Weekly Privacy News Update – Episode 27


Google overhauls its cookie consent banner

The tech giant decided to update its cookie consent banner after receiving a EUR 150 million fine from France’s data protection authority, Commission nationale de l’informatique et des libertés (CNIL). The penalty was due to violations of cookie consent laws. The company will first roll out the update with YouTube and then expand it to its search engine. A single “deny all” button to opt out of all web tracking will be available for European users.

Source: IAPP, TechCrunch

Companies can still collect user data due to flaw in Apple’s ATT

iOS apps might still track users despite the assurance of Apple’s App Tracking Transparency (ATT). ATT requires app developers to get user permission before tracking activity across other apps or websites. According to researchers, the loopholes in the ATT framework could allow some companies that collect first-party data (e.g., Facebook and Google) to bypass security and further collect user data.

Source: IAPP, ARS Technica

Amendment bills for Virginia privacy law signed

Gov. Glenn Youngkin, R-Va., has signed three Virginia Consumer Data Protection Act (CDPA) amendment bills. The bills will take effect on July 1, 2022, which adds an exemption to the law’s authority to delete, direct penalties, expenses, and recovered lawyer fees to another fund instead of the Consumer Privacy Fund provision. The amendments will also include a reworking of the definition of nonprofit. The CDPA’s text is finalized before the January 1, 2023 effectivity date.

Source: IAPP, ByteBack Law

Connecticut’s privacy bill advances

Senate Bill 6 will advance after receiving a 35-0 vote from the Connecticut Senate. The legislation covers personal data privacy and online monitoring. It includes provisions for recognizing global opt-out processes, dark patterns, and creating data protection standards for data controllers and processors. The bill is set to take effect on July 1, 2023.

Source: IAPP, Connecticut General Assembly


Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources