.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.webp?width=1220&height=1090&name=Osano-guarantee-seal%20(1).webp)
Hello all, and happy Thursday!
On the heels of our recent webinar on reducing CIPA and wiretapping risk, a recent court decision has caused yet more confusion on how these decades-old laws apply to modern web tracking technologies.
A wiretap lawsuit against a large health insurance provider for alleged violations under the Pennsylvania Wiretapping and Electronic Surveillance Act (WESCA) was recently dismissed. The judge ruled that even though tracking began as soon as consumers landed on the website, their later consent to the business’s terms of service (which contained their privacy policy) constituted valid consent for tracking under WESCA.
In the broad scope of wiretap decisions, it’s something of an outlier–other courts have refused to dismiss cases where consent was obtained after tracking began. But I wanted to highlight this particular decision because it illustrates three key issues in wiretap lawsuits:
- How awkwardly these wiretap laws fit modern web tracking use cases
- How the judiciary as a whole can’t seem to agree on when and how wiretap laws apply (which very much stems from #1)
- How the undiminished tide of these cases speaks to Americans’ desire for stronger privacy controls than what contemporary laws provide
If you watched our webinar recently, rest assured, this development doesn’t change our guidance on how to reduce your risk. (And if you missed it, scroll down to find the on-demand link.) With how inconsistent the courts have been in their decisions on wiretap laws, the best bet is to not give opportunistic law firms an opening and adhere to an opt-in standard of consent.
Best,
Arlo
Events
On-Demand Webinar: Untap Those Wires: How to Reduce CIPA Risk with Your CMP
Thousands of lawsuits have been filed under decades-old wiretap laws in recent years, with the California Invasion of Privacy Act (CIPA) chief among them. How can you protect your business against opportunistic CIPA lawsuits? Chief Customer Officer Skye McCullough and Strategic Customer Success Manager Mark Brown explained everything you need to know. Watch the on-demand webinar, free and ungated, here.
Online Event: Navigating Identity in a Cookieless, Compliant World
Attending MarTech this year? Osano’s Senior Vice President of Product, Amar Ramakrishnan, will be speaking on Wednesday, March 4th, from 11:50 AM - 12:30 PM EST on a panel centered on the competing forces of personalization and privacy, and how marketing professionals can develop consent-driven relationships while still delivering relevant experiences.
Top Privacy Stories of the Week
Judge Dismisses Wiretapping Claims, Contributing to Inconsistency in Rulings
Recently, a Pennsylvania federal judge issued a noteworthy decision in which she dismissed wiretapping claims asserted against a large health insurance provider, ruling that the plaintiffs' agreement to the terms of service was sufficient consent to defeat the lawsuit. The ruling sits on the opposite end of the spectrum compared to previous rulings, underscoring how volatile and unpredictable wiretap cases can be.
Privacy Advocates Argue Proposed GDPR Amendments to Facilitate AI Training Miss the Mark
There are two proposed provisions in the EU Digital Omnibus to amend the GDPR, both of which are intended to simplify and facilitate artificial intelligence innovation. The amendments relate to a contentious topic: What is the legal basis for a large language model provider processing personal data for training LLMs, both regular and special-category?
WhatsApp Clears Fast Track To EU Court, Reshaping How Privacy Cases Are Fought
Recently, judges in Luxembourg said WhatsApp can go straight to EU courts to challenge a binding decision by Europe’s data watchdog, rather than waiting for national regulators. At stake is a simple but far-reaching question: How much room companies have to push back when EU bodies step in to guide enforcement of Europe’s flagship privacy law.
California Attorney General Sues El Cajon Over License Plate Reader Technology
California's Attorney General has filed a motion in the lawsuit against the city of El Cajon over its use of automatic license plate reader (ALPR) technology. Attorney General Rob Bonta claims the city’s sharing of data pulled from its ALPR systems is in violation of California's sanctuary laws, which prohibit local resources from being used to enforce federal immigration laws.
Industry Stakeholders Outline Considerations for Risk-Based Approaches to Age Verification
Age-verification tools are increasingly viewed as the silver bullet solution to improving children's online safety, supporting organizations' regulatory compliance efforts and building trust among parents and minors alike. During the Federal Trade Commission's age verification workshop, stakeholders outlined competing visions for how age-assurance tools should be deployed and to what extent companies should verify users' ages without undermining privacy.
Like what you see in the Privacy Insider newsletter?
There's more to explore:
🎙️The Privacy Insider Podcast
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
📱 The Osano Subreddit
Join our official subreddit to stay up to date on the latest news, analysis, guidance, and content from Osano!
📖 The Privacy Insider: How to Embrace Data Privacy and Join the Next Wave of Trusted Brands
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!
