Digital user consent capture and management are the two key processes to companies' data sharing practices. Despite the availability of tools built to streamline these processes, neither capture nor management is immune to errors that incorrectly process user choices. Boltive CEO Dan Frechtling explains how each process works and what may contribute to instances of mishandled consent.Full Story
Euractiv reports members of European Parliament agreed to adopt the Organisation for Economic Co-operation and Development's definition of artificial intelligence for the proposed AI Act. Language perceived to include machine-based systems in the definition was removed while a greater emphasis on international alignment and legal certainty were added. Definitions for significant risk as well as biometric authentication and identification were also finalized at a recent political meeting.
Privacy continues to evolve from a niche to a mainstream policy issue, and the growth of privacy careers in the public and private sectors prove as much. Join the IAPP March 10 on LinkedIn Live as U.S.
The first annual coordinated action under the European Data Protection Board's Coordinated Enforcement Framework, on the use of cloud-based services by the public sector, concluded in January. Starting mid-March, European data protection authorities will prioritize joint actions focusing on the position of data protection officers.
A group of U.S. lawmakers reintroduced the Facial Recognition and Biometric Technology Moratorium Act in both houses of Congress. The bill would stop the federal government’s use of facial recognition technologies, which "pose significant privacy and civil liberties issues and disproportionately harm marginalized communities," according to U.S. Sen. Ed Markey, D-Mass.
The Swedish Presidency of the Council of the European Union is making progress toward its final text for the proposed Data Act, Euractiv reports. The latest compromise text circulated to member states notably contained updates to provisions on the proposal's interplay with the EU General Data Protection Regulation. The updated language clarifies the Data Act can't be used as a legal basis for processing data under the GDPR.
A breach of DC Health Link could have exposed the personal data of "hundreds" of members of the U.S. House of Representatives and their staffs, according to a letter the House's Chief Administrative Officer Catherine Szpindor sent to representatives that was reviewed by Reuters. Szpindor said in her letter, "At this time, it does not appear that members of the House of Representatives were the specific targets of the attack." Letters sent by House Majority Leader Kevin McCarthy, R-Calif., and Minority Leader Hakim Jefferies, D-N.Y., said members' families were also affected.
The second iteration of proposed reforms to the U.K. General Data Protection Regulation is now available for public consumption. IAPP Research and Insights Director Joe Jones, who previously worked as the deputy director of international data transfers at the Department for Digital, Culture, Media and Sport, parsed through the 212-page Data Protection and Digital Information Bill and offers his initial thoughts, along with the top 10 takeaways for privacy professionals.Full Story
On Wednesday, the U.K. released draft data protection reform of its General Data Protection Regulation. U.K. Secretary of State for Science, Innovation and Technology Michelle Donelan introduced the Data Protection and Digital Information (No. 2) Bill to Parliament. "Co-designed with business from the start," Donelan said, "this new bill ensures that a vitally important data protection regime is tailored to the U.K.'s own needs and our customs." IAPP Editorial Director Jedidiah Bracy, CIPP, has the details.