Articles from Around the Web

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

EDPB weighs in on key questions on personal data in AI models

The European Data Protection Board's opinion on the lawful use of personal data for the development and deployment of AI models delves into key questions and clarifications companies are grappling with as they try to balance governance and innovation. Bird & Bird's Alex Jameson, Izabela Kowalczuk-Pakula, Willy Mikalef and Nils Lölfing highlight key takeaways from the opinion that data protection professionals should bear in mind moving forward.Full story

Why organizations should prioritize employee data protection to combat spear phishing

Incogni's Mariam Volobueva, Brenden Arakaki and Adam Choliński emphasize that protecting employees' personal information is a way to reduce spear phishing risk for organizations. They discuss why employee data is the "easiest entry point" for those attacks, while outlining the lines of defense available to companies.Full story

Latest EU AI Act General-Purpose AI Code of Practice draft published

The EU AI Office released the second draft of the General-Purpose AI Code of Practice, which incorporates feedback received on its first draft published 14 Nov. The second draft looks to provide a "future-proof" code that will be critical for AI models released after 2 Aug. 2025, which will be subjected to new rules for general-purpose AI. The third draft of the code is anticipated to be released the week of 17 Feb.

ANPD releases guidance on the role of data protection officers

Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, issued guidance detailing data protection officers' obligations under the General Data Protection Law. The guidance aims to "indicate good practices for personal data processing agents" to ensure consumers' data is secure and organizations are compliant with the LGPD.Full story

New tools aim to improve data activity monitoring, compliance efficiency

Companies are increasingly looking to streamline compliance efforts across multiple jurisdictions while proactively seeking to minimize friction to remediate potential compliance gaps. The recent release of BigID's Data Activity Monitoring and Compliance Dashboard tools aims to help solve both concerns. IAPP Staff Writer Alex LaCasse spoke with BigID Chief Marketing Officer Sarah Hospelhorn about the launch. Full story

CPPA announces 2025 penalty increases

The California Privacy Protection Agency announced increases in California Consumer Privacy Act civil penalties, which are allowed by law and are indexed to the state Consumer Price Index. Businesses will now be subjected to a USD26.6 million penalty of their gross revenue for CCPA violations, which is up from USD25 million. Monetary damages, administrative fines and civil penalties also increased by modest amounts.Full story

FISA Section 702 expansion in US Senate's NDAA passage

Wired reports on the expansion of Section 702 of the U.S. Foreign Intelligence Surveillance Act contained within the National Defense Authorization Act. The bill passed through the Senate this week with language increasing the number of businesses that are considered "electronic communications service provider," which allows the government to compel them to install wiretaps on its behalf.Full story