|
|
 |
There's so many concerns now with the House Intelligence bill, that it just seemed impossible to go forward…
- Elizabeth Goitein, the Brennan Center for Justice
|
|
|
Welcome to Snippets—After months of deliberation, EU policymakers have reached agreement on the AI Act. The first comprehensive law regulating the use and development of AI, the act is focused on both harnessing the potential benefits of AI and addressing the technology's possible pitfalls.
In other news, the fight over the controversial surveillance program Section 702 continues, NIST released new guidelines around products that claim to use differential privacy, Mozilla issues a privacy warning about Nintendo, and more.
|
|
|
|
|
EU policymakers agree on world’s first AI law
|
 |
|
Jean-Francois Badias/Associated Press
|
EU policymakers have agreed on a final draft of the AI Act, a new law meant to regulate the use and development of AI technology. Though the law still needs final approval, the key provisions have all been set.
|
- Lawmakers adopted a risk-based approach, focusing tighter restrictions on certain AI use cases like national security, hiring and education, and critical infrastructure.
- The law also took special note of AI use in law enforcement, restricting the use of facial recognition by police and governments to cases of national security.
- Though the law received praise for its thoroughness, several provisions may take years to implement, meaning they may be made redundant by AI development in the interim.
|
|
|
|
|
|
|
Join hundreds of your peers in the Privacy Pulse community 👋
|
|
Privacy Pulse is an invite-only community where privacy professionals can crowdsource solutions to their biggest challenges, share or find a new role, and expand their professional network.
To make sure our community is valuable, thriving, and safe, we ask that everyone submit a brief application to join. All applications will be reviewed within 24 hours.
|
|
|
|
|
|
|
|
Congress pulls surveillance bills after intense backlash
|
 |
|
BLOOMBERG CREATIVE VIA GETTY IMAGES
|
After a heated debate in a House GOP meeting, the Rules Committee pulled two bills – one by the Intelligence Committee and one by the Judiciary Committee – that would reauthorize and reform Section 702 of the Foreign Intelligence Surveillance Act (FISA).
|
- Originally, Congress planned to vote in a “Queen of the Hill” session, wherein both bills would be considered at once—and whichever bill received the most votes would take effect.
- But a provision in the Intelligence Committee’s bill, which expands the government’s surveillance network with its definition of “electronic communication service provider” was particularly contentious.
- Now, lawmakers must decide whether to include a Section 702 reauthorization in the text of the National Defense Authorization Act, which will be voted on today.
|
|
|
|
|
|
|
|
New NIST guidance to on ‘differential privacy’ products
|
 |
|
NIST
|
In a new publication, the National Institute of Standards and Technology (NIST) attempted to simplify the mathematical algorithm underlying “differential privacy,” in order to help businesses make informed purchases of Privacy-Enhancing Technology (PET) products.
|
- Differential privacy allows public sharing of data without revealing individual identities, but products offering this technology can make unsubstantiated claims.
- To verify the privacy guarantees offered by manufacturers, the authors constructed a “differential privacy pyramid” to break down the privacy components and evaluate undermining factors.
- With AI models having been found susceptible to revealing training data, the authors noted that differential privacy can offer an extra layer of protection to thwart such attacks.
|
|
|
|
|
|
|
|
- Messenger enables default end-to-end encryption for chats.
- Apple announces new SDK requirements for App Store submissions.
- FCC signs agreements with four states to strengthen privacy cooperation.
- FTC warns that QR codes can be used for online fraud.
- WhatsApp introduces disappearing voice messages.
|
|
|
|
|
|
Mozilla issues privacy warning for Nintendo
|
 |
|
Adobe Stock
|
The Mozilla Foundation has given Nintendo the *Privacy Not Included warning label in its consumer tech buyers guide—prompted by recent changes to the gaming company’s privacy policy.
|
- The report claims that Nintendo not only collects a “fair amount of personal information,” but can also receive personal information from third-party sources, including other users.
- The data goes towards building user profiles that can be used to customize content, as well as target ads and promotional material from partners and affiliates.
- While Nintendo claims they can de-identify personal data, collecting location information leaves the data vulnerable to reidentification.
|
|
|
|
|
|
|
|
23andMe updates terms of service to limit breach fallout
|
 |
|
ERIC BARADAT/AFP via Getty Images
|
23andMe’s terms of service, which was updated two days before announcing the breach that affected 6.9 million customers, has drawn scorn from lawyers who argue the changes are designed to make it hard for victims to file legal claims against the company.
|
- The lawyers interviewed by TechCrunch described the changes as “cynical,” “self-serving,” and “a desperate attempt” on the part of the company to shield itself from mass arbitration.
- The old terms of service were already forcing customers to go through arbitration, which often favors corporations, rather than jury trials or class action lawsuits.
- The new terms basically prohibit consolidated arbitration, with a clause that states customers must complete a 60-day negotiation period before filing an arbitration demand.
- Julia Duncan from the American Association of Justice, said: “It’s much easier to bury customers’ claims one by one by one, than facing millions who have joined together. These systems are rigged, inherently biased, and operate in secret."
|
|
|
|
|
|
|
Buyer's Guide: 5 steps for identifying an effective CMP
|
|
The right CMP will provide an efficient way to collect, sync, and enforce user preferences and consent across all touchpoints and backend systems. But finding the right CMP for your business can be a challenge. This step-by-step guide includes:
- 6 must-haves for effective consent compliance in 2024
- 5 steps for choosing the best CMP for your business
- An internal evaluation questionnaire
- A platform comparison matrix
- Key questions to ask potential vendors
Download the full guide below!
|
|
|
|
|
|
|
|
|
Snippets is delivered to your inbox every Thursday morning by Transcend. We're the platform that helps companies put privacy on autopilot by making it easy to encode privacy across an entire tech stack. Learn more.
|
|
|
|
You received this email because you subscribed to Snippets. Did someone forward this email to you? Head over to Transcend to get your very own free subscription! Curated in San Francisco by Transcend.
|
|
|
|
|
|
