Home Data Privacy Roundup Being Proactive Is Good For Your Health – And For Privacy Compliance

Being Proactive Is Good For Your Health – And For Privacy Compliance

SHARE:
Comic: Cookie Doctor
Comic: Cookie Doctor

What do data privacy and protection have in common with prostate health?

More than you’d think.

Developing and managing a robust privacy program isn’t easy. But it’s better than getting fined by regulators, paying restitution, suddenly having to change one’s business model or delete algorithms developed using improperly collected data.

Prevention is the best cure.

“It’s no longer the time to hold your breath and hope everything will turn out all right,” said Jamie Barnard, CEO of privacy compliance software startup Compliant, during a virtual presentation last week about COPPA, child safety and the recent Adalytics reports.

“Forgive the analogy, but it’s like refusing to get your prostate checked,” Barnard said. “The experience probably brings tears to your eyes … but the problem won’t go away, and the longer you leave it, the worse it’s gonna get.”

The cure (not to be confused with The Cure)

And you don’t always get a do-over.

Yes, most privacy laws coming into effect in the US include cure provisions that give businesses a period of time – often 30 days but sometimes up to 90 days, depending on the statute – to deal with any alleged violations before facing penalties.

But that’s not the case everywhere.

There is no cure period under GDPR, for example. And the California Privacy Rights Act eliminated the 30-day cure window previously available under the California Privacy Protection Act, leaving it up to the California Privacy Protection Agency and the state’s attorney general to decide if businesses should be given an opportunity to fix the situation before getting hit with a fine or some other form of punishment.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Meanwhile, federal regulators are getting creative with their remedies.

If you’ve gots the poison, I’ve gots the remedy

Last year, the Federal Trade Commission ordered WW International (formerly Weight Watchers) to destroy any algorithms and AI models it had created that incorporated data gathered by Kurbo, its weight-loss app geared toward kids.

Comic: "It's privacy, safe, folks!"The FTC found that WW had collected data from children via Kurbo without parental consent, which is a violation of the Children’s Online Privacy Protection Act.

As part of its settlement, WW had to pay $1.5 million, but it was the algorithmic destruction, also known as disgorgement, that no doubt stung the most. (“Disgorgement” is the legal term for requiring a party to give up any profits they made as a result of wrongdoing or illegal activity.)

That’s what happens to tainted fruit, though. You’ve got to throw it away.

Algorithms trained on ill-gotten data simply “shouldn’t exist,” said Heidi Saas, a data privacy and technology attorney.

Not that perfect compliance is even possible.

Any business that thinks its data store is completely clean is “probably slightly deluded,” said Barnard, who spent more than 15 years at Unilever – including as general counsel for global marketing, media and ecommerce – before joining Compliant last year.

“The challenges of compliance are so difficult that there’s almost certainly a bunch of data in there that shouldn’t be,” Barnard said. “As a former lawyer, what I’m about to say might come as a surprise, but, frankly, unless you’re about to sink, I wouldn’t spend too much time bailing water out of the boat; I’d spend all my time trying to fix the leak.”

In other words, you can’t guarantee that you won’t develop prostate problems, but there are things you can do to bolster your general health. Perfect is the enemy of good. Oh, and don’t skip your physicals. That’s just good advice in general.

(Unrelated: Who wants to start a metal band with me called “Algorithmic Destruction”?)

As always, thanks for reading! Drop me a line at [email protected] to let me know what you think. Thanks, as well, for listening to our podcasts. We have two: The Big Story and AdExchanger Talks. Check them out if you’re in the mood. 🙂👂 And if you’re looking for more podcast recommendations, might I suggest this one.

Must Read

LG Electronics

Alphonso Shareholders Win Their Suit Against LG Electronics Over Corporate Board Drama

After being summarily booted from the board of LG Ads in late 2022, Alphonso’s founding team has won its lawsuit against LG Electronics.

Bye-Bye Sizmek! Amazon Advances Flashtalking And Smartly As Alternatives In Advance Of The Shutdown

According to emails seen by AdExchanger that were sent to Amazon customers this week, Amazon is officially naming integration partners to offload clients of the Sizmek ad suite, now the Amazon Ad Server.

2024 Promises More Premium Inventory – And Bigger Budgets – For In-Game Ads

Given the deprecation of third-party cookies and the reemergence of contextual targeting, 2024 could be a big year for in-game ads – so long as game publishers position themselves as a source of premium inventory.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

AdExchanger’s Top 3 Connected TV Newsletter Issues Of 2023

This was such a busy year in CTV land that we had to launch a dedicated newsletter just to keep up with all the trends, from measurement, currency, targeting and attribution to streaming data, identity, supply-path optimization and new ad formats – just to name a few.

M&A 2023: Ad Tech Deals Were Muted, But That Could Be A Mark Of Maturity

Who got bought in 2023, and who did the buying? Here’s a non-exhaustive list of some of the most notable ad tech M&A activity from this past year (with a few media and agency deals tossed in for good measure).

Comic: The Great Data Lakes

Snowflake Acquires Data Clean Room Startup Samooha

Snowflake has acquired Samooha, a startup that develops software to make clean room technology accessible to marketers who aren’t necessarily SQL wizards or data scientists.