Send us a text

📢 In Privacy News This Week:

🔹 Healthline fined $1.55M under CCPA – for failing to honor opt-outs, misconfigured cookie banners, and sharing sensitive health data without proper contracts or purpose limitation.

🔹 NY cracks down on teen tracking – AG guidance confirms NY Child Data Protection Act bans behavioral ads unless strictly necessary; “necessary” excludes marketing and profiling.

🔹 Microsoft faces EU-wide legal test – Ireland admits first collective redress lawsuit over adtech practices and RTB violations, targeting sensitive data broadcast via Xandr.

#Privado #PrivacyNews #CCPA #GDPR #Adtech

Send us a text

In this episode of the Privacy Tech Spotlight series by Masters of Privacy, Vaibhav Antil, Co-Founder & CEO of Privado.ai, explores the shift from trust-based compliance to evidence-based privacy programs.

Vaibhav breaks down how tools like code scanning, built-in alerts, and server-side auditing help DPOs and legal teams gain real-time visibility into data flows—bridging the gap between privacy policies and engineering execution.

🔍 Topics covered:

• Operationalizing privacy for DPOs and legal teams
• Automating evidence for GDPR, CPRA, and global compliance
• Why code is the single source of truth for privacy enforcement
• How Privado.ai is enabling privacy teams to scale with tech

#Privado #Privacy #PrivacyEngineering #MastersOfPrivacy

Send us a text

📢 Privacy Corner Newsletter: June 26, 2025

🔹 UK Raises Cookie Fines and Relaxes Some Consent Rules – The UK’s new Data (Use and Access) Act updates cookie consent exemptions and raises PECR penalties to £17.5M or 4% of global revenue.

🔹 Norway Penalizes Non-Consensual Tracking of Minors – The Norwegian DPA fined a public children’s support site and reprimanded five others for illegally sharing personal data with Meta and Google using pixels.

🔹 Finland Fines Pharmacy $1.26M for Sharing Health Data – Yliopiston Apteekki was penalized for sending sensitive medical data to Google and Meta via tracking pixels without consent.

#Privado #PrivacyPodcast #Privacy

Send us a text

📢 Privacy Corner Newsletter: June 6, 2025

🔹 California tweaks CIPA lawsuits but the retroactive fix is gone

The Senate passed SB 690 to limit wiretapping claims tied to adtech by aligning CIPA with the CCPA — but removed the retroactive clause, meaning older lawsuits can still proceed.

🔹 German court says 'Accept & Close' banners aren’t enough

A Hannover court ruled cookie banners must allow true choice and that Google Tag Manager requires GDPR-valid consent — marking a major shift in how consent is interpreted.

🔹 TikTok wins court delay in data transfer ban

The Irish High Court granted a temporary stay on TikTok's China data transfer ban, pausing the DPC’s order while appeals are heard — a relief for engineering and compliance teams.

#Privado #DataPrivacy #PrivacyEngineering

Send us a text

In this episode of the Website Privacy Series, Ali Jessani, Counsel at WilmerHale, joins Privado.ai CEO Vaibhav Antil to unpack the biggest privacy risks facing U.S. websites in 2025. 

From CCPA enforcement in California to biometric settlements in Texas, this session breaks down where companies are getting it wrong and what you can do to avoid fines and lawsuits.

You'll learn:

• What’s triggering class actions under CIPA and the My Health My Data Act
• How regulators are interpreting older laws for modern tech like pixels and SDKs
• Why new rules from the DOJ mean even data storage locations matter now

Whether you're in legal, privacy, or marketing, this conversation will help you understand where website tracking and consent setups are falling short and what you can do to protect your company.

Send us a text

📢 Privacy Corner Newsletter: May 22, 2025

🔹 Meta’s AI Training Faces Legal Pushback –
Noyb challenges Meta’s use of public posts for AI under “legitimate interests,” citing GDPR violations, lack of transparency, and risks to data subject rights.

🔹 OpenAI Ordered to Retain Chat Logs –
A U.S. judge directs OpenAI to preserve all ChatGPT output, overriding privacy settings and regulations amid a copyright case brought by The New York Times.

🔹 Montana Expands Privacy Law Scope –
Montana’s revised privacy law lowers thresholds, strengthens protections for minors, and introduces profiling opt-outs and stricter enforcement with no cure period.

#privado #dataprivacy #privacyengineering #privacybydesign

Send us a text

📢 Privacy Corner Newsletter: May 8, 2025

🔹 Meta’s Court Challenge Rejected – The EU’s General Court dismissed Meta’s attempt to annul the EDPB’s 'consent or pay' opinion, stating it lacks binding legal effect. Meta also failed in its claim for compensation.

🔹 Todd Snyder Fined $345K Under CCPA – A broken cookie consent mechanism and excessive ID verification led the California Privacy Protection Agency to fine fashion retailer Todd Snyder and demand major privacy practice changes.

🔹 EDPB Approves Short-Term UK Adequacy Extension – The Board endorsed a 6-month extension to the UK’s adequacy decision, calling it a one-time move to allow the new Data (Use and Access) Bill to be finalized.

Send us a text

📢 Privacy Corner Newsletter: April 24, 2025

🔹 EU Fines Meta & Apple Under DMA – 

The European Commission hits Meta with a €200M fine and Apple with €500M for violating the Digital Markets Act. This challenges the future of “consent-or-pay” models across Europe.

🔹 UK Law Firm Fined Over Ransomware Handling –

ICO fines a UK law firm £60,000 for poor response to a ransomware incident. The breach left sensitive data inaccessible reaffirming that loss of availability is a serious privacy violation.

🔹 NOYB Criticizes GDPR Reform –

Max Schrems’ NOYB blasts the EU’s new procedural reform proposal, warning it could delay enforcement by 33 months and weaken GDPR’s effectiveness.

Send us a text

Privacy engineering is a growing field that requires a blend of regulatory knowledge and technical skills. Privacy engineers are tasked with collaborating across privacy and engineering teams to ensure compliance while maintaining technical excellence.

In this panel, experienced privacy engineers share how they built their expertise, overcame organizational challenges, and delivered tangible value across both privacy and engineering teams. Gain insights into how privacy engineering drives ROI while ensuring privacy compliance in a fast-evolving tech landscape.

Speakers: 
➡️ Alon Levy, Engineering Manager, Uber
➡️ Luke Oglesbee, Senior Software Engineer, Remitly
➡️ Saima Fancy, Senior Privacy Specialist
➡️ Nishant Bhajaria, Data Privacy Author and Executive

Send us a text

Privacy fines in adtech are skyrocketing, with regulators targeting non-compliant data sharing between marketers and partners. Many businesses still rely on outdated tracking methods, exposing them to legal and financial risks.

This panel shares the latest enforcement trends, the biggest compliance gaps in marketing data practices, and how privacy teams can enforce technical controls to mitigate risks. Learn actionable strategies to align adtech with evolving privacy laws and avoid regulatory penalties.

Speakers: 
➡️ Robert Bateman-Data Protection Consultant at KnowData Ltd, 
➡️ Daniel Goldberg-Partner, Privacy & Security Attorney at FKKS, 
➡️ Andrea Wheeler-Sr. Privacy Operations Manager at Quantcast, 
➡️ Rowena Lam-Sr. Director of Product, Privacy, and Data at IAB, 
➡️ Raashee Gupta Erry-Advisor & Consultant at Lucid Privacy