Join Robert each week as he navigates the ever-changing landscape of data breaches, surveillance, and individual rights, offering expert insights and actionable advice to help you take control of your digital footprint. Join him for lively discussions, in-depth interviews, and practical tips to protect your privacy in today’s connected world.
The podcast The Privacy Corner is created by Robert Bateman. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
Privacy Corner Newsletter: January 2, 2025
In this edition:
▶ OpenAI faces penalties for GDPR breaches linked to ChatGPT, including transparency failures and inadequate age verification.
▶ California Privacy Protection Agency settles with two more data brokers
PayDae and The Data Group fined for failing to register under California’s Delete Act, with further enforcement anticipated.
▶ Google will permit device fingerprinting starting February 16, 2025, despite ICO objections.
Before we wrap up…
Privado.ai is thrilled to announce Bridge 2025: A Technical Privacy Summit, happening virtually from February 5-6, 2025.
👇 Discover actionable solutions that connect privacy laws to practical engineering strategies, including:
- Unlocking privacy ROI
- Navigating adtech compliance challenges
- Designing privacy-first engineering frameworks
Mark your calendars and join the privacy engineering revolution here:
https://www.privado.ai/bridge-privacy-summit
Privacy Corner Newsletter: December 19, 2024
In this edition:
The Irish DPA fines Meta €251 million over a 2018 data breach, the Dutch DPA fines Netflix €4.75 million for transparency failings, and the French DPA cracks down on non-compliant cookie banners.
▶ Irish DPA fines Meta €251 million over 2018 data breach
The fine follows a breach affecting 29 million Facebook accounts. The DPC found violations of GDPR’s data protection by design, breach reporting obligations, and more.
▶ Dutch DPA fines Netflix €4.75 million for transparency failures
Netflix failed to disclose adequate privacy information, leading to a fine for GDPR violations regarding transparency, data retention, and international data transfers.
▶ French DPA issues cookie banner crackdown
Website operators have one month to comply with stricter cookie consent rules, addressing dark patterns and ensuring an equal choice between accepting and rejecting cookies.
Privacy Corner Newsletter: Dec 5, 2024
In this edition:
The FTC proposes orders targeting sensitive data misuse, Australia bans kids from social media, and noyb gains new powers for collective GDPR actions.
▶ FTC targets sensitive location data misuse in proposed orders:
Gravy Analytics and Mobilewalla face sanctions for selling sensitive location data, including segments like “New Parents” and “LGBTQ+ Community.”
▶ Australia bans kids from social media and reforms privacy laws:
New laws require stricter age verification, ban accounts for under-16s, and introduce a tort for serious privacy invasions.
▶ Noyb gains rights to bring GDPR “class actions” across the EU:
Now recognized as a “qualified entity,” noyb can enforce collective claims and injunctions against GDPR violations.
Privacy Corner Newsletter: November 21, 2024
▶ German Court Opens the Door to Mass Data Breach Lawsuits:
Germany’s Federal Court rules that "loss of control" over personal data qualifies for damages under GDPR Article 82—no proof of distress or financial loss required.
▶ Meta’s ‘Unskippable Ads’ Solution Gains EDPB Attention
Meta launches a free tier with ads using minimal data and unskippable formats in response to EU demands.
▶ Cyber Resilience Act Imposes New Rules on Digital Products
The EU’s Cyber Resilience Act sets strict cybersecurity and data protection requirements for most digital products, with significant penalties for non-compliance starting 2027.
#Privado #ThePrivacyCorner #GDPR #EDPB #CyberAct #EU
Privacy Corner Newsletter: November 7, 2024
In this edition, we dive into the latest updates on GDPR fines, data broker enforcement, and the EU-US Data Privacy Framework review:
▶ Ireland fines LinkedIn €310 million, six years after a complaint—with full EDPB support:
The Irish DPC issues a €310 million fine against LinkedIn for GDPR violations, marking a significant shift in enforcement under new leadership.
▶ California prepares for a data broker enforcement sweep:
The California Privacy Protection Agency targets non-compliant data brokers, enforcing new registration and deletion requirements under the Delete Act.
▶ The EDPB reviews the first year of the EU-US Data Privacy Framework:
The EDPB’s first-year review of the EU-US DPF highlights both successes and areas for improvement in the data-sharing framework.
