Hello all, and happy Thursday!
If you’ve been a regular reader of this newsletter, then you know that I’ve been following the drama that’s been unfolding between the UK government and Apple. A quick recap:
Now, it appears that the UK has backed down from its demand for a backdoor to iCloud encryption. It’s a win for privacy to be sure, but it’s also a stark reminder that even end-to-end encryption isn’t a guarantee that nobody's snooping.
Best,
Arlo
Blog: Server-Side Tracking: What Is It, and How Does It Impact Privacy Compliance?
Marketers seeking to regain access to data from ad blockers, cookie deprecation, and opt-outs might investigate server-side tracking as an alternative to traditional client-side approaches to tracking. There are some advantages to server-side tracking, but it’s no panacea. Find out more about server-side tracking and its privacy implications here.
Meetup Series: AI, IRL: At Home
Join us in the Osanoverse Saloon for the first meetup of our AI, IRL series! In August, we'll be chatting about how we use AI in our personal lives. From wearables to wellness hacks to therapists and home devices, data privacy and AI expert speakers will talk about all the risks and opportunities AI presents in our personal lives. Find out more about the meetup series and register with the link below.
Britain abandoned its demand that Apple provide backdoor access to any encrypted user data stored in the cloud, said U.S. Director of National Intelligence Tulsi Gabbard. Gabbard indicated London and Washington had resolved their high-stakes dispute over electronic privacy, writing on X that she, President Donald Trump, and Vice President JD Vance spent the “past few months” working with the U.K. government.
Montana is now the third state to adopt an amendment regulating neural data—or, as defined in Montana’s law, “neurotechnology data.” SB163 amends the Genetic Information Privacy Act (GIPA) and goes into effect on October 1, 2025. Unlike the amendments in Colorado and California, Montana’s addition affects the state’s genetic privacy statute instead of a more general consumer privacy law.
Ken Paxton has opened an investigation into artificial intelligence chatbot platforms for potentially engaging in deceptive trade practices and misleadingly marketing themselves as mental health tools.
A federal district court declined to step in and review a combined $92 million fine imposed by the Federal Communications Commission on T-Mobile and Sprint for selling customer geolocation data to third parties, ruling that the FCC “correctly determined” that customer location data is protected under the Communications Act and that T-Mobile and Sprint “therefore had a duty to protect such information from misuse by third parties.”
The UK government published staged commencement dates for the new Data (Use & Access) Act, which updates the UK GDPR and related data privacy laws, outlining when specific provisions will take effect. This roadmap provides clarity for organizations to align compliance planning with the law’s rollout.
There's more to explore:
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If you’re interested in working at Osano, check out our Careers page!