The FCC appears unlikely to make any moves to enforce the data privacy rules approved under the Biden administration, which were recently upheld by the 6th U.S. Circuit Court of Appeals, industry experts said Friday. Last week, the panel that decided the case agreed to hold it in abeyance pending the FCC’s review of the 2023 order, as the agency requested. The panel ordered the FCC to file status reports every 60 days, with the first due Dec. 16.
OneTrust agrees that businesses shouldn't set and forget privacy compliance tools, amid increased scrutiny from regulators, said Ojas Rege, general manager of privacy and data governance. In an interview with Privacy Daily, Rege also said that a great amount of enforcement action is happening behind the scenes, without becoming public. In addition, the OneTrust official warned that “AI amplifies every single privacy and data governance gap you have in your organization.”
A U.S.-based company that scraps the web for images of people and sells them to clients tells Privacy Daily it will appeal a Wednesday decision from a U.K. panel that ruled its activities violate its citizens' privacy.
Businesses should expect an increase in universal opt-out preference signals (OOPS) after California Gov. Gavin Newsom (D) signed a bill Wednesday that requires all web browsers to support the functionality (see 2510080036), said Tom Kemp, California Privacy Protection Agency executive director. The CPPA and regulators in other states are checking if companies are honoring such requests, Kemp warned in an interview Wednesday. Newsom signed AB-566 and two other privacy bills earlier in the day.
The $1.35 million California enforcement action against Tractor Supply Co. this week raised the bar for privacy compliance, emphasizing that privacy laws and rights extend beyond consumers, privacy lawyers and advocates said in interviews with Privacy Daily. The California Privacy Protection Agency (CPPA) found that the country's largest rural lifestyle retailer violated the California Consumer Privacy Act (CCPA) in several instances, including how it handled candidates for employment (see 2509300010).
Privacy is an ever-evolving landscape, meaning that company privacy policies, technologies and teams must be constantly updated, panelists said Wednesday during a webinar hosted by Didomi, a consent-management software vendor. With enforcement actions by regulators increasing and legislators continuing to implement new laws, companies must stay on top of the latest developments, they added.
The U.K. government has no plans to ban virtual private networks (VPNs) despite a surge in users downloading them to circumvent age verification and estimation rules under the Online Safety Act (OSA), a government spokesperson said.
A Delaware health care company violated HIPAA rules by publicly sharing patient data without consent, the Health and Human Services Office for Civil Rights announced in a settlement Tuesday.
Montana became the third state to regulate neural data as an amendment to the state’s genetic privacy law took effect Wednesday, adding to a trend of states overseeing the neurotechnology space (see 2508180034). On the same day, amendments to Montana’s comprehensive privacy law took effect, expanding its scope and introducing more protections for children.
The California Privacy Protection Agency assessed its largest-ever penalty, ordering Tractor Supply Co. to pay a $1.35 million fine and change its business practices, the CPPA said Tuesday. The company told Privacy Daily that it’s committed to compliance and addressed the privacy issues raised.