#privado #privacycodescanning #compliance #privacyengineering #gdpr #cpra #ccpa #mhmda #dataprivacy #compliance #softwarecodescanning
Privacy Corner Newsletter: October 24, 2024
This week, we dive into the UK’s resurrected data reform bill, ePrivacy Directive guidelines, and a new complaint against Pinterest.
▶ Back from the Dead: Comparing the UK’s New and Old Data Reform Bills
The UK has introduced a new Data (Use and Access) Bill (DUAB), which incorporates several proposals from the previously scrapped Data Protection and Digital Information Bill (DPDIB). The DUAB revives and reshapes key provisions, such as legitimate interests and cookie consent exemptions, while dropping several controversial aspects from its predecessor.
How might these changes in UK legislation affect your organization's data compliance strategy?
▶ EDPB Finalizes ePrivacy Directive Guidelines: Fingerprinting, SDKs, and APIs Firmly in Scope
The European Data Protection Board (EDPB) has published its final guidelines clarifying how the ePrivacy Directive applies to modern tracking technologies. Developers and privacy professionals should note that the Directive covers not just cookies but newer methods like device fingerprinting and SDKs—tightening consent requirements across digital platforms.
Are your tracking technologies compliant with the latest ePrivacy Directive guidelines?
▶ Pinterest Hit by noyb Complaint: Cookies and the Right to Data Recipient Information
A complaint has been filed by privacy group noyb against Pinterest, alleging insufficient disclosure about the sharing of users' personal data. The case could set a new precedent on the amount of detail required in responses to data subject access requests, especially regarding which third parties receive personal data.
Could your data subject access request processes withstand a similar challenge?
Privacy Corner Newsletter: October 10, 2024
▶ Court ruling on credit card data: The UK tribunal rules that credit card numbers alone may not always qualify as personal data, challenging the ICO’s interpretation. This decision could reshape how companies assess their data protection obligations after a breach. How will this impact your approach to classifying sensitive data?
▶ EDPB clarifies processor responsibilities: New guidance outlines the extent to which controllers are accountable for sub-processors. Critical insights for your GDPR compliance strategy.
▶ CJEU redefines legitimate interest: A commercial interest can now qualify as a legitimate interest under GDPR—but only under specific conditions. What this shift means for your data processing activities.
Sponsored by Privado.ai
Privacy Corner Newsletter: September 26, 2024
This week’s Privacy Corner highlights key developments in EU data protection:
▶ French CNIL: New guidelines set to affect over 10,000 mobile app developers; enforcement sweep scheduled for Spring 2025.
▶ UK ICO: Issued a reprimand to SkyBet, marking their most significant cookie action to date; 99% of top websites now comply with cookie regulations.
▶ EU Advocate General: Emphasized the need for clear and concise explanations of automated decisions; data subjects entitled to meaningful information about the decision-making process.
Sponsored by Privado.ai
Privacy Corner Newsletter: September 5, 2024
This newsletter covers key privacy developments, including:
▶ Uber's €290 Million GDPR Fine: The Dutch DPA fined Uber for failing to use appropriate safeguards when transferring personal data from its EU entity to the US, despite Uber's claim it wasn't necessary. This case highlights the confusion around international data transfers under GDPR.
▶ Swedish Pharmacies Fined for Using Meta Pixel (Even with Consent): These pharmacies demonstrate that getting user consent for tracking isn't enough. Organizations must also implement proper security measures and assess risks before using tracking tools.
▶ Google Loses Round in Chrome Tracking Case: A California court revived a lawsuit against Google for allegedly misleading users about data collection in Chrome's "Basic Browser Mode." The court ruled a "reasonable user" wouldn't expect such data collection without being signed in.
Privacy Corner Newsletter: August 15, 2024
Top Stories: 🚀
▶ Meta Challenges EDPB's "Consent or Pay" Opinion: Meta is suing the European data protection authorities over their opinion on "consent or pay" models, arguing it violates EU law.
▶ US Sues TikTok for Children's Privacy Violations: The US Department of Justice accuses TikTok of illegally collecting and using personal data from children under 13.
▶ The UK Information Commissioner's Office proposes a multi-million dollar fine against a data processor for a security breach.
