General Privacy & Data Security News & Developments

I had the pleasure of speaking recently with Jamal Ahmed on the PrivacyPros Podcast about privacy enforcement and privacy career trends.

Among the questions I tried to address:

  • What does the new Network Advertising Initiative (NAI) and its opt outs of hashed email targeted advertising mean?
  • Why should everyone read George Orwell’s “1984” and Carol

Federal Trade Commission authority boost?

H.R. 2668 – The Consumer Protection and Recovery Act – has passed in the U.S. House of Representatives.

The bill amends the Federal Trade Commission Act to provide the FTC with explicit authority to require bad actors to return money earned through illegal activity and to seek both injunctive

The Ohio Personal Privacy Act, also known as House Bill 376, is being considered in the Buckeye State.

Here are a few takeaways:

  • Enforcement by Attorney General only
  • Affirmative defense for companies that maintain and comply with a written privacy program that reasonably conforms with the NIST Privacy Framework.
  • “Business” include non-profits
  • Similar to Virginia

“Nothing ever happens in privacy, the team will manage itself”

This statement, which did not survive the test of time, was shared by one of the privacy pros who  participated in this month’s International Association of Privacy Professionals’ Women Leading Privacy networking session. I co-lead the session.

Some pet peeves/needs in leadership that we discussed

As always, it was great fun speaking with Future of Privacy Forum’s lovely and knowledgeable mobility guru Chelsey Colbert during Part 2 of OneTrust DataGuidance’s connected vehicles and data protection presentation.

Here are some takeaways from our chat:

  • In the Cold War spy series “The Americans,” characters kept changing their route to and from their

Commission d’access a la information du Quebec has issued guidance on employee geolocation tracking.

Here are some key takeaways:

  • Unless the law expressly provides for it, a company may not require a person to be tied to a device that makes it possible to know where he is.
  • Without obtaining valid consent from its employees,

Several German Data Protection Authorities commence independent investigation of cross border transfers of personal data in violation of Schrems II.

The investigation has commenced by sending companies questionnaire regarding among other things, the use of service providers for:

  • sending e-mails
  • hosting of websites
  • web tracking
  • the administration of applicant data
  • the internal exchange of customer

U.S. Senator Edward J. Markey of Massachusetts has introduced the “Algorithmic Justice and Online Platform Transparency Act.”

If signed into law, the bill will impose several new requirements on online platforms:

  • Transparency – including explaining the information collected, how it is used (for advertising and/or content moderation), method by which the type of algorithmic process

The “Cookie-pocalypse” or the “Identity Revolution.” Whatever you call it, digital advertising is undergoing a massive transition as the deprecation of third-party cookies gets closer. To help marketers successfully navigate this changing ecosystem, it’s clear the role of agencies must evolve, says Larson Banilower, Head of Agency at Criteo.

Three audience targeting approaches agencies can

The National Institute of Standards and Technology (NIST) has issued a draft report on Trust and Artificial Intelligence.

“If the AI system has a high level of technical trustworthiness, and the values of the trustworthiness characteristics are perceived to be good enough for the context of use, and especially the risk inherent in that context,