OneTrust agrees that businesses shouldn't set and forget privacy compliance tools, amid increased scrutiny from regulators, said Ojas Rege, general manager of privacy and data governance. In an interview with Privacy Daily, Rege also said that a great amount of enforcement action is happening behind the scenes, without becoming public. In addition, the OneTrust official warned that “AI amplifies every single privacy and data governance gap you have in your organization.”
With different definitions of who counts as a child in various states, more companies are treating anyone younger than 18 as a kid, said privacy lawyers and professionals during an Interactive Advertising Bureau webinar Wednesday. Davis+Gilbert attorney Gary Kibel predicted that disagreement on the age issue could become yet another obstacle to passing a national data privacy law.
An Ohio state representative questioned Google’s intentions for supporting an age-verification bill (HB-302) at a House Judiciary Committee hearing livestreamed Wednesday.
Adding two more states to the Consortium of Privacy Regulators will increase the multistate enforcement body’s power, lawyers who previously worked for state attorney general offices said Wednesday. Minnesota and New Hampshire AGs joined the group, the California Privacy Protection Agency (CPPA) announced Wednesday.
Businesses should expect an increase in universal opt-out preference signals (OOPS) after California Gov. Gavin Newsom (D) signed a bill Wednesday that requires all web browsers to support the functionality (see 2510080036), said Tom Kemp, California Privacy Protection Agency executive director. The CPPA and regulators in other states are checking if companies are honoring such requests, Kemp warned in an interview Wednesday. Newsom signed AB-566 and two other privacy bills earlier in the day.
A new California law setting concrete deadlines for data breach notifications could make a big difference in the state, Emory Roane, Privacy Rights Clearinghouse (PRC) associate director of policy, said Tuesday.
California will now require companies to notify residents of the state within 30 calendar days of a company discovering a data breach. Gov. Gavin Newsom (D) signed SB-446 on Friday after it sailed through the legislature (see 2508290005).
A comprehensive privacy bill passed the Pennsylvania House with "noteworthy" applicability thresholds and categories of sensitive data, a Philadelphia-based privacy attorney said Thursday. The state House also passed a bill Wednesday that would add a private right of action to the state’s data breach notification law.
The California Privacy Protection Agency assessed its largest-ever penalty, ordering Tractor Supply Co. to pay a $1.35 million fine and change its business practices, the CPPA said Tuesday. The company told Privacy Daily that it’s committed to compliance and addressed the privacy issues raised.
Uncommon and broadly applicable data minimization requirements in the Maryland Online Data Privacy Act (MODPA) could pose major compliance challenges for companies when the law takes effect Wednesday, privacy attorneys representing businesses said in interviews. Some advertisers could opt out of the Maryland market rather than comply with the state's comprehensive privacy law, said David LeDuc, Network Advertising Initiative (NAI) public policy vice president.