We’ve brought you your usual serving of privacy news and stories, but I’ll keep the editorial short and sweet this week. Whether you’re celebrating the holiday or not, I hope you get to spend some quality with your friends and family. The Osano team will be back in the office on Monday, the 28th, and we’ll return to our regular schedule for Privacy Insider (at least until Christmas!)
UK ICO publishes new guidance and a tool for transfer risk assessments
Businesses that transfer data into or out of the UK will want to review the Information Commissioner's Office’s (ICO’s) new guidance and tool for conducting transfer risk assessments. The tool is a template document with questions and guidance that sets out one way to carry out a transfer risk assessment and helps businesses determine whether the transfer would undermine UK data protections.
Advocates, industry push data privacy bill in lame-duck session
The future of the American Data Privacy and Protection Act (ADPPA) became more clouded with the election of a new Congress, spurring advocates to push for the passage of the bill during the current lame-duck session. Although the bill enjoys bipartisan support, it also faces opposition from key figures that may dictate whether and how the legislation moves forward.
Meta's surveillance biz model targeted in UK 'right to object' GDPR lawsuit
Human rights campaigner Tanya O'Carroll has levied a lawsuit against Meta for continuing to serve targeted advertisements based on her personal information despite her withdrawal of consent. If the suit succeeds, it could establish precedent to deny Meta’s ability to track and profile people who object to its surveillance. Meta, in turn, is arguing that its core service is the delivery of personalized advertisements, and therefore O’Carroll’s and others’ lack of consent would not apply.
India proposes permitting cross-border data transfers with certain countries in new privacy bill
Three months after abruptly withdrawing data protection legislation in response to criticism from privacy advocates and tech companies, India has re-introduced a new comprehensive data protection law. The new bill features regulations on cross-border data transfers, whose absence had been the focal point of criticism in the previous iteration of the bill.
Prepare for employee DSARs in California
Once January 1, 2023, rolls around, businesses subject to the CPRA will have to grant employee DSARs. Our infographic lays out the heightened risk associated with employee DSARs; the steps businesses need to take to create a scalable, sustainable DSAR workflow; and how having the right solutions on hand can be a game changer for your DSAR process.
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.