Welcome to August's GrailMail! We’re back with essential updates, in depth analysis, and actionable insights to help you stay ahead of the curve in the data privacy landscape.
In August, nothing beats the heat like a fresh update on the latest data privacy regulations and trends. But before diving into the top stories, we are thrilled to share that the second annual DataGrail Summit was a huge success!
Earlier this week, the top minds in privacy, security, and legal gathered at the Ritz Carlton, Half Moon Bay to explore the future of responsible innovation. Our attendees had the opportunity to discuss the complexities of data privacy in the age of generative AI and ever-changing privacy regulations, while also connecting with like-minded professionals.
Frances Haugen, known for exposing user privacy violations at Meta, delivered a powerful keynote to advocate for transparency and accountability in tech.
Kirsten Daru, General Counsel & Chief Privacy Officer at NETGEAR, shared her approach to creating effective Privacy and Risk Councils that drive real change.
CISOs David Tsao from Instacart and Jason Clinton from Anthropic tackled the critical need to stress test AI systems to ensure robust security and compliance.
But that’s not all: We’re also headed IAPP PSR in Los Angeles on September 23rd and 24th. Stop by our booth (#134) for complimentary craft coffee, elevated swag, and DataGrail platform walkthroughs. If you'd like to set up a meeting in person at IAPP, reach out to marketing@datagrail.io. We hope to see you there!
đźš– Uber hits a major speed bump with a $324 million fine for data mishandling
Buckle up: The Dutch data protection enforcers gave Uber a $324 million fine for allegedly violating GDPR. Uber was caught transferring European drivers' personal details to the US without the proper safeguards, leading to a serious security breach.
Uber plans to appeal, arguing that the decision is flawed and that they were compliant with the EU privacy law during a period of legal uncertainty. Meanwhile, Dutch authorities are sticking to their stance, saying Uber’s protection measures fell short. Read more on the case here.
Maryland’s latest privacy law, the Maryland Online Data Privacy Act (MODPA), is set to implement hefty changes on October 1, 2025. This new law is a heavyweight contender that goes toe-to-toe with California’s Consumer Privacy Act.
MODPA bans the sale of personal data and imposes strict limits on collecting and sharing data unless absolutely necessary. Unlike other laws, it doesn’t allow exceptions for consent—if it’s sensitive data, you can’t sell it, period. Learn more about what this act means for organization here.
🤖 Parents are balancing innovation and privacy as they consider AI's role in schools
As the school bells ring and AI begins to weave its way into classrooms, parents are torn between curiosity and concern. A recent Norton survey shows that 93% of parents are worried about AI in education, fearing issues like inappropriate content, tech over-reliance, and privacy breaches.
Despite this, nearly half of these parents are open to AI helping with homework, and 69% see it as a useful research tool. To keep kids safe, there needs to be major strides in protecting personal information, using secure websites and VPNs, and setting age-appropriate AI tools.For more information, check out this resource.
❄️ Minnesota Consumer Data Privacy Act (MNCDPA)
Starting next summer, Minnesota's new privacy law is making waves by giving state residents some serious control over their personal information. Effective July 31st, 2025, Minnesotans will be able to question profiling decisions, opt out of data sales, and get clear, easy-to-find privacy notices from companies. With hefty fines for non-compliance and a 30-day grace period for fixing mistakes, this law is Minnesota's bold step towards giving consumers more power over their data in today’s digital age. Read more about the act here.
đź‘€ Looking ahead: What are the effective dates of the U.S. state privacy laws?
Say hello to our fresh new look! Our redesigned user interface features a modern color palette and updated design, reflecting our commitment to simplicity and privacy. 🎨
We’re thrilled to unveil our Data Privacy Hero Awards, celebrating the exceptional contributions of privacy, legal, and security professionals raising the bar in data privacy.
These awards honor:
🥇 Champions: leaders who advocate for personal data privacy and inspire others.
đź’ˇ Innovators: leaders who deploy cutting-edge solutions to enhance privacy practice.
🚀 Visionaries: leaders who integrate privacy strategies to drive organizational change.
You can nominate a deserving colleague, peer, or yourself and share their achievements. For more details, check out this blog.
Data breaches hit an all-time high in 2024, with global average costs reaching USD 4.88 million—up 10% from last year. One-third of these breaches involved shadow data, revealing the growing difficulty in tracking and protecting information.
In fact, leveraging security AI and automation can dramatically reduce breach costs, with users saving an average of $2.22 million compared to those without these technologies.
Consent management can feel like a never-ending battle between privacy and user experience. After years of wrestling with clunky tools and balancing personal data against marketing goals, our Director of Web Development Alex Wesler reveals the game-changer that every digital marketer has been waiting for.
DSR management goes beyond mere compliance and can offer strategic advantages for organizations. We’ve put together a list of essential practices to not only improve your operational efficiency but also strengthen your security, ultimately saving time and reducing the costs associated with manual DSR processing.
.png?upscale=true&width=1040&upscale=true&name=Upcoming%20Deadlines%20and%20Regulations%20(1).png)
.jpg?upscale=true&width=1120&upscale=true&name=August%20GrailMail%20(1).jpg)
.png?upscale=true&width=1040&upscale=true&name=GrailMail%20Headers%20(2).png)
-1.jpg?upscale=true&width=580&upscale=true&name=unnamed%20(3)-1.jpg)
.png?upscale=true&width=1040&upscale=true&name=GrailMail%20Headers%20(3).png)
