Welcome to July's GrailMail! We’re back with essential updates, in depth analysis, and actionable insights to help you stay ahead of the curve in the data privacy landscape.
We have a lot to review but before we get into the top stories, be sure to mark your calendars for the second annual DataGrail Summit! Join us on August 27th at the Ritz-Carlton, Half Moon Bay, to explore the future of responsible innovation. You’ll hear from privacy, legal, and security experts like Keith Enright (Chief Privacy Officer, Google), David Tsao (CISO, Instacart), Troy Tazbaz (Director of Digital Health, FDA), and more. Plus, we're spotlighting Stacey Schesser, Deputy Attorney General at the California Department of Justice, as a featured speaker.
Attendees will receive discounted lodging at the Ritz-Carlton, and we encourage you to make a weekend out of your stay to enjoy the resort’s world-class golf course and spa amenities.
💰 Oracle’s recent $115 million privacy payout may be a turning point in data collection
Oracle is paying $115 million to settle a customer-tracking lawsuit. And it’s not just a hefty bill: it’s a potential game-changer for how tech giants collect personal data.
Alongside cutting the check, Oracle agreed to stop user tracking, including online activity and data from web forms, and even pulling the plug on its ad tech business.
🕵🏻‍♂️ The FTC has launched an investigation over consumer data privacy concerns
Did someone say privacy breach? The FTC is looking into allegations that companies such as JPMorgan Chase and MasterCard may be using consumer data for surveillance pricing– charging based on browsing and purchase histories.
The probe will explore how these firms handle personal data, potentially exposing privacy risks. This move highlights rising data privacy concerns and challenges companies' use of customer information for financial gain.
🤖 The EU AI Act officially became a law this month
The EU AI Act became law on July 12th and will take effect this August, setting global AI standards.
The Act encourages early compliance through voluntary measures and will detail obligations for both providers and users of AI systems.
Be sure to mark your calendars: New codes of practice will be ready by May 2, 2025, giving you a three-month period to prepare. View the full implementation timeline here.
Speaking of generative AI, its voracious consumption of data is clashing with stringent privacy regulations worldwide, especially in Europe.
Meta, who’s no stranger to data privacy controversies, had their plans for AI halted due to privacy concerns– calling for scrutiny and legal challenges across multiple countries.
GDPR's strict consent requirements complicate AI training, and with California also considering tighter AI regulations, the conflict between AI and privacy laws is intensifying.
July was a big month for U.S. state privacy legislation, impacting businesses nationwide. Here’s a retrospective on key developments and their implications.
🇨🇱 Texas Data Privacy and Security Act (TDPSA) Texas recently introduced some broad-reaching obligations for businesses operating in the lone star state. Effective July 1, 2024, the TDPSA mandates comprehensive data protection and consumer rights management. Every business must now comply with strict rules– and face hefty fines for non-compliance. That’s why your organization needs to make sure consumers can access, correct, or delete information they no longer want stored.
⛰️ Oregon Consumer Privacy Act (OCPA):
The Oregon Consumer Privacy Act brings similar requirements to the table, such as businesses needing to disclose specific third-party data sharing and enabling consumers to opt out of targeted advertising through browser-based mechanisms. Also taking effect on July 1, 2024, Oregon’s law is like the TDSPA is looking at a mirror.
đź‘€ Looking ahead: What are the effective dates of the U.S. state privacy laws?
In July, we made major enhancements to the DataGrail platform like improved Live Data Map performance, customizable Risk Monitor templates, and fresh compliance guidance in Request Manager. These updates reinforce our commitment to elevating your privacy posture and helping you stay ahead in managing data privacy seamlessly. Check out our monthly release blog to learn more.
Plus, take a look at this clip from Chris Asta, Senior Product Counsel at Skillshare, highlighting his company’s experience with our newly launched product, DataGrail Consent. 🏆
Google’s decision to cancel the phase out of third-party cookies is huge news for privacy and marketing teams. This move underscores the continued need for consent management solutions to protect your customers’ right to privacy. In this blog, Tarun Gangwani, product manager at DataGrail, breaks down what this decision means for your business.
.png?upscale=true&width=1200&upscale=true&name=unnamed%20(28).png)
.png?upscale=true&width=1040&upscale=true&name=Upcoming%20Deadlines%20and%20Regulations%20(1).png)
.png?upscale=true&width=1040&upscale=true&name=GrailMail%20Headers%20(2).png)
.png?upscale=true&width=1040&upscale=true&name=GrailMail%20Headers%20(3).png)