Privacy Corner Newsletter: August 1, 2024
Top Stories:
▶️ Google Backtracks on Cookie Ban: Privacy Concerns or Regulatory Pressure? We explore Google's reversal on phasing out third-party cookies and the potential reasons behind it.
▶️ FTC Clarifies: Hashing Doesn't Anonymize Data The FTC reminds companies that masking data with hashing doesn't guarantee anonymity.
▶️ New York Pushes for Strict Tracking Regulations: But What's the Law? New York's Attorney General issues guidance on online tracking compliance, raising questions about legal grounds.
Privacy Corner Newsletter: July 18, 2024
Top Stories:
This Week's Privacy News:
US Privacy Update:
Comprehensive privacy laws in Texas and Oregon are now in effect.
Colorado's privacy law's opt-out mechanism for targeted ads is now active.
Federal privacy law seems unlikely in the near future.
Meta in Hot Water:
The EU is investigating Meta's "pay-or-OK" policy under the Digital Markets Act (DMA) for potentially violating user consent.
A potential fine of up to 10% of global turnover is on the table.
Grindr Loses GDPR Battle:
The dating app must pay a $6.1 million fine for sharing user data with advertisers without proper consent.
This case sets a precedent for how companies handle data revealing sexual orientation.
This Week in Privacy: Stalled Law, Meta's AI U-Turn, and Snap Appeasement
This edition of the Privacy Corner Newsletter dives into three key privacy headlines:
- Vermont's ambitious privacy bill, H.121, gets vetoed due to concerns about its impact on businesses. The bill included strong consumer rights and data minimization requirements.
- Meta delays its plan to train AI models on user posts following intervention from the Irish DPC. Privacy group noyb claims a "preliminary win" due to their complaints.
- The UK ICO reveals why it dropped an enforcement notice against Snap. The social media company took ten steps to address data protection risks associated with its My AI chatbot feature.
This Week's Privacy News Roundup: GDPR, Privacy Sandbox, and Child Data Protection
This week's Privacy Corner dives into key data privacy developments:
- UK Court Considers EU Law in GDPR Case: A UK court judgement clarifies the "household exemption" and "right of access" under the UK GDPR, referencing relevant EU law.
- Noyb Challenges Google Chrome's Privacy Sandbox Consent Flow: Privacy group noyb argues Google's method of obtaining consent for Topics ad targeting violates the GDPR.
- New York Enacts Strict Child Data Protection Act: New York introduces a strong child data privacy law with tight restrictions on data collection and a high bar for consent.
This week's Privacy Corner dives into several data privacy battles:
- EU privacy group noyb filed complaints against Meta alleging its AI training policy violates GDPR rules on transparency, data subject rights, and lawful processing.
- Noyb also targeted Microsoft, accusing them of misleading schools about their role in data processing for Microsoft 365 Education products and secretly tracking student data.
- The Australian privacy regulator dropped its investigation into TikTok's use of tracking pixels due to limitations in the outdated Privacy Act, but launched proceedings against healthcare provider Medibank for a massive data breach.
Privacy Corner Newsletter Summary
This week's newsletter covers several key privacy topics:
- EDPB vs OpenAI: The European Data Protection Board (EDPB) is investigating OpenAI's ChatGPT software to ensure it complies with GDPR regulations.
- UK's GDPR reforms are dead: The UK's attempt to reform data protection laws has stalled due to upcoming elections. The proposed changes, including a new "recognized legitimate interests" legal basis and relaxed data subject rights, are unlikely to be revived soon.
- Irish DPC's 2023 report: The Irish Data Protection Commissioner (DPC) report shows a significant increase in workload and fines issued in 2023.
This week's newsletter covers developments in AI regulation, enforcement actions by the ICO, and updates on the APRA draft.
Key takeaways:
This week's Privacy Corner dives into the latest data privacy developments:
🇬🇧 US: Maryland and Vermont passed groundbreaking privacy laws with strong data minimization requirements and a private right of action in Vermont (similar to California's CCPA).
🇬🇧 UK: The ICO is seeking views on how to uphold data subject rights in generative AI but avoids the right to rectification challenge.
🇪🇺 EU: The European Commission is investigating Meta (Facebook & Instagram) under the Digital Services Act (DSA) for potentially harming children and failing to meet age verification requirements.
