California Remains a Privacy Bellwether
Hello all, and happy Thursday!Read Now
August 3, 2023
Hello all, and happy Thursday!
With Twitter’s (or should I say X’s?) slow implosion, it’s worth looking at the privacy practices of their newest competitor—Meta’s Threads.
To nobody’s surprise, Threads follows the same patterns as many of Meta’s other products in terms of excessive data collection. To join Threads, you need to agree to hand over your health and financial information, location, search history, and other info that has little to do with the actual service Threads provides.
Our EU readers are probably raising an eyebrow over this, but so are EU regulators—Threads is not available in the EU at the moment. Instagram chief Adam Mosseri says that Threads will not be available in the EU for “many months” due to the complexity of bringing the app into compliance with EU regulations.
Ultimately, it seems unlikely that any Meta products will do anything aside from collecting as much personal information as is permissible under the law. One need only look at Facebook’s perpetual struggles with GDPR regulators for proof. So long as Meta’s core business relies on the sale of advertisements, collecting user data will simply be too valuable, even with the sometimes staggering fines issued by EU authorities.
For fans of microblogging but not of Meta’s data collection practices or the chaotic changes going on at X/Twitter, Fediverse alternatives like Mastodon might seem attractive.
(A discussion of the Fediverse is sadly outside the scope of this newsletter, but if you’re curious about the subject, this article does a good job summarizing).
Unfortunately, the nature of the Fediverse means that privacy policies and terms of service are up to individual instance administrators. If your Mastodon instance does a good job by data privacy, it might still federate with other instances that are sending your posts and personal data to unknown third parties. And guess what? Meta is also on the Fediverse.
Will there ever be a privacy-focused social media network? Or are privacy and social media simply incompatible? At present, it looks like the latter is the case.
The International Association of Privacy Professionals (IAPP) has released its annual report on privacy risk. In this year’s report, privacy leaders identified geopolitical instability, rapidly maturing and emerging technologies, lack of available talent, and increasing shareholder and regulatory expectations as some of the most significant challenges, revealing concerns about an increasingly fragmented and unpredictable world.
Government agencies are not permitted to collect personal information without a warrant under the Fourth Amendment—however, the so-called “Data-Broker Loophole” allows them to purchase this information. A bill titled “The Fourth Amendment is Not for Sale” Act—which would close this loophole—recently passed the House Judiciary Committee and will soon be up for a floor vote in the House.
NOYB (or “None of Your Business”), led by Austrian privacy activist Max Schrems, recently filed a complaint against Ryanair, alleging that the airline is violating customers' data protection rights by using facial recognition to verify their identity when booking through online travel agents.
Recently, the California Privacy Protection Agency (CPPA) said it will be reviewing the data privacy practices of connected car manufacturers. Specifically, the CPPA cited concerns that features like web-based entertainment, location sharing, cameras, and smartphone integration could be noncompliantly processing personal information.
The FTC will require Amazon to overhaul its deletion practices and implement stringent privacy safeguards to settle charges the company violated the Children’s Online Privacy Protection Act Rule (COPPA Rule).
Privacy experts warn consumers about Meta’s new microblogging platform, Threads, and its data collection practices. According to experts, Threads shares the same pattern of excessive personal information collection as other Meta products, like Instagram and Facebook,
Managing a privacy program from end to end involves a lot of work, nuance, and insight—not to mention a lot of research. Now, you can review all of Osano’s guidance on privacy program management in one place.
If you’re interested in working at Osano, check out our Careers page!
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.