Send us a text 📢 Privacy Corner Newsletter: May 8, 2025 🔹 Meta’s Court Challenge Rejected – The EU’s General Court dismissed Meta’s attempt to annul the EDPB’s 'consent or pay' opinion, stating it lacks binding legal effect. Meta also failed in its claim for compensation. 🔹 Todd Snyder Fined $345K Under CCPA – A broken cookie consent mechanism and excessive ID verification led the California Privacy Protection Agency to fine fashion retailer Todd Snyder and demand major privacy practice chang...

Send us a text 📢 Privacy Corner Newsletter: April 24, 2025 🔹 EU Fines Meta & Apple Under DMA – The European Commission hits Meta with a €200M fine and Apple with €500M for violating the Digital Markets Act. This challenges the future of “consent-or-pay” models across Europe. 🔹 UK Law Firm Fined Over Ransomware Handling – ICO fines a UK law firm £60,000 for poor response to a ransomware incident. The breach left sensitive data inaccessible reaffirming that loss of availability is...

Send us a text Privacy engineering is a growing field that requires a blend of regulatory knowledge and technical skills. Privacy engineers are tasked with collaborating across privacy and engineering teams to ensure compliance while maintaining technical excellence. In this panel, experienced privacy engineers share how they built their expertise, overcame organizational challenges, and delivered tangible value across both privacy and engineering teams. Gain insights into how privacy engine...

Send us a text Privacy fines in adtech are skyrocketing, with regulators targeting non-compliant data sharing between marketers and partners. Many businesses still rely on outdated tracking methods, exposing them to legal and financial risks. This panel shares the latest enforcement trends, the biggest compliance gaps in marketing data practices, and how privacy teams can enforce technical controls to mitigate risks. Learn actionable strategies to align adtech with evolving privacy laws and ...

Send us a text Privacy Corner Newsletter: April 10, 2025 🔹 EU Advocate General Backs Conditional Consent – A new opinion from the EU’s top legal advisor says offering a newsletter in exchange for personal data can be lawful, as long as users are informed and the service is genuinely optional. 🔹 CCPA Narrows Scope of ADMT Rules – California’s privacy regulator has clarified that targeted advertising does not count as automated decision-making under the CCPA, easing compliance pressure on busin...

Send us a text ▶ UK ICO Investigates TikTok, Reddit & Imgur – The UK’s privacy regulator is investigating TikTok’s content recommendations for minors and Reddit and Imgur’s age verification measures, signaling a crackdown on children’s data protection. ▶ CJEU Clarifies ‘Meaningful Information’ in AI Decisions – The EU’s top court ruled that companies using automated decision-making must provide clear, intelligible explanations of how personal data influences outcomes, even ...

Send us a text As AI and LLMs become deeply embedded in products, privacy leaders must move fast to address privacy, security, and ethical risks. In this episode, industry experts share their hands-on strategies, lessons learned, and best practices for: ✅ Building AI governance frameworks that scale ✅ Managing compliance with GDPR, CCPA, and emerging regulations ✅ Addressing security risks in AI-driven products ✅ Navigating ethical challenges in automated decision-making ✅ Mitigating third-pa...

Send us a text Leading privacy experts discuss why trust-based compliance is no longer enough and how product-driven privacy is the key to scalable compliance. Here's what the Keynote covers: 🔹 Why teams can no longer rely on trust-based privacy mechanisms 🔹 How product privacy management enables evidence-based privacy and compliance at scale 🔹 Lessons from HP & Grindr on moving to evidence-based privacy 🔹 Privado.ai’s roadmap and vision for product privacy management Huge thanks to Aar...

Send us a text Privacy Corner Newsletter: February 13, 2025 🔹 EU’s AI Act Guidelines Clarify Compliance Risks – The European Commission releases two sets of AI Act guidelines, breaking down the definition of AI systems and outlining nine prohibited AI practices, including emotional manipulation and biometric categorization. 🔹 UK’s Secret Demand for Apple’s Encrypted Data – The UK government issues a confidential order under the Investigatory Powers Act, demanding Apple create a ...

Send us a textPrivacy Corner Newsletter: Jan 30, 2025By Robert Bateman and Privado.aiIn this edition:▶ UK Court Ruling: Invalid Consent in Gambling CaseA UK gambling firm unlawfully tracked users for marketing, despite their supposed consent. The court ruled that consent must be informed, freely given, and valid, emphasizing the importance of assessing users’ ability to provide meaningful agreement—especially in vulnerable groups.▶ Google’s RTB System Accused of Sharing Data with China & ...