This Week in Privacy: AGs Block US Privacy Bill, China Blamed for UK Hack, Finnish Retailer Fined Heavily
US: Attorneys General from 15 states oppose the American Privacy Rights Act (APRA) due to concerns about preemption of state privacy laws.
UK: Government suspects China of a cyberattack on the military payroll system, exposing names and bank details.
Finland: Data Protection Authority fines online store €856,000 for requiring account creation and indefinitely storing customer data.
This week's Privacy Corner newsletter covers a range of important topics:
In this week’s Privacy Corner Newsletter:
In this week’s Privacy Corner Newsletter:
Privacy News Roundup by Robert Bateman
California just released stricter guidelines for businesses. They can't ask for unnecessary personal info when you request access to your data.
Google agreed to delete billions of browsing records following a lawsuit claiming "Incognito Mode" wasn't truly private.
The UK is prioritizing children's online privacy! They'll be checking social media platforms like Facebook & YouTube to ensure they comply with child protection laws.
In this episode of The Privacy Corner, we cover three major privacy news from this week:
First, WorldCoin, a digital identity and cryptocurrency project by Sam Altman, faces legal challenges in Portugal and other countries due to its biometric data processing practices.
Second, the UK attributes a significant data breach of the Electoral Commission and an attempted cyber attack on its parliamentarians to China, raising concerns about national security.
Third, the FTC releases a report showcasing its vigorous privacy and security enforcement activities in 2023, including notable cases and their focus on artificial intelligence, sensitive data, and algorithmic accountability.
00:00 Welcome to The Privacy Corner!
00:11 WorldCoin's Legal Troubles Across the Globe
04:26 UK's Electoral Commission Data Breach Blamed on China
06:46 FTC's Busy Year in Privacy and Data Security
09:10 Closing Remarks and Easter Wishes
Join us for a special episode of the Privacy Corner as Robert Bateman, Data Privacy Expert, hosts Keir Lamont, Director for U.S. Legislation at the Future of Privacy Forum, on the My Health My Data Act, scheduled to take effect in Washington on March 31, 2024, for regulated entities.
This legislation stands as one of the most comprehensive and significant privacy laws enacted in the United States that explicitly aims to protect consumer health data.
Lamont shares his expert insights on how this law integrates into the broader framework of U.S. and state privacy regulations. The discussion deeply explores the application, intent, and enforcement of the My Health My Data Act.
Tune in to get an understanding of the law's potential impact on businesses, consumers, and the broader privacy landscape.
This week's episode of The Privacy Corner, with Robert Bateman and sponsored by Privado AI, covers three major privacy-related developments. Firstly, the OCR's updated guidance on tracking technologies for HIPAA covered entities, emphasizing strict regulations to avoid disclosing Protected Health Information (PHI) to vendors like Facebook and Google. Secondly, the Belgian DPA's decision supporting the use of legitimate interests in AI model training by analyzing a case involving Bank Y's discount scheme and the handling of transaction data. Lastly, the ICO's enforcement notice to the UK Home Office for failing to conduct a proper Data Protection Impact Assessment (DPIA) for its migrant ankle tagging scheme, indicating serious privacy oversights in the process. Additional discussions include the scope and implications of these developments and an announcement on an upcoming special edition with Keir Lamont on the Washington My Health My Data Act.
00:00 Welcome to The Privacy Corner!
00:12 HIPAA's New Guidance on Tracking Technologies
05:33 Belgian DPA's Decision on AI Training and Legitimate Interests
10:12 UK Government's Ankle Tagging Scheme Under Scrutiny
11:51 Closing Remarks and Upcoming Special Edition
In this episode of Privacy Corner, Robert Bateman discusses three major privacy-related developments. Firstly, the EU AI Act has been passed by the parliament, detailing the gradual enforcement of prohibited AI practices, general purpose AI system rules, and high risk AI system obligations. Secondly, Kentucky has passed a comprehensive privacy law, similar to Virginia's, encompassing data processing guidelines, consumer rights, and GDPR-inspired principles. Lastly, the European Commission has been sanctioned under data protection law for its use of Microsoft 365, highlighting issues in data processing agreements and data transfers.
