CDP Institute

Tanzania recently passed the Personal Data Protection Act and became the fourth East African Community (EAC) country after Kenya, Uganda, and Rwanda to have a data protection law. Privacy advocates welcomed the news but have concerns about some aspects of the bill including whether Tanzania’s yet-to-be-established Data Protection Commission would be able to act impartially, whether data subjects would be given power of consent, and how security breach notifications will be handled. But, nevertheless, it’s viewed as a good step forward.

Plans are reportedly underway at Twitter to get past the niceties of allowing users individual privacy preferences and instead use a single-option “yes” consent pop-up to force users to consent to ad targeting, location data capture, and third-party data brokering. The facts that this: 1) would likely violate laws including GDPR, CPRA, and CCPA, 2) could trigger a Federal Trade Commission (FTC) enforcement action, and 3) would be incompatible with Apple privacy rules, seems to worry new owner Elon Musk not at all.

Comcast Xfinity, which serves 32 million households, surveyed 1,000 individuals and found that in comparison with their last survey in 2020, the number of connected devices has gone up 25% since before the pandemic and that smart home device shipments are now estimated at $306.3 billion. However, consumers are not practicing cyber-safe behavior. In fact, that significantly decreased since Comcast’s last survey and the report noted that more cyber-safe education is needed.

NetChoice, a tech industry group that includes Amazon, AOL, Google, Meta, and TikTok, has sued to block California’s Age-Appropriate Design Code (AADC) law, which is set to come into effect in 2024.  California’s AADC is the first privacy-by-design law in the United States and is based on the UK’s AADC.  California AADC would require tech companies to put in place more protections to keep children safe online, including making sites more user-centric and transparent. The law also proposes raising the age threshold above 13 years, which is what the federal... Read More >

This agreement between the 38 OECD countries and the European Union is a commitment to use common standards and safeguards to protect privacy and human rights particularly when accessing data for national security and law enforcement purposes.

The draft now enters a four-step process to proceed to the formal adoption stage.

Launching January 1, the phased rollout looks to address demand for digital sovereignty in the period before the EU-US Data Privacy Framework agreement is resolved.

There’s a long tradition of privacy policies being bogged down in legalese and getting consent, not by effectively explaining relevant information, but by frustrating intended users who may decide to accept terms even if they don’t understand them. But now the game company, King has gamified their privacy policy process. Their game, Privacy Saga, provides leveled play and a concluding quiz for people to learn, then test their knowledge – brava!

The European Data Protection Board (EDPB), which includes all the EU regulators, has ruled Facebook and Instagram (owned by Meta) can’t require accepting targeted ads as a condition of joining the network. If leaked details of the ruling are correct and this practice is deemed in violation of the General Data Protection Regulation (GDPR), the decision would have broad impact well beyond Meta. This is because it would limit companies from using data they directly collect on their own site.

Elon Musk’s Twitter purchase prompted widespread concern about what data he’d access, share, and protect. Subsequent news has alarmed privacy advocates. Now, an Adalytics’ study reveals that web crawler data from 70,770+ websites may be available through Twitter thanks to an ad pixel (called Pixel) which puts data from businesses, governments, organizations, hospitals, and users at broad risk unless a Restricted Data Usage (RDU) setting is activated – and the study found most times it’s not.

Morocco’s National Commission for the Control of the Protection of Personal Data (CNDP) has launched “Koun3labal,” a platform designed to help raise awareness of privacy risks particularly to women and children in Morocco and Africa. The platform provides guidance as well as resources and games to help educate through engagement. This is part of an ongoing effort by the CNDP to protect private data, including entering into recent partnerships internally in Morocco with other agencies and externally with the countries of Chad and Niger.

A cross-section of leading brand marketers, including over a third at the VP and C-suite level, see a crisis in consumer trust and they’re turning to first-party data to shore up relations. They cite transparency as crucial and are testing new ID solutions and ad partnerships as part of their proactive strategy.