Send us a textPrivacy Corner Newsletter: Jan 16, 2025In this edition:▶ European Commission must pay damages for Facebook Login feature violation▶ Texas sues Allstate under new privacy law for illegal data collection▶ CJEU rules gender data collection not lawful for personalization under ‘contract’ basis

Send us a textPrivacy Corner Newsletter: January 2, 2025In this edition:▶ OpenAI faces penalties for GDPR breaches linked to ChatGPT, including transparency failures and inadequate age verification.▶ California Privacy Protection Agency settles with two more data brokersPayDae and The Data Group fined for failing to register under California’s Delete Act, with further enforcement anticipated.▶ Google will permit device fingerprinting starting February 16, 2025, despite ICO objections.Before w...

Send us a textPrivacy Corner Newsletter: December 19, 2024In this edition:The Irish DPA fines Meta €251 million over a 2018 data breach, the Dutch DPA fines Netflix €4.75 million for transparency failings, and the French DPA cracks down on non-compliant cookie banners.▶ Irish DPA fines Meta €251 million over 2018 data breachThe fine follows a breach affecting 29 million Facebook accounts. The DPC found violations of GDPR’s data protection by design, breach reporting obligations, and more.▶ Du...

Send us a textPrivacy Corner Newsletter: Dec 5, 2024In this edition:The FTC proposes orders targeting sensitive data misuse, Australia bans kids from social media, and noyb gains new powers for collective GDPR actions.▶ FTC targets sensitive location data misuse in proposed orders:Gravy Analytics and Mobilewalla face sanctions for selling sensitive location data, including segments like “New Parents” and “LGBTQ+ Community.”▶ Australia bans kids from social media and reforms privacy laws:New l...

Send us a textPrivacy Corner Newsletter: November 21, 2024▶ German Court Opens the Door to Mass Data Breach Lawsuits:Germany’s Federal Court rules that "loss of control" over personal data qualifies for damages under GDPR Article 82—no proof of distress or financial loss required.▶ Meta’s ‘Unskippable Ads’ Solution Gains EDPB AttentionMeta launches a free tier with ads using minimal data and unskippable formats in response to EU demands.▶ Cyber Resilience Act Imposes New Rules on Digital Prod...

Send us a textPrivacy Corner Newsletter: November 7, 2024In this edition, we dive into the latest updates on GDPR fines, data broker enforcement, and the EU-US Data Privacy Framework review:▶ Ireland fines LinkedIn €310 million, six years after a complaint—with full EDPB support:The Irish DPC issues a €310 million fine against LinkedIn for GDPR violations, marking a significant shift in enforcement under new leadership.▶ California prepares for a data broker enforcement sweep:The California P...

Send us a textPrivacy Corner Newsletter: October 24, 2024This week, we dive into the UK’s resurrected data reform bill, ePrivacy Directive guidelines, and a new complaint against Pinterest. ▶ Back from the Dead: Comparing the UK’s New and Old Data Reform BillsThe UK has introduced a new Data (Use and Access) Bill (DUAB), which incorporates several proposals from the previously scrapped Data Protection and Digital Information Bill (DPDIB). The DUAB revives and reshapes key provisions, suc...

Send us a textPrivacy Corner Newsletter: October 10, 2024▶ Court ruling on credit card data: The UK tribunal rules that credit card numbers alone may not always qualify as personal data, challenging the ICO’s interpretation. This decision could reshape how companies assess their data protection obligations after a breach. How will this impact your approach to classifying sensitive data?▶ EDPB clarifies processor responsibilities: New guidance outlines the extent to which controllers are accou...

Send us a textPrivacy Corner Newsletter: September 26, 2024This week’s Privacy Corner highlights key developments in EU data protection:▶ French CNIL: New guidelines set to affect over 10,000 mobile app developers; enforcement sweep scheduled for Spring 2025.▶ UK ICO: Issued a reprimand to SkyBet, marking their most significant cookie action to date; 99% of top websites now comply with cookie regulations.▶ EU Advocate General: Emphasized the need for clear and concise explanations of automate...

Send us a textPrivacy Corner Newsletter: September 5, 2024This newsletter covers key privacy developments, including:▶ Uber's €290 Million GDPR Fine: The Dutch DPA fined Uber for failing to use appropriate safeguards when transferring personal data from its EU entity to the US, despite Uber's claim it wasn't necessary. This case highlights the confusion around international data transfers under GDPR.▶ Swedish Pharmacies Fined for Using Meta Pixel (Even with Consent): These pharmacies demonstr...