In this episode of The Privacy Corner, Robert Bateman highlights the week's top privacy developments. He discusses a complex CJEU case related to the Transparency and Consent Framework in digital advertising, highlights bold statements from the FTC on privacy and data collection following significant enforcement cases, and examines the ICO's call for views on 'consent or pay' models. The episode covers the implications of these developments for data privacy and the responsibilities of companies in handling personal data.
Privacy week in review with Robert Bateman
President Biden issues a groundbreaking executive order on international data transfers, diverging sharply from the EU's approach. Meanwhile, in Canada, the Pornhub operator faces serious allegations of privacy violations, with consequences described as "devastating." Down in South Africa, a landmark enforcement against spam emails marks a first under direct marketing rules.
In this episode of 'The Privacy Corner', Robert Bateman shares his top three privacy news developments for the week. He discusses the significant privacy fine and order imposed on UK based antivirus company Avast by the Federal Trade Commission (FTC). He also talks about DoorDash's settlement under the California Consumer Privacy Act (CCPA) and the ongoing investigation of TikTok under the Digital Services Act (DSA). Throughout the video, Bateman breaks down the privacy and data protection related elements of each case, offering insightful commentary on these important developments.
In this episode of 'The Privacy Corner', Robert Bateman discusses the week's top three privacy developments. He talks about the California Privacy Protection Agency winning an appeal which makes its CPRA regulations enforceable. Also, he discusses the priorities set out by the French Data Protection Authority (CNIL) for enforcement up to 2024, which includes investigations related to the Olympic and Paralympic games, minors' data, and loyalty programs. Lastly, he describes a warning by the Federal Trade Commission (FTC) to companies about training their AI models on users. These developments imply a need for businesses to understand and comply with the implications of changing privacy regulations, especially in terms of AI usage and data protection.
Stay informed about the ever-evolving landscape of privacy with Robert Bateman in this episode of Privacy Corner. This week, he delves into key developments, including the UK government's approach to AI regulation, the Federal Trade Commission's case against data broker Cochava, and the recent report from the Connecticut Attorney General regarding the state's new data privacy act.
00:00 Introduction
00:15 UK's New Approach to AI Regulation
06:12 FTC vs Data Broker Cochava
09:53 Connecticut's Data Privacy Act Enforcement
12:36 Conclusion
In this week's Privacy Corner, Robert Bateman discusses three major privacy developments. The Italian regulator Garante contesting Chat GPT's GDPR compliance; Google's plan to incorporate its large language model 'Bard' into its messaging app, potentially raising e-privacy issues; and the ICO's update on its cookie sweep and the development of an AI tool to identify cookie violations. The video also delves into the history of OpenAI's allegations, the repercussions of Google's plan, and the ICO's interaction with non-compliant websites.
In this episode of The Privacy Corner, the first highlight is the French DPA's hefty fine on Amazon over its intrusive employee monitoring program. Up next is the Federal Trade Commission's (FTC) stern action against data broker, InMarket, for mishandling sensitive location data. The episode concludes with useful guidance from the California Privacy Protection Agency (CPPA) on universal opt-out signals.
In this episode of Privacy Corner, Robert Bateman discusses three prominent privacy news developments of the week - EDPB's concluded coordinated enforcement action looking at Data Protection Officers across the EU, France's fine of 10 million euros to Yahoo for cookie violations, and the Spanish Data Protection Authority's (AEPD) view of cookies and requirements for consent. He ends by emphasizing the importance of having a data protection officer, providing them necessary resources and insights into AEPD's guidance on audience measurement cookies.
In this episode of The Privacy Corner, Robert Bateman discusses the latest updates in privacy laws within the U.S. These include details of Vermont's My Health, My Data Act, the effects of Utah's Consumer Privacy Act and finally, the universal opt-out mechanism defined by the Colorado Privacy Act. Bateman also mentions the upcoming Bridge Summit by Privado AI taking place on Data Privacy Day. Tune in for a detailed look at these critical privacy developments and more.
The FTC is set to enhance children's online privacy with proposed changes to the COPPA Rule, aiming to strengthen safeguards against data misuse and increase parental control. - In a landmark decision, a retailer faces the FTC's order to delete its biometric database, highlighting the growing concerns and regulatory actions on biometric data privacy. - Google's new age-estimation face-scanning tool gains momentum with a UK certification, indicating a significant step in age verification technology and its acceptance in regulatory frameworks.
