Privacy Roundup: Regulators Take Aim at Big Tech

Digital privacy is an ever-changing topic, with rules, regulations, and technology in constant flux-- it can be a lot to keep up with. Our monthly Privacy Roundup combines the most important privacy stories of the past month with expert analysis and Ensighten solutions, so you can keep your website compliant.  

The number of people and government entities looking at data privacy grows day by day. Major companies that have owned a good portion of the data landscape for years are continually coming under fire for their management and collection of data. Google Analytics is once again taking a hit, this time from Italy’s Data Protection Authority, and has been banned from Italy due to improper handling of EU user data and its transfer to the US. Meta, previously Facebook, is also consistently in the crosshairs these days as Ireland drafts a decision to halt the transfer of user data from the EU to the US via Facebook.

Analytics companies, advertisers, and social media platforms are rapidly finding themselves on the chopping block for their broad and uncontrolled data collection, storage, and sharing practices. Tiktok, for example, has been repeatedly hit with user data concerns and even recently saw an open letter from the FCC’s Brendan Carr stating that it should be removed from the Apple and Google app stores. Concerns continue to rise that a large volume of user data on the app is being collected and sent back to China without user knowledge or consent.

The regulatory bodies enacting these laws and enforcing their consequences are typically run by a state or country’s government, but it’s been shown that these governments around the world are also contributing to unsafe and unsecured tracking starting with their own websites. While it could be argued that a governing body tracking its users is more well-intended than an unknown user with malicious goals, it’s certainly not the kind of user privacy that the regulations they signed into law are trying to enforce.

Defending Your Organization from Privacy and Compliance Risks

It's important to keep not only your users safe, but yourself and your company as well when navigating the evolving landscape of digital privacy. If you’re looking to avoid finding yourself in Google or Meta’s position with countries banning your tools or your websites, it’s necessary to be proactive in getting a handle on the user data passing through your pages. Especially for sites doing business in the EU, confidence in your Consent Management Platform is key. Are you merely checking the boxes with a tool that doesn’t actually control intentional and unintentional data capture and hoping a regulator doesn’t come by to look under the hood, or are you truly controlling the enforcement of user consent and data passing through the pages? Are you even aware of the types of users, or non-users such as bot traffic, that are passing through your pages, clicking your ads, and sending data? All of these things fall under the purview of current and upcoming privacy regulations. All of these things cost you and your company money, and not knowing that they are compliant under the laws, secure to your servers, and legitimate in who they claim to be can leave a lot of questions and revenue on the table. Now more than ever is the right time to begin moving forward with solutions that properly protect you and your users by ensuring data privacy compliant, data security, and data validation.