Happy Thursday everybody! In this edition of Privacy Insider, we cover some news about recent updates to data privacy laws. Specifically, the UK has announced it will move away from the GDPR and develop its own data privacy law, and the Biden administration received input on what a future US privacy law should look like.
This raises what is one of the core challenges to data privacy today; there are just too many laws with too many different requirements.
Some folks in the data privacy world hold the assumption that eventually these laws will standardize, and there will be roughly one agreed-upon approach to handling data privacy, no matter where your business is located. That’s certainly the hope of international businesses, who have to dedicate a significant amount of resources toward becoming compliant in every jurisdiction they have customers.
But there are a few reasons why data privacy regulation standardization isn’t a certainty. For one, it would require international governments to agree on some pretty major issues. The EU’s allergy to US intelligence agencies’ broad surveillance powers has already blown up several international data transfer agreements, for instance.
Another issue is the pace at which legislation moves. Data privacy regulations are, in the grand scheme of things, very new. As our newsletter today demonstrates, they’re still being created, diversifying, and branching off from one another. How long will it take for governments and organizations to agree upon and enact a common framework?
Lastly, there’s the fact that data privacy isn’t solely a legal issue, but also a technological and, in many ways, cultural issue too. We may agree on the legal rules around data privacy, but the way we collect, store, and disseminate data may not be the same tomorrow as it is today. What constitutes “privacy” today might not be what “privacy” is tomorrow.
When people talk about data privacy standardization, they’re really talking about data privacy simplification. Fundamentally, however, data privacy is complicated. But that’s why we’re in the business that we’re in—to make data privacy simpler.
Why Google is scrubbing personal info from search results
Google recently released “Results About You,” a new feature that enables users to remove their address, phone number, and other personal information from search results. In the future, the tool will also permit users to set alerts if new results with their contact information begin appearing. Gizmodo reports interviewed Google’s public liaison for Search to learn more about the feature.
EFF urges FTC to address security and privacy problems in daycare and early education apps
The Electronic Frontiers Foundation (EFF) investigators have discovered that early education and daycare apps have several security risks, such as allowing public access to children’s photos, weak password policies, data sharing with Facebook, and more. As a followup to this investigation, the EFF has sent a letter to the FTC urging it to review the lack of privacy and security protections among daycare and early education apps.
The FCC shares mobile carriers’ responses to data privacy probe
After requesting information about mobile carriers’ data retention, privacy policies, and privacy practices, the Federal Communications Commission (FCC) has shared the nation’s top 15 mobile carriers’ responses.
Biden administration hears calls for civil rights considerations in data privacy reforms
In a recent listening session with Biden administration officials, members of the Lawyers’ Committee for Civil Rights Under Law called for an added focus on how data privacy reform can preserve and reinforce civil rights. Afterward, the attendees spoke with an interviewer from the Center for European Policy Analysis (CEPA).
UK to replace GDPR
Culture secretary Michele Donelan announced that the UK government would be replacing the General Data Protection Regulation (GDPR), which she described as a law the UK had “inherited” from the European Union. “Our plan will protect consumer privacy and keep their data safe while retaining our data adequacy so that businesses can of course trade freely,” said Donelan. “I can promise to you here today… that it will be simpler, it will be clearer for businesses to navigate — no longer will our businesses be shackled by lots of unnecessary red tape.”
Osano blog: Manage privacy at scale with Osano’s enterprise access control
When you manage multiple websites, compliance becomes exponentially more complicated. Managing access well is essential to reducing your risk and staying compliant without overextending yourself. In this blog, we cover the ways some of our customers use Osano's access control features to make managing multiple domains simpler.
Interested in working at Osano? Check out our Careers page! We might have the perfect opportunity for you.