Skip to main content

How data privacy can affect consumer goods

By and Insights

Almost every website, mobile app, and IoT rely on third party code. But more often than not, this necessary reliance results in undetected data leakage, which can result in regulatory action, litigation, and/or bad PR. For example, let’s say you’re developing a delivery-service mobile app where customers can track drivers in real-time on a map within the mobile app. Rather…

Read More

iOS 14.5 and ATT Framework Coming to an App Near You

By and Insights

On April 26, 2020, iOS/iPadOS/tvOS 14.5 and the enforcement of the AppTrackingTransparency (‘ATT’) go into effect. This means legal and development teams alike must be ready to: Identify those apps that either “track,” as defined by the privacy requirements, users or access the IDFA, and implement the AppTrackingTransparency (“ATT”) framework accordingly. NT Analyzer’s downloadable report and designated module for iOS…

Read More

NT Analyzer Navigates Virginia’s New Privacy Law

By and Insights

Virginia recently enacted its own data protection/privacy law and like its European and Californian predecessors, the technical piece is key. Requirements Like the GDPR and CCPA, the Consumer Data Protection Act (“CDPA”), which goes into effect on January 1, 2023, broadly defines “personal data” as “any information that is linked or reasonably linkable to an identified or identifiable natural person.”…

Read More

Google Privacy Sandbox Won’t Support Alternate Identity Solutions

By and Insights

Google will not use alternate identity solutions to track users online after third-party cookies are phased out in 2022.  Instead, Google plans to rely on Privacy Sandbox, which preserves privacy for consumers while still enabling publishers and advertisers to target their ads.  (See A More Privacy First Web.) NT Analyzer catalogs all collected and disclosed data, identifying relevant risk in…

Read More

iOS: IDFA/ Tracking Opt-In: What You Should Know

By Insights

It looks like a date has been set for iOS 14’s required opt-in for “tracking” through Apple’s AppTrackingTransparency Framework, which includes opt-in for the IDFA … kind of? According to Apple, “[t]his requirement will roll out broadly in early spring…” (see Data Privacy Day at Apple). The NT Analyzer Take Although Apple has trumpeted this as a victory for end-user…

Read More

Solving Apple’s New App Privacy Requirement

By and Insights

Starting December 8, 2020, Apple will require developers to provide extensive, granular information about their app’s privacy practices, such as the type of data collected from users, third party data usage, and specific purpose of collection. Presumably, the failure to disclose this detailed information to Apple will get new apps and updates to existing apps blocked from the app store….

Read More

101 Problems and Schrems Ain’t One

By and Insights

Eureka! After burning the midnight oil, we’ve built an automated scanner to identify and sort the Schrems II risk of data flows for further legal handling. The scanner uses more than 20 different data points derived from network metadata to scan and classify data flows based on mass surveillance risk under the NSA’s so-called “Upstream” and “Downstream” data collection programs….

Read More

From the Development Laboratory: Schrems II and Detection of Cross-Border Data Transfers

By and Insights

The Court of Justice for the European Union (CJEU) recently issued an opinion (Schrems II) that invalidated the US-EU Privacy Shield. This presents the obvious technical question, “which of my data transfers are to the US?” For global companies operating in Europe and for EU-based companies, the answer is probably surprising.  It is almost impossible to operate a global business…

Read More