CDP Institute

Canada’s regulator issues new principles document for development and use of generative AI. This is part of a larger initiative to look at data privacy, but the regulator said the focus on AI is crucial because this game-changing technology demands a collective approach.

Apple’s report, “The Rising Threat to Consumer Data in the Cloud,” shows data threats increased steadily since 2022, and projections are threats will get even worse. Ransomware attackers are getting more dangerous and more likely to target organizations that hold particularly sensitive information.

Amazon’s court defense was deemed nonsensical by a judge.presiding over a suit brought by a Brazilian minor who claims a spycam hidden in a towel hook, and which was sold by Amazon, was in fact recording her in her private bathroom for months. This is one of many cameras disguised in IoT products that Amazon sells.

The acquisition brings to Osano’s enterprise capabilities the ability to audit data, identify privacy risks and conduct actionable reporting among others.

A proposed bill, entitled the Traveler Privacy Protection Act of 2023, proposes to stop the Transportation Security Administration (TSA) from using biometric facial recognition screening at airports. Currently, the TSA uses CAT-2 technology to digitally identify travelers without them knowing they’re being physically screened and in advance of them entering the security screening area.

Our most intimate data is shared with healthcare providers and services, so when a breach happens there as it did with Blue Shield of California, people are particularly vulnerable. This breach at one of the state’s largest providers potentially impacts the data of 4.5 million patients and can give access to very sensitive information, including social security numbers, information on family, and where you live as well as medical and insurance data.

The EU Parliament and Council reach agreement on the Cyber Resilience Act, paving the way for passage. The proposed law, considered a first-of-its-kind, will require manufacturers of IoT devices to report serious breaches and conduct risk assessments of their products along with informing customers of unpatched vulnerabilities.

Ofcom, the UK’s internet regulator, has issued a draft guidance for porn sites to meet a new legal requirement to prevent children from accessing adult content. The guidance offers a range of options including signing into Open Banking, uploading a copy of their passport with a live selfie to match against, letting the system estimate their age based on a webcam view of their face, and providing credit card details.

They are also calling on data experts, including data scientists, developers and managers to provide feedback.

Palantir, founded by Peter Thiel, is a company known for working with intelligence agencies and military organizations around the world. Now they and four partners, including Accenture, have won an NHS England £330M contract to build a massive data platform for health data sharing. The platform will allow individual and regional health service trusts to share data to increase efficiency and purportedly to improve care. Why worry? Well, it’s early, but tech, medical and civil liberties groups are concerned patients’ data could be mishandled, and it’s not clear if patients... Read More >