop support for third-party cookies and Google’s wavering on this subject have encouraged businesses to seek new and more privacy-conscious approaches for data collection and advertising. Regulators, too, seem to be ramping up enforcement across industries and jurisdictions. For consumers, it seems unlikely that this news will result in any rollback to their data privacy protections.
So ultimately, while the headline may have given you whiplash, it may not amount to all that much change in terms of the state of data privacy. That, of course, depends on what Google chooses to do next.
Best,
Arlo
P.S. Speaking of the rapidly changing data privacy landscape, if you’ve been feeling a bit overwhelmed by the tangle of data privacy regulations your organization is subject to, we’ve got just the webinar for you. “Navigating the Regulation Jungle: Be Compliant, Work Efficiently, and Stay Sane” goes live August 1st at 1 PM EST!
Google has decided to keep third-party cookies in its internet browser after years of pledging to scrap them. In an announcement on its blog, the internet company said it would not be "deprecating third-party cookies” anymore. Instead, Google promised to introduce a new feature of its internet browser that "lets people make an informed choice that applies across their web browsing.”
During the upcoming 2024 Paris Olympics, government and private companies will be using advanced AI tools and other surveillance tech to conduct pervasive and persistent surveillance before, during, and after the Games. The surveillance plans are so extensive that the country had to change its laws to make the planned surveillance legal. In the article below, a legal expert breaks down the ramifications of this plan.
Oracle has agreed to a $115 million settlement to end a two-year class action lawsuit that alleged misuse of user data. The settlement ensures Oracle commits to addressing the alleged privacy violations through binding promises that it will "not capture certain complained-of electronic communications and will implement an audit program to review its customers' compliance with contractual consumer privacy obligations."
Effective immediately, processing German health-related personal data may only be carried out in Germany, the EEA, or in a third country that provides adequate protection as per a European Commission decision. If data processing is carried out in a third country providing adequate protection, providers of cloud computing services are further required to have a residence within Germany. In short, this means that other safeguard mechanisms such as the execution of Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCR) will no longer be considered an adequate guarantee for global companies that provide cloud computing services when carrying out some and/or all of the healthcare-related data processing for German clients in a third country that currently does not provide an adequate protection as per a European Commission decision today.
Senate Majority Leader Chuck Schumer will soon bring two key kids online safety bills up for a vote after securing enough support for passage, his office said. Specifically, the chamber will vote on Sens. Richard Blumenthal and Marsha Blackburn's Kids Online Safety Act and Sens. Ed Markey and Bill Cassidy's Children's and Teens Online Privacy Protection Act.
In the wake of Google’s announcement that it will no longer be phasing out third-party cookies, you might be wondering: what exactly is a third-party cookie anyhow? Our blog covers all the basics.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.