What a Week. Lots to Unpack.
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: November 30, 2023
Hello all, and happy Thursday!
As anticipated, Meta’s latest effort to contend with EU data privacy regulation is being challenged.
In an effort to comply with EU regulations like the DMA and GDPR, Meta has begun offering a tiered subscription model to its various services, like Facebook and Instagram. EU users can either pay a monthly fee to access ad-free social media or continue to use Meta’s services for free and agree to share their personal data and receive targeted ads. It's important to note that selling ads makes up the vast majority of Meta’s revenue.
Max Schrems’ none of your business (stylized as “noyb”) has issued a complaint against Meta for this practice, dubbing it a “pay or okay” approach to personal data collection. Ultimately, they argue, it serves to coerce individuals into giving up their fundamental rights.
Furthermore, Meta is the first major tech company to attempt this approach in the EU—if they succeed, other tech companies may choose to offer a non-data tracking subscription tier, potentially piling on the costs for those individuals who wish to retain their data privacy rights under the GDPR.
This begs the question, however; how are businesses like Meta supposed to respect the GDPR and stay profitable if this new subscription model isn’t acceptable? Are they just supposed to provide their services for free? It’s a fair point. Conceivably, however, Meta could provide non-targeted advertisements without violating the EU’s data privacy regulations.
Regardless of which side of this issue you land on, it’s a good idea to watch Meta’s subscription model in the EU. It could become a standard that social media and tech companies adopt in the future.
Best,
Arlo
Australian Information Commissioner Angelene Falk has appointed a new Privacy Commissioner and FOI Commissioner. This marks the first time since 2015 that the Office of the Australian Information Commissioner (OAIC) has a standalone FOI Commissioner, Privacy Commissioner, and Information Commissioner, as originally enacted by parliament.
Privacy rights group None of Your Business (“noyb”) has issued a legal challenge against Meta’s new EU subscription model, in which users may either forfeit their privacy and receive targeted ads on Meta’s platforms or pay a subscription fee. Dubbed “Pay or Okay,” noyb contends that this subscription model amounts to a “fundamental rights fee.”
On November 27th, the Council of the European Union formally adopted the Data Act. The act requires manufacturers and service providers to let their users access and reuse the data generated by the use of their products or services and allows users to share that data with third parties.
The California Privacy Protection Agency (CPPA) recently published its draft regulations on automated decision-making technology (ADMT), which it broadly defines to include AI technologies. The proposed regulations would require businesses to provide a notice informing individuals about the use of ADMT and the right to opt out of or access information about the ADMT in use.
Recently, the UK House of Lords introduced the Artificial Intelligence Bill. The bill incorporates concepts similar to other AI proposals and legislation around the world, though it still has a long way to go in the UK legislative process.
When solving for a data privacy challenge, businesses often have to decide: Is it better to purchase a targeted point solution even though you’ll likely face future privacy challenges, or pay more for a holistic privacy platform? In this blog, we provide guidance that may help you pinpoint where you fall on that spectrum.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.