In this week's Privacy Corner, Robert Bateman presents his top three privacy stories, sponsored by Privado AI. He dives into the implications of a recent CGEU case, where the Lithuanian health ministry and a mobile app developer face fines due to GDPR violations for a COVID-19 contact tracing app. A lawsuit against Meta blends privacy and competition arguments, questioning the link between data protection and competition law. Lastly, Google and Apple have been reportedly handing over user data related to push notifications to government agencies globally. Tune in for these deep dives and more about the world of data privacy.
In this episode of Privacy Corner, Robert talks about key privacy-related news going on globally. He dives into the Court of Justice of the EU's latest judgement, the EU's upcoming AI Act, and the lawsuit Adobe is facing for allegedly tracking without consent. He also briefly describes EU's law-making process, explains implications of the latest privacy rulings, and highlights the upcoming Bridge Summit sponsored by Provado AI. Learn about these issues and more in this detailed and comprehensive coverage of privacy-related matters around the world.
In this episode of The Privacy Corner, we go over the UK's introduction of 124 pages of amendments to its data protection reforms, potential implications, and concerns from some quarters. The new draft regulations from the California Privacy Protection Agency regarding automated decision-making and AI. And examine complaints raised against Meta due to its new consent-or-pay model, including both data protection and consumer protection complaints.
In this episode of 'Privacy Corner', privacy expert Robert Bateman delves into some significant privacy news items. First on the agenda is Biden's eagerly awaited executive order on safe, AI, which heavily emphasizes privacy and introduces concepts such as 'Privacy Enhancing Technologies' and 'Differential Privacy Guarantee'. Second, the EDPB's decision on META's behavioral advertising methods is analyzed, with Robert debating its effectiveness and potential future consequences. Lastly, the script discusses the arguments outlined against the EU US Data Privacy Framework, specifically centering around Philippe Latombe's challenge to the framework. The episode concludes by expressing skepticism about whether Latombe's case will proceed but recognizes some valid arguments that might be reconsidered by others in the future.
This week in privacy - The UK unveils a groundbreaking "UK-US Data Bridge" to streamline personal data transfers. Meanwhile, OpenAI faces GDPR scrutiny in Poland, and Meta's ad algorithms are set for legal examination. Read more in this week's edition.
In privacy news this week:
Featuring insights from Robert Bateman and the Privado.ai team.
Navigate the intricate maze of data privacy with the "Privacy Corner" podcast! Join Robert Bateman, a seasoned privacy advocate and industry expert, as he delves deep into the week's most pressing privacy stories from around the world. From corporate takeovers and their unforeseen data repercussions to evolving state legislations and international data protocols, Robert brings clarity to the often clouded waters of the digital privacy realm.
In this episode:
In this week's Privacy Corner, we dive into the CPPA's recent draft regulations, explore the mounting concerns over privacy in the realm of connected cars, and shed light on Airbnb's recent clash with GDPR rules in Ireland.
In our latest Privacy Corner discussion, we talked about privacy issues with the new education app Satin and how it shares students' private info. We also covered Zoom's TOS controversy around AI training. Finally, we got an overview of new state privacy laws passed in 2022 and 2023 from privacy expert Jody Daniels, including in CA, VA, CO, CT, UT and more states. Lots of insights on navigating this changing legal landscape!
Join Robert Bateman in this week's Privacy Corner, where he explores key privacy-related issues. This episode discusses Meta's switch to consent-based advertising in Europe, the progress of the Kids Online Safety Act and COPPA 2.0 in the US, and a controversial case involving UK's ICO and FaceWatch. Subscribe for weekly insights on how privacy, technology, and government regulation intersect. Stay tuned!
This week in privacy. US regulators issue warnings over healthcare tracking, raising questions of legality. OpenAI CEO Sam Altman's new venture, Worldcon, exchanges iris scans for crypto, igniting privacy debates. Meta fined over VPN data misuse.
In this week's news Robert Bateman, and Abishai, a privacy advisor from Privacy Team, talk about recent privacy news items and developments regarding the EU US Data Privacy Framework. They discuss the Norwegian Data Protection Authority banning Meta from behavioral advertising in Norway, the California Attorney General enforcing the CCPA to cover employee data which surprised many companies, and a data breach of military intelligence documents caused by a typo in an email address, highlighting the role of human error in data breaches. They also cover the pros and cons of US businesses signing up for the new EU US data privacy framework and the European Data Protection Board's note regarding it.
