Welcome to this week’s Privacy XFN, curating the best reads at the intersection of data privacy and tech for better cross-functional outcomes. Coming in at slightly under 1,100 words, we’re covering TikTok users objecting to a $92M privacy settlement, Florida watering down a proposed privacy act, Apple CEO Tim Cook proclaiming privacy a top 21st-century issue, and more.

—The Transcend team

Lawyers for some TikTok users are objecting to a proposed $92M settlement over allegations TikTok illegally collected their data. The main concerns center on the size of the settlement and the notification method, which would be by email rather than through the app.


  • The proposed settlement of the class-action lawsuit could be doled out to as many as 89 million U.S. users.
  • Attorneys who crafted the settlement agreement warn that continued litigation will likely reduce the amount users get.
  • A federal judge is expected to rule on the objections on April 19.


The Florida Senate Rules Committee has removed the private right of action and other controversial provisions from the proposed Florida Privacy Protection Act, which is modeled on the California Consumer Privacy Act. In addition, the amended bill would apply only to companies that buy, sell, or share a significant amount of personal information on Floridians.


  • The Florida TaxWatch group estimates that the initial cost of compliance with the original bill would be $36.5B.
  • Propel Florida, which only lists a UPS box as an address, has spent $300K in lobbying to pass the privacy bill.
  • Having cleared the Rules Committee, the Senate version of the bill now goes to a full vote in the Senate. 


A message from TRANSCEND

How much is your company's privacy request program really costing?

Informed by real-world ROI modeling, our free calculator breaks down the variable, fixed, and unpredictable costs of manually processing GDPR & CCPA privacy requests.

Plus, get a customizable spreadsheet to model your company's specific scenario, and a free guidebook to help guide more strategic privacy conversations.

Apple CEO Tim Cook sees privacy as one of the top issues of the 21st century, according to an interview with Kara Swisher on New York Times podcast. He said that Apple's recent privacy policy changes are not designed to hurt Facebook but are a matter of "principle."


  • Apple's new privacy rule requiring apps to get iPhone users explicit consent to collect their personal data is set to take effect in the coming weeks with the next iOS 14 update 
  • Snap, the owner of Snapchat, is looking at a way to circumvent Apple's new privacy rule called "probabilistic matching."
  • Probabilistic matching takes data from companies that analyze ad campaigns and cross-references it against information Snap has on its own users in order to identify and track them.


Calculate the cost of privacy:

Try our new Privacy Request Cost Calculator to understand the costs of your privacy program, and to bring hard numbers to your next strategy conversation.

get a demo

Google has updated all of its main apps on Apple's App Store to comply with its privacy label requirement, which went into effect last December. Google first began adding privacy labels to its App Store apps in February. Google Photos was the last main app to get a privacy label.


  • Apple began requiring App Store apps to include privacy labels detailing their privacy policies and data collection processes in December.
  • When an App Store app is updated, it is required to add the label, so Google delayed updating its apps for months.
  • Popular Google apps on the App Store include YouTube, Gmail, Google Maps, Google search, and Google Chrome.


Amazon's advertising division stands to benefit from plans by Google and Apple to strengthen privacy rules, argues Digiday's Michael Waters. The changes are expected to benefit big publishers, a development that favors Amazon.


  • Even before the privacy changes, Amazon was doing well: 28% of ad budgets went to Amazon last year, compared with 22% to Google and 23% to paid social. 
  • Close to two-thirds of brands said that Amazon ads provide the highest return on investment, according to Feedvisor.
  • Amazon recently added Twitch to its advertising network to boost integrated advertising across its products.

DIGIDAY (sub. req.)

With the proliferation of new privacy laws, there's a growing sense of urgency to determine the return of investment (ROI) as compliance costs go up, argues Transcend's Ben Brook. Transcend has released a privacy request cost calculator to estimate the ROI for privacy programs that handle data subject requests (DSRs)The calculator assesses three categories: variable costs from each request, fixed costs for program maintenance, and non-calculated program risks, such as fines for non-compliance.


  • The calculator is an open-source tool so users can adjust formulas to suit their privacy programs.
  • It includes default values based on conversations Transcend had with industry professionals.
  • DSRs are likely to proliferate as more countries and U.S. states implement laws modeled after GDPR.
  • The calculator can be accessed by clicking on this link.


Rust, a programming language that has become popular with developers, is raising privacy concerns for leaking sensitive metadata in production builds. Rust retains usernames, home directories, and other sensitive information in production builds.


  • The privacy issue with Rust was first identified by a developer in 2017, but so far Rust has taken no action.
  • Rust was ranked first among the "most loved programming languages" according to a developer survey by Stack Overflow.
  • Google announced this week that it is supporting Rust for Android operating system development because of its memory safety guarantees.



  • Encrypted messaging app Signal is adding a privacy-focused cryptocurrency payment feature.
  • The Health Net data breach, which exposed confidential medical records, poses privacy risk to customers, argues Los Angeles Times columnist David Lazarus.
  • A group of 51 European digital rights organizations is urging the European Commission to ban facial recognition tools for mass surveillance due to privacy concerns.
  • The European Data Protection Board and the European Data Protection Supervisor are warning that vaccine passports need to have a legal basis so that data safeguards are required.

Transcend in 10 Mins:

Investing in your privacy infrastrucure? In this short on-demand demo, Transcend CEO Ben Brook walks through

Watch now

Privacy XFN is delivered to your inbox every Thursday morning and is sent by Transcend. We're an engineering company that makes it simple for companies to give their users control over their personal data. Learn more.