IAPP IAPP News – Page 30 – CyberSecurity Confabulation

Health care industry expected to expand its use of AI

Posted 1 month ago by IAPP IAPP News

The health care industry is expected to continue its use of AI technology for patient care, including using the tech to evaluate health scans, create appointment transcription services and provide patient scheduling systems, the Association of Health Care Journalists reports. While the use of AI could help improve patients' experience, many are concerned that sensitive data collected from the technology could continue to be targeted in cyberattacks.
Full story

How encryption fits into privacy, safety concerns

Posted 1 month ago by IAPP IAPP News

Eli Lilly Services India cybersecurity consultant Abhishek Kushwaha writes in an op-ed about the push-pull between making encrypted messages available to law enforcement for safety reasons and desires to keep users' trust by ensuring their messages stay private. He argued one way to balance these issues is to limit end-to-end encryption to only verified users on any communication or messaging platform.
Full story

France’s AI Action Summit to focus on practical risks

Posted 1 month ago by IAPP IAPP News

France's AI Action Summit is anticipated to shift the "conversation towards a wider gamut of risks â€” including the disruption of the labor market and the technology's environmental impact â€” while also keeping the (technology's) opportunities front and center," Time magazine reports. Meanwhile, a Brookings Institute op-ed called for international cooperation on AI governance through a "distributed network of networks can more effectively address the challenges and opportunities of AI governance than a centralized system."
Full story

ACSC publishes report on bolstering cybersecurity

Posted 1 month ago by IAPP IAPP News

The Australian Signals Directorate's Australian Cyber Security Centre released guidance detailing efforts to build a modern defensible architecture to bolster cybersecurity. The ACSC said organizations that implement "mature security architecture will ensure a network is able to maintain its resilience over time and adapt as controls and mitigations evolve."
Full story

US state attorneys general temporarily block DOGE access to sensitive data

Posted 1 month ago by IAPP IAPP News

The U.S. District Court for the Southern District of New York issued a temporary restraining order to prohibit the Department of Government Efficiency from accessing U.S. citizens' sensitive personal information held by the Department of the Treasury. State attorneys general filed the lawsuit to block DOGE access. Meanwhile, the University of California Student Association filed a lawsuit against the Department of Education to prevent DOGE access to student financial aid data, The Record reports. Editor's note: IAPP Editorial Director Jedidiah Bracy reported on U.S. Senators raising privacy concerns related to the DOGE's activities.
Full story

France to investigate X’s algorithms

Posted 1 month ago by IAPP IAPP News

France will investigate the social platform X after Member of French Parliament Ã‰ric Bothorel allegedly filed a complaint against the company for its potentially biased algorithm, Politico reports. Prosecutors confirmed Bothorel's filing, which claimed X is "likely to have distorted the operation of an automated data processing system."
Full story

Op-ed: DOGE’s initiatives present ‘profound harms’ to privacy

Posted 1 month ago by IAPP IAPP News

In an op-ed for Lawfare, University of Virginia School of Law Jefferson Scholars Foundation Distinguished Professor in Law Danielle Citron discussed how the U.S. Department of Government Efficiency's access to and handling of U.S. sensitive personal information is an "affront to the purpose, spirit, and words of the Privacy Act of 1974." Citron added the DOGE's potential violations "raise the specter of Orwellian control and bureaucratic overreach."
Full story

UK orders Apple to provide access to encrypted data

Posted 1 month ago by IAPP IAPP News

The Washington Post reports U.K. officials have requested that Apple provide backdoor access to "all the content any Apple user worldwide has uploaded to the cloud." The previously undisclosed order, issued under the Investigatory Powers Act of 2016, "requires blanket capability to view fully encrypted material," the report states. Though individuals familiar with the matter indicated that Apple would likely cease offering encrypted storage in the U.K., such a move would not fulfill obligations to provide backdoor access to the service in other nations, including the U.S.
Full story

Switzerland’s DPA publishes guide about data breach reporting

Posted 1 month ago by IAPP IAPP News

Switzerland's Federal Data Protection and Information Commissioner published a guide on reporting data security breaches under the Data Protection Act. The guide focuses on likely high-risk scenarios and how to inform subjects of a data breach.
Full story

CNIL offers recommendations on GDPR-compliant AI

Posted 1 month ago by IAPP IAPP News

France's data protection authority, the Commission nationale de l'informatique et des libertÃ©s, offered recommendations for the "development of innovative and responsible AI" that complies with the EU General Data Protection Regulation. "When the GDPR applies, individuals' data must be protected, whether within training datasets, within models that may have memorized data, or through model usage via prompts," the CNIL wrote.
Full story