Weekly Privacy News Update – Episode 22


Major privacy updates coming to Google Analytics

Google unveiled upcoming changes to Google Analytics, with a focus on user privacy and regulatory compliance. The tech giant will phase out Universal Analytics by July 2023 and replace it with Google Analytics 4, which includes built-in privacy features. Google Analytics 4 will no longer store IP address information.

Source: IAPP, AdExchanger

Lawmakers keeping an eye on CPPA developments

The California Privacy Protection Agency (CPPA) is looking to hire as it prepares to start rulemaking and enforcement. However, privacy advocates challenge if the agency’s $10 billion annual budget is sufficient to regulate how big tech companies collect and use data. Executive Director Ashkan Soltani commented that establishing the agency is “easily the most difficult thing I’ve done in my life, but also I think potentially the most impactful.”

Source: IAPP, NY Times

Attorney General seeks comments for Colorado Privacy Act rulemaking

The Colorado attorney general’s office is soliciting preliminary comments regarding the Colorado Privacy Act rulemaking. The office requests comments on topics such as consumer rights, universal opt-out, data brokers, profiling, consent, and enforcement. The initial comments will not be in the rulemaking record. Public hearings will be scheduled by the attorney general after the proposed regulations are prepared. According to Attorney General Phil Weiser, the Notice of Proposed Rulemaking will likely be posted in fall 2022.

Source: IAPP, COAG.gov

Meta faces EUR 17 million penalties from Irish DPC for 2018 data breaches

The Irish Data Protection Commission (DPC) issued EUR 17 million fine to Meta Platforms for 12 data breaches that happened from June to December 2018. An investigation by the DPC revealed that Meta violated Articles 5 and 24 of the EU General Data Protection Regulation by failing to have appropriate “technical and organizational measures” in place. Two European supervisory authorities raised objections but a consensus was eventually reached.

Source: IAPP, Irish DPC

Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources