The U.S. Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency and international partners published joint guidance calling on software manufacturers to implement secure-by-design and default principles into their products.
The Intercept reports federal contract documents show Georgia's Army National Guard will use phone location tracking to reach high school recruits. According to the documents, the guard will geofence 67 public high school campuses around the state and target phones identified within a one-mile boundary with recruitment advertisements, with plans to retarget ads during after-school hours.
Washington is poised to pass legislation that would implement substantive changes to consumer health data protections in the state, and potentially beyond. The consent-driven House Bill 1155, the My Health My Data Act, would grant consumers rights around the collection, sharing and sale of their health data, and perhaps most notably, establishes a private right of action for violations.
IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan, CIPP/US, CIPM, offers his take on the latest privacy developments in the nation’s capital and around the U.S., including steps by the U.S. Department of Health and Human Services’ Office for Civil Rights to implement federal protections for the privacy of information about reproductive health within the Health Insurance Portability and Accountability Act’s Privacy Rule.Full Story
After her Instagram account was recently hacked, BigID Chief Privacy Officer Heather Federman, CIPP/US, was left with questions. "What if the hacker wasn’t even a real person, but was some form of artificial intelligence that knew me better than I knew myself?" she asked. Federman discusses her concerns around generative AI's potential to create fake virtual identities, the "powder keg" created by combining it with deepfake technology and, alternatively, how the tech can be used for good.Full Story
Euractiv reports European Parliament's position on the proposed Artificial Intelligence Act is stuck on prohibited uses of AI-powered technologies. A political meeting 13 April ended with MEPs divided on how to best regulate AI applications characterized as raising unacceptable risk. The meeting did yield agreement on proposed provisions for high-risk categorization, governance and enforcement. Parliament's position will be up for a committee vote 26 April.
U.S. House Committee on the Judiciary Chair Jim Jordan, R-Ohio, subpoenaed U.S. Federal Trade Commission Chair Lina Khan seeking more information regarding the agency's investigation into the potential breach of Twitter's 2011 consent decree, MediaPost reports.
A European Parliament-commissioned impact assessment questioned several aspects of the European Commission's proposed legislation on child sexual abuse material, Euractiv reports. The assessment found holes in detection technology and the undermining of end-to-end encryption. More specifically, the study showed no current technologies would avoid law enforcement access to communications without breaking encryption.
U.S. House Committee on Energy and Commerce Ranking Member Frank Pallone, D-N.J., sent a letter to TikTok CEO Shou Zi Chew with follow-up questions on the platform's privacy practices, The Hill reports.
The IAPP "Privacy and AI Governance Report" explores the interplay between privacy and artificial intelligence governance, outlining different approaches to governing AI and examining how they mesh with existing privacy governance practices.