Google overhauls its cookie consent banner
The tech giant decided to update its cookie consent banner after receiving a EUR 150 million fine from France’s data protection authority, Commission nationale de l’informatique et des libertés (CNIL). The penalty was due to violations of cookie consent laws. The company will first roll out the update with YouTube and then expand it to its search engine. A single “deny all” button to opt out of all web tracking will be available for European users.
Source: IAPP, TechCrunch
Companies can still collect user data due to flaw in Apple’s ATT
iOS apps might still track users despite the assurance of Apple’s App Tracking Transparency (ATT). ATT requires app developers to get user permission before tracking activity across other apps or websites. According to researchers, the loopholes in the ATT framework could allow some companies that collect first-party data (e.g., Facebook and Google) to bypass security and further collect user data.
Source: IAPP, ARS Technica
Amendment bills for Virginia privacy law signed
Gov. Glenn Youngkin, R-Va., has signed three Virginia Consumer Data Protection Act (CDPA) amendment bills. The bills will take effect on July 1, 2022, which adds an exemption to the law’s authority to delete, direct penalties, expenses, and recovered lawyer fees to another fund instead of the Consumer Privacy Fund provision. The amendments will also include a reworking of the definition of nonprofit. The CDPA’s text is finalized before the January 1, 2023 effectivity date.
Source: IAPP, ByteBack Law
Connecticut’s privacy bill advances
Senate Bill 6 will advance after receiving a 35-0 vote from the Connecticut Senate. The legislation covers personal data privacy and online monitoring. It includes provisions for recognizing global opt-out processes, dark patterns, and creating data protection standards for data controllers and processors. The bill is set to take effect on July 1, 2023.
Source: IAPP, Connecticut General Assembly