The Privacy Pulse Stay ahead in the world of privacy compliance with trends, tips, and tools that matter. April 2025 Key Updates "Take It Down" Act In a rare show of bipartisanship, U.S. lawmakers have introduced the "Take It Down" Act, focused on protecting minors from AI-powered exploitation online. The bill mandates platforms swiftly remove explicit content involving minors and limits AI tools that can create synthetic harmful imagery. Why It Matters: Targets platforms and third-party content hosts. Obligates companies to respond to takedown requests within 7 days. Reflects a growing federal consensus on AI's societal impacts. Full Story German DPA Flags 185 Websites for Illegal Tracking Practices A new audit by Hamburg's data protection authority found 185 of 1,000 reviewed websites using illegal third-party trackers without valid consent. The authority has issued formal warnings and called for immediate technical and compliance remediation. Key Findings: Violations mostly related to cookie banners lacking true opt-out functionality. Many sites still share user data with marketing providers unlawfully. Reflects ongoing GDPR enforcement, especially in advertising tech. Full Report Shopify Faces Class Action Over Alleged Data Sharing Violations A Canadian court has ruled that a class action lawsuit against Shopify can proceed, following allegations that the platform failed to obtain proper consent before sharing customer data with third-party vendors. The decision raises the stakes for e-commerce privacy compliance across jurisdictions. Implications: Merchants and platforms may both bear legal responsibility. Could trigger policy overhauls in Shopify's consent and disclosure practices. Read More Spotlight: IAPP Global Privacy Summit 2025 - Key Takeaways Washington D.C. once again hosted the IAPP Global Privacy Summit (GPS 2025), drawing regulators, professionals, and technologists worldwide. Here are the key insights: Top Takeaways: AI Regulation Is Coming: Policymakers from the U.S., EU, and Asia emphasized converging approaches to regulate high-risk AI use cases. Global Privacy Frameworks May Harmonize: Discussion centered on aligning GDPR, U.S. state laws, and APAC standards into interoperable guidelines. Privacy-Enhancing Tech (PET) on the Rise: Tools like homomorphic encryption and federated learning were showcased as privacy-by-design enablers. Youth Privacy Is a Cross-Border Priority: Echoing U.S. legislative trends, global regulators are pushing for better protection of minors online. Explore more: Data Mapping Requirement for CPRA & CCPA Compliance Explore the CPRA's data mapping requirements for California businesses, including identifying personal information, mapping data flow, and maintaining data inventory for compliance. Read more... Building customer trust through data privacy: The role of DSRs Building Consumer Data Privacy and Trust: Discover how strict data privacy standards, fulfilling Data Subject Requests (DSRs), and promoting transparency can foster trust, enhance brand reputation, and drive customer loyalty. Read more... Stay Connected with Us: Follow us on LinkedIn | Website for the latest updates, insights, and compliance tips. Have a question or suggestion? Reply to this email - we'd love to hear from you! Email us: info@mandatly.com | support@mandatly.com | sales@mandatly.com   Mandatly Inc. 2201 W. Royal Ln, Ste 110, Irving, TX 75063, USA