Tryptophan Won’t Put the Privacy World to Sleep
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Updated: May 19, 2021
Published: April 6, 2021
Welcome to Privacy Insider newsletter, a round-up of the week's most important privacy news.
How much is personal data worth? That's a fascinating question. How would we even decide that? Would certain data be considered more valuable than other data? Let's say I went into a store where I could sell my data. Could I ask the clerk to pay me to double the amount for my health care records that she would for my email address?
This week, the Wall Street Journal reported on the ongoing TikTok case. It's a long story you can read about below if you want, but basically: TikTok is accused of collecting users' data without consent. Now lawyers are debating the settlement's amount. Right now, it's at $92 million, but that's not a huge payout per person when it gets divided among thousands of people. That could happen if enough of those impacted learn about the case.
Even more interesting than putting a money value on data -- the data companies collect from us and use to make profits -- is the idea of data ownership. Some say the solution to companies' greedy data grabs is to allow users to own their data. Then they could use it however they want: Sell it, rent it, give it away to charity.
The Financial Times has a calculator that allows you to find out how valuable your data is, the going rate if you will. Former Secretary of the U.S. Chamber of Commerce, John Kerry, gave it a whirl: his data was worth $1.78 because he travels a lot, but the default value is $0.007, according to Kerry's report.
Lawmakers have introduced a couple of bills in recent years that would give individuals a "property right" over their data. They never went anywhere, but more are sure to spring up. Who knows, we could find ourselves hawking our data for wares in the not-too-distant future.
Enjoy reading, and I'll see you next week!
1. Supreme Court delivers robocall ruling in 'landmark decision'
JD Supra reports on the Supreme Court's "landmark decision" released April 2 that answers the long squabbled-over question: What constitutes an autodialer? In Facebook v. Duguid, the Supreme Court said "autodialers" under the Telephone Consumer Protection Act (TCPA) must "not only dial stored numbers using a random or sequential number generator, it must also have generated those numbers in the first place." Facebook did not generate the numbers themselves; they were associated with Facebook user accounts. The decision will have a massive impact on TCPA compliance for companies who call or text customers, the report states.
Read Story
2. French DPA starts internet sweep for compliance with new cookie rules
The French data protection authority, CNIL, started doing sweeps of websites for compliance with its new guidelines on cookies. Now that the April 1 enforcement date has passed, the CNIL is looking for sites' collection of consents for ad tracking cookies. Users must take a "clear and positive act" like clicking "I accept" for cookies deployment. It must also be as easy for users to withdraw consent as to give it, per the new rules.
Read Story
3. TikTok case begs the question: How much is personal data worth?
The legal dispute over TikTok's proposed $92 million settlement over claims the company illegally collected user data stems from a disagreement over the payout's size, The Wall Street Journal reports. Jay Edelson, one of the plaintiffs' attorneys objecting to the settlement, said the case presents an interesting question: How much is an alleged privacy violation worth?"
Read Story
4. Whistleblower to privacy authority: Company 'underplayed' breach fallout
In January, Internet-of-Things device vendor Ubiquiti disclosed it had a data breach. But a security professional who helped the company with its response told the European Data Protection Supervisor that the company "misrepresented the impact of a recent data breach to the public," Security Boulevard reports. The company advised users there wasn't evidence hackers "misused a user account" or had access to databases their information. But the whistleblower said that isn't true, and the breach was "catastrophically worse than reported."
Read Story
5. Facebook and Health Net breaches indicate US needs a privacy law
"How many data breaches will it take before our leaders accept the need for a national privacy law?" That's the question David Lazarus asks in this piece for the Los Angeles Times. Over the weekend, Facebook disclosed that hackers accessed more than half a billion users' names, birth dates and email addresses. Recently, health insurance company Health Net notified policyholders of a breach involving their confidential medical records after hackers accessed one of Health Net's third-party vendor's servers. Still, Washington can't seem to make progress on a federal bill.
Read Story
6. Oklahoma's privacy bill is dead; Washington's still has a (slight) pulse
While it seemed to be gaining momentum in recent weeks, Oklahoma's Computer Data Privacy Act has died. The bill would have required businesses to get consumers' consent to collect their data. It also would have required consumers to opt-in to businesses selling their personal information. While the Washington Privacy Act, which contains similar provisions to Oklahoma's bill, still lives, things aren't looking good, the National Law Review reports.
Read Story
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.