Why it matters: Consumers are increasingly aware that companies share and sell their personal data in exchange for free services, but consumers' privacy concerns aren't translating into concrete action to protect their data.
Federal preemption of state laws will be the sticking point to watch as the debate over national privacy rules proceeds in Congress, lawmakers made clear this week.
Why it matters: State lawmakers aren’t waiting for the feds to get their act together. There are many privacy bills floating around statehouses nationwide — and next year California will implement a sweeping law it has already passed.
TikTok, a short-form video app owned by Chinese tech giant Bytedance, has agreed to a $5.7 million settlement with the U.S. Federal Trade Commission for illegally collecting personal data from children.
Why it matters: It's the largest settlement from a violation of The Children's Online Privacy Protection Act (COPPA) in the law's 20+ year history. While $5.7 million may seem small, it's significantly larger than the next biggest COPPA violation, which resulted in a $3 million settlement by Disney-owned social games studio Playdom in 2011.
Lawmakers who will play key roles in writing a national privacy law may tip their hands at a series of hearings this week.
Why it matters: Industry groups have been pushing Congress to take action that would override a growing number of state privacy laws, led by regulations set to go into effect in California next year.
A full 81% of consumers say that in the past year they've become more concerned with how companies are using their data, and 87% say they've come to believe companies that manage personal data should be more regulated, according to a survey out Monday by IBM's Institute for Business Value.
Yes, but: They aren't totally convinced they should care about how their data is being used, and many aren't taking meaningful action after privacy breaches, according to the survey. Despite increasing data risks, 71% say it's worth sacrificing privacy given the benefits of technology.
Facebook says it's updating the location settings on its Android app to give people more choice and transparency over how the tech giant collects and stores location data.
Why it matters: The platform faced blowback from users and the press last spring after it was reported that Facebook's app scraped call and text message data for years from Android phones.
The Government Accountability Office, which gives nonpartisan advice to Congress, said in a report released Wednesday that "this is an appropriate time for Congress to consider comprehensive internet privacy legislation."
Why it matters: The finding adds fuel to calls for a national privacy law, as state and foreign regulators crack down on data-hungry companies like Google and Facebook.
Cisco called for a different kind of privacy regulation debate in the U.S in a blog post on Thursday.
The big picture: Other companies have called for privacy regulations before — Facebook and Apple come to mind. But the debate has focused in no small part on Facebook and Google-style business models involving data brokerages and ads. Cisco's new call is largely concerned with everything else.
The roughly $57 million fine French regulators leveled on Google Monday is the first real test of how aggressively Europe's sweeping privacy rules will force change at U.S.-based tech giants.
Why it matters: The European General Data Protection Regulation (GDPR) has sparked an urgent effort to pass a national online privacy law in Washington. And state lawmakers are attempting to create their own regulations, too.
A data-privacy agency for France said Google was in violation of the EU's General Data Protection Regulation and will be fined nearly $57 million, the Washington Post reports.
Details: The agency said Google failed to fully disclose to users how their data is collected and what happens to it. In addition, the agency said Google made it too difficult for users to understand and manage preferences on how their personal information is used, especially in regards to personalized ads. Both are in violation of GDPR.