Since I hang out with a lot of CISOs, and understand their pain points, I urge readers to send a “thank you” and “you are the best” message to their CISO. You can’t imagine the pressure and stress they are
Data Privacy + Cybersecurity Insider
Leveraging Knowledge to Manage Your Data Risks
Latest from Data Privacy + Cybersecurity Insider
NIST Offers AI Governance Guideline to Help Avoid Bias Liability
The issue of bias in artificial intelligence is assuming increased urgency in courtrooms around the country. Organizations that use AI to scan resumes can be sued for employment discrimination. Companies using facial recognition on their property might face premises liability.…
UK Privacy Watchdog Probes Microsoft’s Controversial “Recall” Feature
The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft Recall is designed to continuously capture screenshots of a user’s PC activity…
Privacy Tip #400 – Best of First 400 Privacy Tips
Wow! It’s hard to believe this blog marks the 400th Privacy Tip since I started writing many years ago. I hope the tips have been helpful over the years and that you have been able to share them with others…
Tennessee Passes Law Restricting Data Breach Class Action Suits
Tennessee Governor Bill Lee signed legislation on May 22, 2024, that will shield private entities from class action lawsuits stemming from a cybersecurity event unless the event was caused by willful, wanton, or gross negligence.
The bill, as introduced, “declares…
Marriott Faces Class Action for Alleged Violation of Illinois Biometrics Law
This week Marriott Hotel Services was hit with a class action lawsuit for alleged violations of the Illinois’ Biometrics Information Privacy Act (BIPA). The lawsuit alleges that the hotel violated BIPA by requiring workers to scan their fingerprints as a…
Intercontinental Exchange Settles with SEC Over Alleged Delay in Notification of Hack
Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC of the cybersecurity incident…
Maryland Online Data Privacy Act
On May 9, 2024, Governor Wes Moore signed the Maryland Online Data Privacy Act (MODPA) into law. MODPA applies to any person who conducts business in Maryland or provides products or services targeted to Maryland residents and, during the preceding…
Researchers Announce Breakthrough in AI Audit Capabilities
Anthropic has achieved a major milestone by identifying how millions of concepts are represented within their large language model Claude Sonnet, using a process somewhat akin to a CAT scan. This is the first time researchers have gained a detailed…
Privacy Tip #399 – Nebraska AG Sues TikTok for Violations of Consumer Protection Laws
To add to TikTok’s legal woes in the U.S., Nebraska Attorney General Mike Hilgers (AG) filed suit against TikTok on May 22, 2024, alleging that TikTok violated Nebraska’s consumer protection laws and engaged in deceptive trade practices by “designing and…