Mentions:
In this week's episode, we discuss recent developments in data protection and privacy laws, including a major EU court decision that found Meta cannot rely on consent, contract, or legitimate interests for targeted ads. We also cover a $3 billion lawsuit against OpenAI and Microsoft alleging privacy violations and actions against Google Analytics by Swedish regulators.
In this week's discussion, we dive deep into the sweeping changes in US privacy laws that 2023 brought to us. We kick off with a comprehensive roundup of the new state privacy laws that came into effect this year, from the California Privacy Rights Act (CPRA) to the Utah Consumer Privacy Act (UCPA). Not only that, but we also delve into the state privacy laws passed this year, set to take effect in the coming years, including the Indiana Consumer Data Protection Act and the Texas Data Privacy and Security Act.
Our conversation also touches on other privacy-related laws signed in 2023, such as Florida's "Digital Bill of Rights" and the Washington and Nevada My Health My Data Acts. Plus, we don't miss out on discussing the FTC's privacy-related actions this year.
Joining us in this episode is Debra, as we explore the impacts these laws could have on individual privacy, the challenges of complying with diverse rules across jurisdictions, and whether the ADPPA or another federal privacy law will ever come into effect. Toward the end, Debra gives invaluable advice on how privacy teams should approach compliance with these diverse laws if operating across multiple states.
Tune in to gain insights into the evolving landscape of US privacy laws. Don't forget to like, share, and subscribe for more comprehensive law discussions.
How does Microsoft find itself in hot water with the FTC over children's privacy, and what can we learn from a Danish GDPR decision? Join me, Robert Bateman, in the Privacy Corner as we uncover the intricacies of Microsoft's violations of the Children's Online Privacy Protection Act and discuss the proposed order that seeks to change the tech giant's approach to handling data from users under 13. We'll also tackle the delicate balance between safeguarding children's privacy and scanning biometrics, ensuring you stay informed on the ever-evolving world of data protection.
But that's not all! We'll also dive into Florida's Digital Bill of Rights, investigate a massive ad targeting database brought to light by Wolfie Crystal, and examine the data protection implications of cutting-edge Neurotech devices. Plus, stay ahead of the curve as we explore Apple's Vision Pro headset featuring eye-tracking technology and the company's new privacy manifest feature. And, if you're tired of unnecessary SDKs stuffed into apps, we've got you covered with a spotlight on Provado's innovative solution. Don't miss this engaging conversation on privacy scanning products like Pravado, and how they can shield users from unwarranted data collection.
What if we told you that the Washington My Health, My Data Act is the most significant US privacy law since the CCPA in 2018? This week, we're joined by privacy experts Robert Bateman and Vopav Anthil as they unravel the implications of this groundbreaking law and its broadened concept of health information. Discover how it's creating new opportunities for health tech startups and the potential impact on data-driven businesses.
We also delve into the recent relaunch of Chat GPT in Italy and the strict privacy controls OpenAI had to put in place to satisfy the Garante, the Italian regulator. Are large language models (LLMs) actually compatible with the GDPR? Our hosts discuss this hot topic and explore the future of state-level privacy laws in the US, as they break down the recently passed Indiana privacy law. Join us for this engaging conversation that provides valuable insights for businesses and privacy enthusiasts navigating the ever-evolving world of privacy and data protection.
Our special episode commentating GDPR's 5th Anniversary along with the latest on Meta's GDPR fine, TikTok investigation, FTC's privacy order, and Nevada's new privacy bill.
This week’s Privacy Corner Podcast covers GDPR fines, UK data protection reforms, Meta's defense, EU-US data privacy framework rejection, and French AI Action Plan.
This week’s Privacy Corner Podcast covers three fresh GDPR judgments from the EU’s top court, the FTC’s proposed order to stop Meta from profiting from children’s data, France’s second multi-million fine against Clearview AI, and Kochava’s partial victory against the FTC’s privacy case.
This week’s Privacy Corner Podcast covers US state privacy law developments, data protection in AI development, and privacy in consumer products.
En liten tjänst av I'm With Friends. Finns även på engelska.