Welcome to “Last Week in Privacy!” Each week, OneTrust’s in-house privacy experts will give you the top international privacy industry highlights from last week.


Here’s a quick recap of last week’s top privacy industry headlines:

  1. California lawmakers have published a list of 45 different technical amendments to the California Consumer Privacy Act of 2018. Many of the amendments address drafting errors in the law, as it was drafted and passed within a matter of weeks, but the list also includes clarification on the definition of personal information and various exemptions to the law, clarification on when a consumer’s private right of action applies, the role of the attorney general and more. More substantive changes are expected to be deferred until the new year.
  2. Tech companies are pushing U.S. lawmakers for a federal U.S. privacy law that would overrule the California Consumer Privacy Act and give organizations more flexibility in handling personal information while also protecting privacy. According to reports, various consumer rights groups see this latest lobbying push as an effort to undercut the California law, while industry groups state that their true fear is that additional state laws like the CCPA would result in an unnecessarily complex patchwork of laws and that a federal law would create needed consistency. Either way, we can be certain that this is only the beginning of a long conversation about privacy regulation in the United States.
  3. The U.S. Federal Trade Commission has announced that it’s first hearings on competition and consumer protection in the 21st century will be held at Georgetown University in September. The event will be the first in a series of hearings this fall examining whether changes are needed to competition and consumer protection law and policy, and FTC enforcement priorities.
  4. The Danish Data Protection Agency has reported a spike in data protection cases since the GDPR came into effect, and expects to handle over 20,000 cases this year—a 400% increase from their annual average. The report states that the vast majority of cases involve complex questions from various organizations about data treatment and storage under the GDPR, and that roughly a thousand reports of security breaches involving hackers gaining access to personal data have been made.
  5. According to a survey conducted by the Reuters Institute for the Study of Journalism at the University of Oxford, third-party tracking cookies used by European news sites have declined 22% since the GDPR came into effect. The survey included 200 websites from seven different countries, and found that the UK and Spain saw the largest declines in cookie use.

That’s all for this week, be sure to join us next week for Last Week in Privacy.

Wanting more from our privacy team? Read Brian Philbrook and Andrew Clearwater’s latest posts in CPO Magazine and in IAPP The Privacy Advisor.