Data Privacy Happenings 📰

Hello from MineOS's monthly newsletter, The Privacy Mindset! 👋

Thanks to how progressive and ambitious the GDPR was when it came into effect in 2018, as well as its influence on so many other data privacy regulations globally in the years since, the EU has entrenched itself as the epicenter of data privacy and protection.

The effects and influence of the GDPR can't be understated, but one thing that has left something to be desired is its enforcement. 

On the other side of the Atlantic, the United States has traditionally lagged behind on many data compliance matters. The country still lacks comprehensive national data privacy regulation, and has struggled for years to gain an adequacy decision for data transfers to Europe until this summer's green light.

Despite those flaws and the decentralized grab bag of data privacy laws on the books throughout the country, American enforcement has actually been rather strong. 

The Federal Trade Commission (FTC) has maintained a firm position of valuing data privacy in the past half decade, launching numerous investigations into consumer-unfriendly things like dark patterns and health breach notifications.

The FTC has also amassed a somewhat daunting list of companies receiving fines for data privacy violations, from getting over $700 million out of Meta in 2019 to over $500 million from Epic Games last year over violations to the Children's Online Privacy Protection Act. 

The agency has also changed the discourse around data breaches and responsible data protection by taking action directly against former Drizly CEO James Cory Rellas for his role in a major data breach that occurred while he headed the company.

Without a comprehensive national law, the FTC won't have wide-ranging enforcement power, but it has acquitted itself well in the fight for data rights and privacy, which cannot be consistently said about EU regulators.

Product Spotlight 🔦

The team at MineOS knows that cybersecurity and data privacy often go hand-in-hand, which is why we're always looking for features that strengthen the platform's security.

That's why we've released a session tracker that prominently displays a list of recent sign ins. This should help companies stay on top of who's using the platform internally and ensure no one externally accesses their MineOS account.

Regulation Focus 🔬

Texas's Data Privacy & Security Act Section 541 002

"APPLICABILITY OF CHAPTER. (a) This chapter applies only to a person that:

(1) conducts business in this state or produces a product or service consumed by residents of this state;

(2) processes or engages in the sale of personal data; and

(3) is not a small business as defined by the United States Small Business Administration, except to the extent that Section 541.107 applies to a person described by this subdivision."

Texas just passed its own comprehensive data privacy act, and as one of America's biggest economies and most populous states, the Texas Data Privacy and Security Act (TDPSA) is going to get a lot of attention.

One of the most unique things about the bill is its applicability threshold, which deviates from nearly all the other states in not setting an annual revenue threshold or the amount of citizens a company processes data on as the major determiner of which businesses need to comply.

Typically states would implement something like a floor of processing the data of at least 250,000 people within the state as a compliance threshold, but Texas has made things broader, which could end up meaning TDPSA applies to a higher percentages of businesses within Texas compared to other states.

As always, the carveout for small businesses ensures the law is not too odious for the vast majority of companies with under 100 employees, which could turn out as a nice compromise for future states setting applicability thresholds. 

This is a trend to watch.

Founder's Corner 🎙️

CEO & co-founder Gal Ringel

Q: What is a book that has had a strong impact on your business career and what lesson did you take from it?

A: Zero-to-One by Peter Thiel.

This lesson will always guide my thinking as a CEO, especially now with a surge of new AI-powered technology: "The most valuable businesses of coming decades will be built by entrepreneurs who seek to empower people rather than try to make them obsolete."

Webinars & Events 📅

Stay tuned and keep an eye on our social channels for announcements about our August webinars!

In the meantime, check out our CTO & Co-founder Gal Golan on the EM360 podcast discussing how AI impacts and can potentially advance the data privacy industry.

Talk about

data privacy

with us:

press@saymine.com 

How did you like this month's issue?