|
|
 |
The tech lobbyists are kind of winning. They’ve pretty much gotten their way.
- Matt Schwartz, policy analyst for Consumer Reports
|
|
|
Welcome to Snippets 👋 As AI development continues to accelerate and Congress dithers on regulation, thousands of hackers took a crack at exposing vulnerabilities in various AI systems during the Generative Red Team Challenge at the Defcon security conference last weekend.
Plus, the Consumer Financial Protection Bureau hinted at a coming crack down on data brokers, Discord.io (not to be confused with the Discord) experienced a breach so severe the platform shutdown, Google is working on an AI assistant that gives life advice, and more.
|
|
|
|
|
Hacker red teams go head to head with AI
|
 |
|
LVCandy/Getty Images
|
This past weekend, thousands of hackers participated in the Generative Red Team (GRT) Challenge at the Defcon security conference. Given 50 minutes, each participant was tasked with a challenge meant to test an AI system's biases, flaws, and potential for harm.
|
- Challenges included getting an AI system to give false information, provide detailed instructions on covert surveillance, claim sentience, and more.
- Though most major AI companies use red teaming (the process of role playing as an attacker), it’s often done in private and the results are not shared publicly.
- Conducted with support from the White House, results from the GRT challenge will be used to analyze each AI model and help the Biden administration craft guidelines on safe AI deployment.
|
|
|
|
|
|
|
Five foundational steps for better AI policies
|
|
In these early days of AI, setting up the right AI governance is crucial—and companies that set a strong foundation now will be able to move faster and more confidently in the space.
Read Transcend CEO Ben Brook's recent op-ed in CPO Magazine to learn five ways to build better AI governance policies at your company.
|
|
|
|
|
|
|
|
Discord.io suffers breach, shuts down
|
 |
|
Gabby Jones/Bloomberg via Getty Images
|
Discord.io, a platform that lets people create custom links for their Discord channels, has shut down for the “foreseeable future” following a data breach that exposed the personal data of around 760,000 members.
|
- A vulnerability in the platform’s website code allowed a hacker, known as “Akhirah” on the Breached hacking forum, to access and download the entire Discord.io database.
- “Akhirah” put the database up for sale on Breached on Aug 13—claiming the data contains users’ email addresses, billing information, usernames, Discord IDs, and for a small number of people, a hashed version of their password.
- Discord.io has confirmed the breach and promised a “complete rewrite of our website’s code, as well as a complete overhaul of our security practices.”
|
|
|
|
|
|
|
|
US watchdog hints at data broker crackdown
|
 |
|
Grace Cary/Moment RF/Getty Images
|
An upcoming proposal from the Consumer Financial Protection Bureau (CFPB) may bar data brokers from selling specific types of consumer data, such as income or criminal history.
|
- The proposed rules, issued under the Fair Credit Reporting Act, would extend existing regulation to cover the “surveillance economy” i.e. collecting, buying, and selling personal information about consumers.
- Though these new rules are not yet final or public, they would potentially limit the circumstances under which data brokers may sell sensitive information—barring the sale of personal data for things like training AI tools.
- Rohit Chopra, director of the CFPB, stated the organization, “will be taking steps to ensure that modern-day data brokers in the surveillance industry know that they cannot engage in illegal collection and sharing of our data.”
|
|
|
|
|
|
|
|
- Laleh Ispahani argues that AI regulation begins with data privacy.
- WhatsApp is beta-testing AI generated stickers.
- Why Zoom’s recent controversy underscores the importance of reading the fine print.
- After hitting a record high, China suspends data on youth unemployment.
- Norfolk and Suffolk police suffer a significant data breach.
|
|
|
|
|
|
Tech lobbies wielding outsized influence on state privacy laws
|
 |
|
Andrew Selsky/AP Photo
|
11 US states now have privacy laws, with Oregon being the most recent. But with tech lobbyists exerting significant influence, privacy activists are concerned that “industry friendly” laws are gaining enough momentum to negatively affect the shape of a future Federal law.
|
- Of the seven state privacy laws passed in 2023, the majority show clear signs of tech industry influence—with many of the strongest privacy protections having been removed.
- After the California Privacy Protection Act (CPPA) was passed in 2018, tech lobbies sprung into action to limit the spread of similar laws throughout the country.
- Many state privacy laws are now modeled after the Virginia Consumer Data Protection Act, the first draft of which was written by an Amazon lobbyist.
- As industry friendly bills continue to pass and Congressional interest in a Federal law wanes, privacy activists worry for the future of strong privacy laws in the US.
|
|
|
|
|
|
|
|
Google AI assistant to give life advice
|
 |
|
Gabriel Alcala
|
Google’s AI safety experts are concerned that new AI features in development, such as an AI assistant that gives life advice, could negatively impact users’ emotional well-being.
|
- In April, Google merged research team DeepMind and AI team Brain—looking to streamline and accelerate AI development, as the tech giant races to stay competitive against OpenAI and Microsoft.
- Among other capabilities, such as planning and tutoring, DeepMind is developing an AI assistant that can offer life advice about users’ life challenges and personal problems.
- In December, Google’s AI safety experts noted that taking life advice from AI comes with myriad risks, such as “diminished health and well-being,” “loss of agency,” and belief in the program’s sentience.
|
|
|
|
|
|
|
Confidently deploy AI with Transcend Pathfinder
|
|
A first-of-its-kind solution for AI governance, Pathfinder gives your company the technical guardrails it needs to adopt new AI technologies securely and responsibly. Use Pathfinder to:
💡 Handle enterprise AI adoption with confidence
👁️ Gain real-time visibility into AI deployments
✅ Strengthen compliance
Pathfinder is currently only available in the exclusive early access phase for select enterprise partners. Learn more and join the waitlist below.
|
|
|
|
|
|
|
|
|
Snippets is delivered to your inbox every Thursday morning by Transcend. We're the platform that helps companies put privacy on autopilot by making it easy to encode privacy across an entire tech stack. Learn more.
|
|
|
|
You received this email because you subscribed to Snippets. Did someone forward this email to you? Head over to Transcend to get your very own free subscription! Curated in San Francisco by Transcend.
|
|
|
|
|
|
