Tag Archives: Privacy Abbreviated

Part I: What does safety online really mean?



Increasingly, regulators and platforms are moving from a “privacy-first” mindset (think data minimization, parental consent, etc.) to a broader “safety‑by‑design for all minors” mindset (think age assurance, risk assessments, content/algorithmic controls), with real tensions around areas like autonomy and use of AI.

In part one of this two-part episode of Priv, Dona Fraser is joined by Izzy Neis of ModSquad to discuss this shift from privacy to safety, explore behind the curtain of how “safety online” takes shape in the real world, and break down how to operationalize ‘safety by design,’ including where things typically go wrong.

Chapters

00:00 Introduction to Privacy in Digital Spaces
02:49 The Importance of Child Safety Online
13:18 Mod Squad’s Role in Content Moderation
17:58 Challenges in Moderating Content for Kids
29:04 Design Mistakes Increasing Risks for Young Users
37:15 Conclusion and Future Considerations

Operational Realities in Tween Privacy



This is not just a conversation for those operating in the child or teen space. This conversation is for companies operating online. Full stop. 

Join host Dona Fraser and her returning guest, Morgan Reed, President of the App Association, as they focus this episode of Privacy Abbreviated on the constantly evolving ecosystem of protecting children and teens online. From verifiable parental consent, to age appropriate design, to language like “all platforms must provide..,” Dona and Morgan break down the state and federal laws and proposals that are impacting companies across the board. 

Key Takeaways

00:00 Introduction to Privacy Challenges for Children and Teens
02:47 Legislative Landscape and Its Impact on Businesses
05:43 Understanding Age Verification Requirements
08:58 The Cost of Compliance and Operational Challenges
11:45 Navigating Parental Consent and Data Collection
14:41 The Complexity of Age Definitions in Legislation
17:33 Risk Analysis for Businesses in a Changing Legal Environment
20:56 First Amendment Challenges and Broader Implications
23:49 The Burden on Small Businesses and Compliance Costs
26:47 The Role of Platforms in Age Verification
29:37 Future of Privacy Legislation and Business Practices
32:29 Global Perspectives on Age Verification and Compliance
35:45 Conclusion and Call to Action for Businesses


Please Don’t Copy and Paste: Getting Privacy Policies Right



 

Whether your company has 5 employees or 500, if you operate online, you’re collecting user data—and that means you must have a privacy policy. But having a privacy policy isn’t just a legal requirement; it’s a powerful statement of your company’s ethics and values. Done right, it reflects a genuine commitment to transparency, accountability, and user trust. Unfortunately, too many businesses treat it as just another box to check.

In this episode of Priv, host Dona Fraser is joined by Wills Catling, Director at Myna Partners, for a candid and comprehensive conversation on what it really takes to get a privacy policy right. Together, they unpack the critical elements of a strong policy—from risk management and accountability to opt-in vs. opt-out frameworks, cookie strategies, and how to navigate the patchwork of state, federal, and international regulations. 

Key Takeaways

00:00 Introduction to Privacy Policies
03:25 Understanding Internal Governance for Privacy
08:04 The Importance of Accountability in Privacy
11:32 The Role of Privacy Notices as Contracts
17:50 Distinguishing Accountability from Internal Controls
20:52 Training and Compliance in Data Privacy
27:27 Common Mistakes in Drafting Privacy Notices
32:10 Building Trust Through Transparency
36:03 Navigating Opt-In vs. Opt-Out Consent
40:31 The Future of Cookie Banners and User Consent
44:24 The Challenge of Obtaining Informed Consent
46:08 Creating Effective Privacy Policies

Additional Resources:


[REPLAY] Launching 2025: Global CBPR Forum



Last year, the U.S. Department of Commerce announced the establishment of the Global Cross-Border Privacy Rules (CBPR) and Global Privacy Recognition for Processors (PRP) Systems. In anticipation of its official launch this year, get caught up with a deep dive on the world of CBPRs with Priv host Dona Fraser and her guest Victoria Akosile, Deputy Director of BBB National Programs Privacy Initiatives.

This episode, which originally aired in May 2024, breaks down the “what you need to know” knowledge about the global CBPR system, quickly reviews the “how we got here” facts, and provides you with the “what do I do now” information you need, whether you are a data controller or data processor.

Key Takeaways:

  • (2:58) The CBPR framework establishes a unified set of privacy requirements, fostering international alignment for compliance. It serves as a benchmark for companies to ensure their privacy practices meet a globally recognized standard. By adhering to CBPR requirements, companies can enhance consumer trust and mitigate risks associated with data privacy non-compliance.
  • (8:05) Integration into the CBPR program enables companies to assess and fortify their privacy procedures. Participation facilitates a structured review process, identifying areas for improvement in privacy management. It empowers companies to adapt to evolving privacy regulations and consumer expectations, ensuring resilience against data breaches and regulatory penalties.
  • (13:47) CBPR and PRP certifications present an opportunity to revolutionize vendor management strategies. Companies can leverage certifications to vet vendors, selecting partners with robust privacy safeguards. Certification streamlines data transfers by providing assurance of compliant data handling practices across the supply chain.
  • (24:07) BBB National Programs acts as an accountability partner, aiding companies in obtaining CBPR and PRP certifications. Through collaborative engagement, BBB National Programs assists companies in navigating the certification process efficiently. Our expertise helps companies uphold high privacy standards, fostering consumer trust and regulatory compliance.
  • (33:11) The forthcoming Global CBPR Forum meeting in Tokyo anticipates widespread interest from nations seeking to join the framework and advance data privacy interoperability. The event serves as a platform for sharing best practices and fostering collaboration among participating countries. It underscores the global momentum towards harmonizing data protection regulations, promoting cross-border data flows while safeguarding individual privacy rights.

 


COPPA 3.0? Privacy Updates for Kids, Tweens and Teens



Join us for this episode of Privacy Abbreviated, where Dona Fraser is joined by Rukiya Bonner, Director, Children’s Advertising Review Unit, BBB National Programs to discuss a year in children’s privacy in review. Dona and Rukiya break down the FTC’s COPPA Rule revisions, what new legislation has been proposed, what those proposals mean for businesses (including consideration of teen users), and predictions on what could be coming next.

Dona and Rukiya’s conversation highlights the challenges of balancing privacy and safety, navigating targeted advertising, and the importance of proactive measures for companies operating in this space. Key takeaways emphasize the need for vigilance, transparency, and the adoption of best practices in privacy compliance.

Chapters

[00:00] Introduction to Children’s Online Privacy

[03:30] Current Legislative Landscape for Children’s Privacy
[06:03] Understanding COPPA in All Forms
[12:26] The Role of Safe Harbors 
[18:44] State-Level Privacy Laws and Their Implications
[23:55] Challenges in Balancing Privacy and Safety
[28:56] Navigating Targeted Advertising and Data Privacy
[37:38] Key Takeaways for Companies in the Children’s Space

Key Takeaways

  • The definition of a child is crucial in privacy discussions.
  • Legislative proposals are increasing but progress is slow.
  • COPPA 1.0 remains the law, with updates anticipated in 2025.
  • Verifiable parental consent is evolving with technology.
  • Safe harbors provide essential compliance support for companies.
  • State-level laws are creating a complex patchwork for compliance.
  • Balancing privacy and safety is a significant challenge.
  • Targeted advertising must comply with strict regulations.
  • Companies should prepare for the upcoming changes in legislation.
  • Engaging with third-party vendors is critical for compliance.