Welcome to September's GrailMail! We’re back with essential updates, in depth analysis, and actionable insights to help you stay ahead of the curve in the data privacy landscape.
View in browser
DataGrail-Logo-HorizontalLockup-969690
GrailMail_Hero_Update_240531
 

Happy September, folks. 🍂  As the leaves begin to change, it’s the perfect time for a refreshed approach to data privacy.

 

But before diving into the top stories, we are thrilled to share highlights from our recent DataGrail Summit! Last month, the top minds in privacy, security, and legal gathered at the Ritz Carlton, Half Moon Bay to explore the future of responsible innovation. 

 

Watch a recap of the event here:

DATAGRAIL_SIZZLE_FINAL

All sessions from the 2024 DataGrail Summit are now available as on-demand recordings, and they’re ready for you to binge-watch. 🎥

Watch all sessions on-demand here

Here are some highlights from a few of our speakers:

 

Frances Haugen - The Facebook whistleblower captivated our audience with her insights on the urgent need for ethical frameworks in AI. Frances emphasized the pressing challenge of establishing expectations in a rapidly evolving landscape, and urged collaboration among all stakeholders to address data privacy responsibly. Learn more about her sentiments here.

 

Eric Brinkman - As Chief Product Officer at DataGrail, Eric unveiled our innovative approach to privacy with Unified Choice, which is a comprehensive solution designed to streamline consent management. 

 

David Tsao & Jason Clinton - Highlighting the intersection of security and privacy, the CISOs of Instacart and Anthropic stressed the importance of proactive communication between teams. They also brought a forward-looking perspective on stress-testing AI systems, warning organizations to anticipate future challenges in AI governance and emphasizing the need for adaptive strategies in order to stay ahead of potential threats.

 

Plus, our second annual DataGrail Summit also featured two incredible panels on The Future of Consumer Choice and Navigating the Latest AI and Privacy Regulations.

 

Together, these experts illuminated the path toward responsible innovation, urging collaboration, adaptability, and a consumer-centric approach to navigate the evolving challenges of data privacy in the age of AI. Read the full recap of DataGrail Summit here.

We’re also thrilled to give a shoutout to our recently announced Data Privacy Hero Awards winners! We’re celebrating the exceptional contributions of privacy, legal, and security professionals raising the bar in data privacy.

 

Congratulations to:

🥇 The Champion: Kirsten Daru, General Counsel & Chief Privacy Officer at Netgear

đź’ˇ The Innovators: Eric Lovell and Sean Kellogg, Privacy Counsel at Dexcom

🚀 The Visionary:  Gauri Manglik, Deputy General Counsel of AI, Privacy, and Product at GoFundMe

GrailMail September Banner
GrailMail Headers

đź’°  23andMe settles $30 million data breach lawsuit

  • 23andMe has settled a data breach lawsuit from a 2023 incident affecting 6.9 million customers, agreeing to pay $30 million and offer three years of security monitoring. 
  • The settlement includes new cybersecurity measures to prevent future breaches, although the company denies any wrongdoing. 
  • The breach, caused by credential stuffing, exposed sensitive genetic information, raising concerns about privacy and potential discrimination. As 23andMe navigates financial challenges, the settlement highlights the critical need for robust cybersecurity practices. Read the full story here. 

🤖  LinkedIn's new AI policy: Users must opt out of AI training

  • LinkedIn has updated its privacy settings, now allowing the platform to use user-generated content to train its artificial intelligence—unless you opt out. 
  • By default, any posts, articles, or videos you share could be fair game for AI training, which LinkedIn claims will enhance job-search tools and skill development. 
  • To opt out, simply adjust your settings under “Data privacy,” but be aware that this won’t affect data already used. The opt-out process is not entirely user-friendly, raising concerns about fair compensation for the work that goes into improving LinkedIn's AI.
  • For more information, check out this article.

⚠️  Growing data risks expand the roles of Chief Privacy Officers

  • Now, corporate privacy executives are adding new areas to their remit. Many chief privacy officers are now involved in making AI and cybersecurity decisions for new products and services.
  • Over 80% of privacy teams now do additional work in areas such as AI and data governance, according to a forthcoming survey of 671 privacy executives from the International Association of Privacy Professionals.
  • You can read this article for additional details.

⛰️  Montana Consumer Data Privacy Act (MTCDPA)

 

Effective tomorrow, October 1st, the MTCDPA brings stricter regulations for handling personal data. The law requires organizations to honor consumer rights regarding data access, deletion, and opt-out options. If you handle the data of just 5% (or less) of Montana’s residents, you could be subject to this law. As Montana joins the ranks of states with robust privacy laws, businesses must quickly adapt to avoid penalties. Learn more about the act here.

đź‘€  Looking ahead: What are the effective dates of the U.S. state privacy laws?

August GrailMail (1)

GrailMail Headers (2)

As summer fades, DataGrail is keeping the momentum going with exciting product updates. Key features include AI risk detection in the Live Data Map to identify potentially risky applications, a new testing capability for consent configurations before launch, and streamlined opt-out request handling via the DataGrail Agent. You can stay informed with our monthly product release blog. 

GrailMail Headers (3)

How to Avoid These Common Deceptive Design Mistakes in Your Cookie Consent Banner

  • Many consumers have encountered frustrating experiences with cookie consent banners that employ dark patterns—designs that manipulate user choices to favor the company. 
  • By prioritizing transparency and user choice, companies can enhance trust and ensure compliance while avoiding the pitfalls of deceptive design. As regulatory scrutiny increases, adopting these strategies will be crucial for maintaining top-notch practices. For more guidance, check out our consent banner style guide.

How to Build a Fully Compliant Cookie Consent Program

  • Navigating the maze of over 15 state privacy laws can be overwhelming for brands, especially when it comes to cookie and tracking consent. Privacy expert Kyle Comstock highlights that a solid consent strategy not only ensures compliance but also drives business growth.
  • This blog outlines three key compliance approaches: opt-in notices, opt-out models, and strategies for regions without specific policies. By adopting a few straightforward consent models, brands can simplify their compliance efforts and build consumer trust. You can learn more in our Guide to Consent Management.

Want to join in on the data privacy conversation? Become a member of our Privacy Community, filled with privacy, legal, and security professionals. 

Privacy_Community

Until next time! đź‘‹

Megan

This was sent to your email. If you do not wish to receive news and product updates in this format, please manage your preferences below.

© 2024 DataGrail, Inc. and/or its affiliates. All rights reserved.
Various trademarks held by their respective owners.

DataGrail, 225 Bush Street, Suite 360, San Francisco, CA 94104

Unsubscribe Manage preferences

DataGrail-Emblem-969690
LinkedIn
X
YouTube