After more than a year of negotiations, on March 25, 2022, the European Commission and the United States announced an agreement for a new Trans-Atlantic Data Privacy Framework. The new Framework will replace EU-U.S. Privacy Shield, which was invalided by the Court of Justice of the European Union (“CJEU”)’s Schrems II decision in July 2020. Since the Schrems II decision,…
Google recently announced several key changes to the upcoming “Data safety form” for Google Play, including: Required Timeline Extended to Submit Data safety form: Google extended the deadline from April 2022 to July 2022. Specifically, according to Google: July 20, 2022: All new apps and updates to existing apps must include a Data safety form. If an app fails to…
We may be a little late to Data Privacy Day but we are looking ahead at what a big year for privacy 2022 will be! Below is a timeline of some of the privacy events on the horizon that are on our radar. What is happening right now? Schrems II and Google Analytics: The Austrian DPA’s recent decision regarding the…
As we previously noted, iOS 15 rolled out several privacy-focused measures to users. For example, users may record their app activity and download a report on app metrics from the previous seven days, called the App Privacy Report. These metrics include, for example: 1) when apps access certain permissions on the device (e.g. microphone, location, camera, etc.) and 2) which…
Android will adopt iOS-like privacy nutrition labels, called the “Data safety form,” starting April 2022. And according to Google, apps that fail to comply with this upcoming requirement may be “subject to policy enforcement, like blocked updates or removal from Google Play.” While it may be tempting to just repurpose the iOS nutrition labels, Google notes “the Data safety form…
In April 2020, Apple rolled out the App Tracking Transparency (“ATT”) framework, prompting legal and development teams to identify apps that “track”, as defined by Apple, users or access the IDFA and implement the ATT framework accordingly. See here for the NT Analyzer blog post. Technically, if a consumer chooses to opt-out of tracking, the app should no longer “track”…
Apple recently released the latest version of its iPhone operating system, iOS 15. While iOS 15 currently has only a 15% adoption rate, the new operating system brings a slew of new features that are privacy-specific and can impact businesses. Privacy Reports The new App Privacy Report allows users to download a JSON file to see how apps are using…
Almost every website, mobile app, and IoT relies on third party code. More often than not, this necessary reliance results in undetected data leakage, which can result in regulatory action, litigation, and/or bad PR. What is third party code? Third party code in this instance, refers to code or SDKs that have already been created by other developers. The use…
According to the California Attorney General, consumers may now utilize a new technology called the Global Privacy Control (“GPC”) in order to opt out of a “sale” of personal information under the California Consumer Privacy Act (“CCPA”). The GPC, according to its website, was developed by “various stakeholders including technologists, web publishers, technology companies, browser vendors, extension developers, academics, and…
Google recently announced that beginning later this year, for Android 12, Android devices will “zero-out” the Google Advertising ID (“GAID”) for users who have opted out of tracking and personalized advertising. (In other words, using the “Opt out of Ads Personalization” settings). Specifically, according to Google: “This Google Play services phased rollout will affect apps running on Android 12 devices…