Send us a text

The UK Data (Use and Access) Act (DUAA) is the most significant UK privacy law change since GDPR—raising maximum fines from £500,000 to £17.5M and expanding enforcement to cookies, DSARs, children’s data, international transfers, and automated decision-making.

In this session, privacy law expert Robert Bateman explains:

• Key DUAA changes and enforcement timelines
• How DUAA differs from GDPR and the DPA 2018
• Top compliance risks for CPOs and DPOs
• Practical steps to prepare before enforcement begins

Send us a text

In this session, Jake Ottenwaelder (Principal Privacy Engineer, Integrative Privacy) explains how privacy teams can detect and remediate third-party SDK risks that lead to CCPA, GDPR, and CPRA violations.

You’ll also see a live demo from Muskan Bansal (Software Engineer, Privado.ai) of App Auditor, a privacy risk monitoring tool that:

✅ Scans mobile apps for unauthorized SDK tracking
 ✅ Maps all third-party data flows and consent dependencies
 ✅ Flags violations of global privacy laws like GDPR and CCPA
 ✅ Helps teams fix privacy risks before release

This session is ideal for privacy teams, compliance officers, and app developers managing mobile tracking, user consent, and data sharing compliance.

#Privado #appprivacy #appauditor #privacyengineering #privacybydesign

Send us a text

Join leading privacy lawyer Daniel Goldberg from FKKS to learn about the top privacy risks for mobile apps causing the latest enforcements under US privacy law.‍

This webinar is the first in a three-part series focused on helping you master privacy compliance for mobile apps.

- July 31 - Mobile App Privacy Series Part 1 - Top Risks & Latest Enforcements in US
- August 7 - Mobile App Privacy Series Part 2 - Privacy Risk Remediation Workshop
- August 21 - Mobile App Privacy Series Part 3 - App Auditor Live Demo

In this webinar you’ll learn
- What is causing the latest US mobile app privacy enforcements: Get the latest on the wave of new US state and federal privacy enforcements.
- How new law changes affect privacy legal risk: Enforcement is now live for the DOJ bulk data transfer rule and new state privacy laws in Tennessee and Minnesota. Learn what legal changes to prepare for.
- What privacy teams can do to minimize privacy risk for mobile apps: Learn what privacy risks in your mobile apps to focus on and how to identify them. - Get the legal perspective from Daniel Goldberg and get the technology perspective from Privado.ai CEO Vaibhav Antil

Send us a text

📢 In Privacy News This Week:

🔹 Healthline fined $1.55M under CCPA – for failing to honor opt-outs, misconfigured cookie banners, and sharing sensitive health data without proper contracts or purpose limitation.

🔹 NY cracks down on teen tracking – AG guidance confirms NY Child Data Protection Act bans behavioral ads unless strictly necessary; “necessary” excludes marketing and profiling.

🔹 Microsoft faces EU-wide legal test – Ireland admits first collective redress lawsuit over adtech practices and RTB violations, targeting sensitive data broadcast via Xandr.

#Privado #PrivacyNews #CCPA #GDPR #Adtech

Send us a text

In this episode of the Privacy Tech Spotlight series by Masters of Privacy, Vaibhav Antil, Co-Founder & CEO of Privado.ai, explores the shift from trust-based compliance to evidence-based privacy programs.

Vaibhav breaks down how tools like code scanning, built-in alerts, and server-side auditing help DPOs and legal teams gain real-time visibility into data flows—bridging the gap between privacy policies and engineering execution.

🔍 Topics covered:

• Operationalizing privacy for DPOs and legal teams
• Automating evidence for GDPR, CPRA, and global compliance
• Why code is the single source of truth for privacy enforcement
• How Privado.ai is enabling privacy teams to scale with tech

#Privado #Privacy #PrivacyEngineering #MastersOfPrivacy

Send us a text

📢 Privacy Corner Newsletter: June 26, 2025

🔹 UK Raises Cookie Fines and Relaxes Some Consent Rules – The UK’s new Data (Use and Access) Act updates cookie consent exemptions and raises PECR penalties to £17.5M or 4% of global revenue.

🔹 Norway Penalizes Non-Consensual Tracking of Minors – The Norwegian DPA fined a public children’s support site and reprimanded five others for illegally sharing personal data with Meta and Google using pixels.

🔹 Finland Fines Pharmacy $1.26M for Sharing Health Data – Yliopiston Apteekki was penalized for sending sensitive medical data to Google and Meta via tracking pixels without consent.

#Privado #PrivacyPodcast #Privacy

Send us a text

📢 Privacy Corner Newsletter: June 6, 2025

🔹 California tweaks CIPA lawsuits but the retroactive fix is gone

The Senate passed SB 690 to limit wiretapping claims tied to adtech by aligning CIPA with the CCPA — but removed the retroactive clause, meaning older lawsuits can still proceed.

🔹 German court says 'Accept & Close' banners aren’t enough

A Hannover court ruled cookie banners must allow true choice and that Google Tag Manager requires GDPR-valid consent — marking a major shift in how consent is interpreted.

🔹 TikTok wins court delay in data transfer ban

The Irish High Court granted a temporary stay on TikTok's China data transfer ban, pausing the DPC’s order while appeals are heard — a relief for engineering and compliance teams.

#Privado #DataPrivacy #PrivacyEngineering

Send us a text

In this episode of the Website Privacy Series, Ali Jessani, Counsel at WilmerHale, joins Privado.ai CEO Vaibhav Antil to unpack the biggest privacy risks facing U.S. websites in 2025. 

From CCPA enforcement in California to biometric settlements in Texas, this session breaks down where companies are getting it wrong and what you can do to avoid fines and lawsuits.

You'll learn:

• What’s triggering class actions under CIPA and the My Health My Data Act
• How regulators are interpreting older laws for modern tech like pixels and SDKs
• Why new rules from the DOJ mean even data storage locations matter now

Whether you're in legal, privacy, or marketing, this conversation will help you understand where website tracking and consent setups are falling short and what you can do to protect your company.

Send us a text

📢 Privacy Corner Newsletter: May 22, 2025

🔹 Meta’s AI Training Faces Legal Pushback –
Noyb challenges Meta’s use of public posts for AI under “legitimate interests,” citing GDPR violations, lack of transparency, and risks to data subject rights.

🔹 OpenAI Ordered to Retain Chat Logs –
A U.S. judge directs OpenAI to preserve all ChatGPT output, overriding privacy settings and regulations amid a copyright case brought by The New York Times.

🔹 Montana Expands Privacy Law Scope –
Montana’s revised privacy law lowers thresholds, strengthens protections for minors, and introduces profiling opt-outs and stricter enforcement with no cure period.

#privado #dataprivacy #privacyengineering #privacybydesign

Send us a text

📢 Privacy Corner Newsletter: May 8, 2025

🔹 Meta’s Court Challenge Rejected – The EU’s General Court dismissed Meta’s attempt to annul the EDPB’s 'consent or pay' opinion, stating it lacks binding legal effect. Meta also failed in its claim for compensation.

🔹 Todd Snyder Fined $345K Under CCPA – A broken cookie consent mechanism and excessive ID verification led the California Privacy Protection Agency to fine fashion retailer Todd Snyder and demand major privacy practice changes.

🔹 EDPB Approves Short-Term UK Adequacy Extension – The Board endorsed a 6-month extension to the UK’s adequacy decision, calling it a one-time move to allow the new Data (Use and Access) Bill to be finalized.