Welcome to May's GrailMail! We’re back with essential updates, in depth analysis, and actionable insights to help you stay ahead of the curve in the data privacy landscape.
View in browser
DataGrail-Logo-HorizontalLockup-969690
GrailMail_Hero_Update_240531
 

Happy May, folks. 🌷

 

The world of data privacy continues to evolve, and we’re here to help you stay informed and prepared. This month, we’re diving into the latest news, insights, and tools designed to simplify compliance and empower your privacy strategies.

 

Let’s dive in.👇

 

With new state-level laws like the Tennessee Information Protection Act and the Minnesota Consumer Data Privacy Act taking effect in July—and the next phase of the EU AI Act on the horizon in August—understanding the nuances of these regulations is essential.

State Laws Webinar _ Email Header

Join us for a webinar on June 17th at 11am PT, where we’ll share the latest consumer privacy laws. You’ll learn:

  • A breakdown of upcoming privacy regulations and their implications
  • Common themes and what’s needed to ensure compliance for upcoming laws
  • Retail-specific strategies for navigating data privacy challenges
  • Actionable advice to adapt and stay compliant in a shifting landscape
Sign up here

GrailMail Headers

Here’s all the data privacy news you need to know from May. 👇

 

🔎 Google will pay Texas $1.4B to settle claims over user data collection

  • The agreement settles several claims Texas made against the search giant in 2022 related to geolocation, incognito searches and biometric data. The state argued Google was "unlawfully tracking and collecting users' private data."  Read more here.

 

💰 TikTok hit with €530M fine after illegally sending users’ data to China

  • TikTok has to pay €530 million in penalties because it sent the personal data of Europeans to China illegally and wasn’t transparent enough with users.
  • Taking a stance on data transfers to China for the first time, the regulator said TikTok failed to adequately assess the implications of Chinese surveillance laws on Europeans’ data. Read more here.

 

🤖 States Are Passing AI Laws; What Do They Have in Common?

  • Just as GDPR prompted a wave of state privacy laws in the US, the EU AI Act is catalyzing state-level AI regulations across America.
  • While some policies regarding AI use in governmental processes have already been implemented, more than 20 US states have AI laws in various stages of approval whose scope includes private companies.  Read more here.

⚖️ CPPA fines Todd Snyder $345K and National Public Data $46K for privacy violations

  • The California Privacy Protection Agency (CPPA) fined Todd Snyder, Inc. $345,178 for failing to honor opt-out requests for over 40 days, asking users for excessive info, and requiring identity verification to opt out of data sale/sharing.
  • National Public Data, a Florida data broker, was fined $46,000 — the maximum allowed by the CPPA— for registering 230 days late under the Delete Act, following a massive 2024 breach exposing 2.9 billion records, including Social Security numbers. Read more here.
May

GrailMail Headers (2)

The last month brought Cookie Lifecycle Management, customizable banner layouts by region, expanded Request Manager support and much more!

 

🔍 What’s New?

  • Cookie Lifecycle Management allows customers to continuously monitor cookie activity in real time with no scans to run or buttons to click—ensuring any new tracking behavior is detected and managed instantly for rapid compliance.
  • DataGrail Consent customers can now use Layouts to tailor banner design, language, and behavior to a visitor’s geographic policies via a no-code banner editor.
  • Managing large volumes of data subject requests just got smoother. Thanks to our latest performance enhancements, the Request Table now loads up to 40% faster, so teams can move seamlessly from one request to the next.
  • The new Collapsed Style Banner delivers a cleaner, less intrusive mobile experience—without compromising clarity or compliance.

 

Check out our monthly product release blog here.
GrailMail Headers (3)

How DataGrail Consent Empowers Lean Privacy Teams: Featuring Sportsman’s Warehouse

  • Ensuring consent compliance in 2025 is no small task, especially for lean privacy teams supporting large operations.
  • Hear how Sportsman’s Warehouse stays ahead of complex privacy demands with DataGrail Consent—scaling compliance with confidence and ease.

From Compliance to Trust: Key Takeaways from IAPP’s Global Privacy Summit

  • Missed IAPP’s Global Privacy Summit or want to catch up? Tyler Finn from PrivacyWise shared his top key takeaways from IAPP GPS last month.

RSA Conference 2025: Key Takeaways For Privacy Leaders

  • Under the theme “Many Voices. One Community,” the conference focused on AI-powered threats, the evolving role of protection and compliance along with the unity and shared responsibilities in addressing cybersecurity challenges. This year, more than ever before, privacy shone through as a central theme. 

Are you passionate about privacy, legal, or security issues? Want to connect with like-minded professionals and stay ahead in a rapidly evolving landscape?

 

Become a member of our Privacy Community!

Privacy_Community

We’ve got everything from privacy law updates to career tips, monthly privacy huddles, and exclusive resources tailored for the privacy community. Don’t miss out on the chance to be part of a vibrant network committed to advancing data privacy.

See you next time! đź‘‹

Colleen

This was sent to your email. If you do not wish to receive news and product updates in this format, please manage your preferences below.

© 2024 DataGrail, Inc. and/or its affiliates. All rights reserved.
Various trademarks held by their respective owners.

DataGrail, 225 Bush Street, Suite 360, San Francisco, CA 94104

Unsubscribe Manage preferences

DataGrail-Emblem-969690
LinkedIn
X
YouTube