Thomson Reuters left three of its servers for business suite services accessible, according to an investigation by Cybernews. Once alerted to the vulnerability, the company secured the servers and notified customers. Previously, however, more than 3 terabytes of “sensitive data” including plain text passwords and one data set contained access credentials to third-party servers.
Data protection regulators from more than 120 countries agreed to a framework for using personal data with facial recognition at the 44th Global Privacy Assembly in Istanbul, Turkey, Biometric Update reports.
IAPP Westin Fellow Anokhy Desai, CIPP/US, CIPT, takes a deep dive into the Global Privacy Control as it continues to gain traction with privacy and compliance communities. Desai explores details of the GPC, its predecessor “do not track” and whether it is here to stay. “Consumers now have a greater awareness of online commercial tracking and greater loyalty to and trust in businesses that prioritize privacy,” Desai said.
Leaders from 36 countries and the European Union are gathering to discuss strategies to confront ransomware attacks during the White House’s two-day International Counter Ransomware Summit, CyberScoop reports. Participating countries are creating a statement on pressuring countries that may be harboring cybercriminals. A senior official in U.S.
The California Privacy Protection Agency Board advanced modified proposed California Privacy Rights Act regulations with a plan to submit final rules to the Office of Administrative Law by the end of the year, according to Husch Blackwell’s “Byte Back.” The modified proposed regulations will be published in the next few weeks, beginning a 15-day public comment period.
Spain’s data protection authority, the Agencia Española de Protección de Datos, created a tool designed to help organizations determine whether to notify a data protection regulator following a breach. The tool, “Brecha Advisory,” is free to use.
Companies striving to implement ethical artificial intelligence products while under mounting pressure from regulators and activists are experiencing employee burnout, MIT Technology Review reports. Some businesses are offering additional compensation and mental health support for members of responsible AI teams, but employees say the pressures of meeting the need while doing psychologically draining work is exhausting. “It almost feels like you can’t take a break,” Twitter Machine Learning Ethics, Transparency and Accountability Director Rumman Chowdhury said.
In this week’s global legislative roundup, the Office of the Australian Information Commissioner is expected to receive an increase of AU$5.5 million in funding to respond to the Optus breach. A German state data regulator said questions remain surrounding certain provisions of the EU-U.S. Data Privacy Framework. And the French and South Korean data protection authorities signed an agreement to conduct joint research on “new technologies and data protection issues.” And the U.S.
As organizations continue to develop, innovate and implement digital technology, the privacy of an individual's intimate, personal space is changing. For University of Virginia School of Law professor Danielle Citron, "Intimate privacy is a precondition to a life of meaning. It captures the privacy that we want, expect, and deserve at different times and in different contexts.