Welcome to this week’s Privacy XFN, curating the best reads at the intersection of data privacy and tech for better cross-functional outcomes. We’re covering Apple's new privacy features, lingering concerns about Amazon's Sidewalk network, a Facebook commissioned research piece that says Europe's data privacy rules will hurt businesses and citizens, and more.

—The Transcend team

Apple announced a series of new privacy features at its Worldwide Developers Conference earlier this week. Apple's iOS 15  which is scheduled to be released in the fall  will provide users with a privacy report informing them of what data is being collected by apps.


  • The tech giant also announced "private relay," which will conceal the web browsing activity of users on Safari from Apple, internet providers, and advertisers. Users will have to pay for this feature.
  • However, the feature won't be available in several markets, including China, due to regulatory concerns. The Asian nation makes up 15% of Apple's revenue.
  • While Apple has often emphasized the importance of privacy, this is the latest concession it has made to China.
  • Apple's Mail app will have enhanced privacy protections to hide the identity of users when they open newsletters.


Amazon launched its Sidewalk network on Tuesday, which has generated privacy concerns. The network will link Alexa and Ring devices within a neighborhood and is designed to strengthen connectivity. Amazon has said any data shared between devices will be encrypted.


  • Amazon gave users the option to opt-out before the launch of Sidewalk, and they'll still be able to do so after Tuesday's rollout.
  • Some experts argue that users who are satisfied with the privacy settings on their devices have nothing to fear due to Amazon's strong emphasis on security.
  • However, others argue that the features are new and untested, making them vulnerable to hackers.
  • In related news: Amazon announced law enforcement officials will now have to publicly request access to user videos or information for Ring.

Business Insider

A message from TRANSCEND

What's really involved in building a privacy request system in house?

In this guide, we provide a breakdown of the essential elements to build an automated privacy request workflow, with advice from our experts who build these systems for a variety of multinational companies.

Also included: The six key questions you should have answers for before you start to guide your cross-functional conversations.

Get the guide

Facebook has argued that Europe's data privacy rules will harm both businesses and citizens. The tech giant commissioned a research piece by economists from Analysis Group that determined a complete suspension of data flows between the EU and the U.S. would result in companies losing billions of dollars in annual revenue. Citizens would have to pay higher prices for a lower quality of service.


  • Last August, the EU's top court struck down a transatlantic data transfer framework called Privacy Shield, ruling it didn't sufficiently protect the data of European users from the U.S. government.
  • Privacy Shield enabled more than 5,300 companies to conduct business between the U.S. and Europe.
  • Next week, the U.S. and EU will unveil a partnership designed to combat China's growing influence and encourage democratic values.
  • The bigger GDPR picture: Is the landmark law already out of date? Some experts think so, in this short wrap up from Axios.


Consent Management, reinvented: Existing consent managers are broken. They only regulate 3rd party scripts – leaving your company non-compliant, and users with a terrible experience. So, we reinvented how they work—want to join as a beta partner?

Get early access
The Colorado House and Senate overwhelmingly passed a bipartisan data privacy law. SB21-190 would force companies to disclose what data they collect, how long it's kept, and what they do with it. It would go into effect in 2023, and users will be allowed to opt out of data collection.


  • A “global privacy control” browser setting will enable users to opt out of data collection on all websites starting in 2024.
  • What's next? If Gov. Jared Polis signs the measure, Colorado will become the third U.S. state behind California and Virginia to enact a data privacy law.
  • Lawmakers have said they'll work with tech giants such as Facebook to make minor amendments to regulation before the law goes into effect.

The Denver Post

Google will introduce stronger privacy protections for Android users, making it more difficult for advertisers to track their movements between apps. While users can restrict ad tracking, developers have used alternative device identifiers to exploit loopholes. Once the changes are implemented developers “will receive a string of zeros instead of the identifier" of users that have opted out.


  • Last month, Apple strengthened its privacy measures by letting users opt out of data collection and removing tracking by default.
  • Google's new changes are seen as an attempt to depict itself as a company that cares about privacy more than Apple.
  • Experts warn that stronger privacy protections could result in both tech giants having more power over iPhone and Android users.

Financial Times

TikTok has changed its U.S. privacy policy and might now collect biometric information such as “faceprints and voiceprints.” TikTok will only seek consent if required by law. Only a limited number of U.S. states, including Texas and California, have biometric privacy laws.


  • In February, TikTok reached a $92M settlement after it was accused of aggregating personal data to track users to target ads at them.
  • TikTok denied the allegations but reached a settlement to avoid a lengthy legal battle.
  • On Wednesday, President Biden signed an executive order targeted at Chinese apps such as TikTok and WeChat that aims to protect the personal data of Americans.

The Verge

Privacy concerns have emerged about Californians’ health data as the state ramps up COVID-19 vaccinations. Thousands of stakeholders such as public agencies, health care providers, and pharmacies have been exchanging patient data, sparking fears that existing laws won't prevent private information from being leaked or sold.


  • Privacy advocates are worried confidentiality laws have been diminished by emergency waivers designed to make private information more accessible.
  • There are also concerns about how vaccination verification systems will be implemented and protect patients' health data.
  • As on Wednesday afternoon, 55.5% of Californians have received at least one dose, and Gov. Gavin Newsom has introduced several incentives to boost inoculation rates.

The Reporter

In other privacy news:
  • The U.K. Opposition is urging the government to delay a scheme that will take patient data from the National Health Service due to privacy concerns.
  • States are moving to enact data privacy laws as Congress is slow to act. Only California and Virginia have implemented privacy legislation, but over 20 bills were introduced last year.
  • British Prime Minister Boris Johnson's Conservative party was fined £10,000 ($14,114) after the Information Commissioner’s Office found it sent spam.
  • The Canada Border Services Agency is looking to partner with a technology giant to build a biometric strategy to address issues caused by COVID-19.

Transcend in 10 Mins: In this short on-demand demo, Transcend CEO Ben Brook walks through how we can help improve your privacy ROI with scalable, secure, and future-proof privacy infrastructure.

Watch now

Privacy XFN is delivered to your inbox every Thursday morning and is sent by Transcend. We're an engineering company that makes it simple for companies to give their users control over their personal data. Learn more.