Published:

Privacy and Data Privacy News for August 2024

General

Photo of author

Donata Stroink-Skillrud

Co-founder and President of Termageddon

privacy news for august

Welcome to privacy news for the month of August!

This month, we interviewed privacy attorney Darin Moore on Privacy Lawls. We discussed the US privacy law landscape, including why we don’t have a comprehensive federal privacy law, the focus of state privacy laws, and what we hope to see for the privacy industry in the future. Listen to the episode here. We hope that you find this newsletter helpful for staying up to date with the myriad changes in the privacy field!

What’s new in privacy? 

Below are some of the most notable news in privacy from this month: 

  1. Rhode Island passes privacy law. On June 29, 2024, the legislature of Rhode Island passed the Rhode Island Data Transparency and Privacy Protection Act (DTPPA). The DTPPA is a unique privacy law in that it requires any business that collects the personal information of residents of Rhode Island to have a Privacy Policy. This privacy law also expands on this requirement to require larger businesses to provide privacy rights to residents of the State. Read the Compliance Guide here.  
  2. Google backs out of plan to phase out third-party cookies. Google has revealed that it will no longer pursue its plan to cut off support for third party cookies in Chrome. As an alternative solution, Google is proposing to offer a new experience that allows individuals to select the cookies that they would like to be tracked by within Chrome. Learn more here. 
  3. Walmart sued for alleged violations of the Video Privacy Protection Act. A class action lawsuit has recently been filed alleging that Walmart violated the VPPA by sharing details of customers’ identities and the titles of videos that they purchased with Meta through the Meta Pixel. The plaintiffs are seeking statutory damages of $2,500 per class member. Read more here. 
  4. Olympics’ AI security prompts backlash. The Paris Summer Olympics are including the rollout of algorithmic video surveillance, an AI-event security technology that uses machine learning to analyze video footage to detect and even predict threats and other anomalies. Privacy advocates have stated that the technology’s use can cause a threat to civil liberties and introduce privacy violations and issues. Learn more here. 
  5. Oracle reaches $115 million privacy settlement. The settlement was in response to a lawsuit claiming that Oracle was building detailed dossiers about individuals with whom it had no first-party relationship. As part of the settlement, Oracle will also be decommissioning certain ad-tech products and will automatically delete its customers’ data once its obligations are met. Read more here. 
  6. FTC orders companies to provide information on “surveillance pricing” strategies. The Federal Trade Commission asked 8 companies to provide more information on their practices of charging different consumers different prices for the same goods. This pricing strategy uses consumer data, including credit information, location and browsing history to provide different pricing to different consumers. Learn more here. 
  7. Meta given weeks to tell EU consumer protection authorities how it will fix “pay or consent”. The Consumer Protection Cooperation Network is concerned about a choice that Meta has forced on individuals where individuals either accept being tracked for behavioral advertisements or pay monthly subscriptions to Meta. Meta has until September 1, 2024 to respond and propose solutions to its pay or consent model. Regulators have stated that if Meta does not resolve these concerns, the authorities can decide to take enforcement measures, including sanctions. Read more here. 
  8. Italy’s competition and consumer watchdog investigates Google. The watchdog is investigating Google under allegations that the request to consent to Google tracking an individual is linked to multiple services and is accompanied by incomplete and misleading information. Learn more here. 
  9. AT&T says data from 109 million US accounts was downloaded illegally. AT&T has announced that it was subject to a massive hacking incident as data from approximately 109 million customer accounts was illegally downloaded in April. The hack exposed records of calls and texts from 2022. Read more here. 
  10. Citi Bank fined $136 million for failing to fix data issues. The fine stems from failing to make sufficient progress on fixing data management issues that were identified in 2020. The fine stems from a previous fine of $400 million that was imposed in 2020 after regulators identified ongoing deficiencies in risk management and internal controls, including data quality management. Learn more here. 

What privacy bills are we tracking? 

As part of our service, we keep track of privacy bills that would affect the way Privacy Policies are written. Below is our most recent list of privacy bill proposals in the United States. You can access the privacy bill tracker any time on our blog.

Georgia – GA HB798;

Georgia – GA S473;

Hawaii – HI SB1110/HB1497;

Hawaii – HI SB 974;

Hawaii – HI S 3018;

Illinois – IL HB3385;

Illinois – IL SB3517;

Kentucky – KY S 15;

Kentucky – HB24;

Louisiana – LA HB947;

Massachusetts – MA HD2281/SB745;

Massachusetts – MA HD3263/SD1971;

Massachusetts – MA HD3245

Michigan – MI SB659

Minnesota – MN SF950;

Minnesota – MN HB2309;

Nebraska LB 1294;

New York – NY S2277;

New York – NY SB365;

New York – NY SB3162;

New York – NY AB4374;

North Carolina – NC SB525;

Oklahoma – OK HB1030;

Pennsylvania – PA HB708;

Pennsylvania – PA HB1201;

Pennsylvania – PA HB1947;

Rhode Island – RI H7787;

Vermont – VT HB121

Vermont – VT SB 269

Washington – WA HB1616;

West Virginia – WV HB5112;

Events

Here are some great virtual events that you can attend to learn more about the hottest issues in privacy and meet other privacy professionals: 

  1. Data Privacy Fundamentals in the Age of AI – August 6, 2024
  2. The Evolving Landscape of Privacy Enhancement Technologies – August 13, 2024
  3. New Jersey Data Protection Act: What to Know – August 22, 2024.

Can’t get enough of privacy news and stories? You can check out the Termageddon blog here or our podcast, Privacy Lawls.

Photo of author
About the Author
Donata Stroink-Skillrud

Donata is the Co-founder and President of Termageddon and a licensed attorney and Certified Information Privacy Professional. She serves as the Vice-Chair of the American Bar Association's ePrivacy Committee and the Chair of the Chicago Chapter of the International Association of Privacy Professionals.

Search the Site
Popular Articles
Browse by Category

Comparing Policy Generators

Cookie Consent Banner

Cookie Policy

Culture

Disclaimer

EULA

How To's

Privacy Policy

Terms of Service

Subscribe for Updates