PrivacySignal
← Front page

Search & browse the archive

The full corpus — beyond today's front page.

Reset

51 results · page 2 of 3

AI Governance
OECD AI Policy Observatory · · International

AI for inclusive and resilient agri-food systems: Potential ways forward

AI can strengthen food security, resilience and sustainability in agriculture. Explore key challenges and opportunities for agri-food systems. The post AI for inclusive and resilient agri-food systems: Potential ways forward appeared first on OECD.AI.

Who should care: AI governance · Lawyers · Administrators · General readers · Policy

#ai-governance#ai Read original →
Breach
FTC Consumer Protection · · US Federal

FTC Gives Final Approval to Order Against Illuminate Settling Allegations It Failed to Secure Students’ Personal Data

The FTC has finalized a settlement with Illuminate Education over a data breach that exposed millions of students' personal information. The order mandates a formal security program, restrictions on how much student data the company may collect and retain, and deletion of data deemed unnecessary.

Why this matters: Students have little say in whether their schools share their data with third-party vendors, making robust regulatory enforcement a primary safeguard. The order's data minimization and deletion requirements acknowledge that limiting collection in the first place reduces exposure when security measures inevitably fall short.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

#breach#enforcement Read original →
Breach
EDPB · · EU

The Italian SA fined Poste Vita for data breach

Italy's data protection authority issued an administrative fine against insurance firm Poste Vita S.p.A. following a customer complaint alleging unauthorized disclosure of personal data. The regulator found violations of GDPR principles governing data processing and breach-notification obligations.

Why this matters: The case underscores that insurers hold sensitive personal and financial data, and failures to secure or promptly report breaches leave individuals exposed without timely recourse — a reminder that notification rules exist to protect people, not just satisfy regulators.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

#breach#enforcement Read original →
Enforcement
F FOX 5 Atlanta · · International

Amazon sued over Ring facial recognition technology

Amazon is facing a lawsuit related to the alleged use of facial recognition technology in its Ring home security products, according to reporting from FOX 5 Atlanta.

Why this matters: If Ring devices are collecting biometric facial data, millions of households could be generating continuous identity surveillance streams — raising serious concerns about warrantless biometric capture and the adequacy of consumer consent in home security contexts.

Who should care: Lawyers · Privacy officers · Compliance · Cybersecurity · General readers · Policy

#enforcement#surveillance#privacy Read original →
Enforcement
U USA Today · · International

Amazon sued over Ring facial recognition, plaintiffs seeking $5M

Amazon is facing a lawsuit alleging its Ring devices engaged in unauthorized facial recognition, with plaintiffs seeking $5 million in damages. The case targets biometric data practices tied to Ring's home security camera ecosystem.

Why this matters: Biometric data — unlike passwords — cannot be changed once compromised, making unauthorized facial recognition particularly high-stakes for individuals. The suit may test whether consumers have meaningful legal recourse when surveillance hardware collects sensitive data without clear consent.

Who should care: Lawyers · Privacy officers · Compliance · Cybersecurity · General readers · Policy

#enforcement#surveillance#privacy Read original →
AI Governance
The Guardian — Tech · · International

How big tech got its way on Trump’s AI executive order

The US president’s reversal on calling for a safety review of new AI models is a green light for tech’s unchecked power Only hours before Donald Trump was set to sign a long-awaited executive order on Thursday that would have called for a government safety review of new artificial intelligence models before their release, the president abruptly backed out. Despite growing public backlash to the technology and experts warning new models will pose critical security risks, Trump vowed the US government would not slow down the AI race. During a meeting with reporters on Thursday, Trump cited both…

Who should care: AI governance · Lawyers · Administrators · General readers · Policy

#ai-governance#ai Read original →
Breach
Krebs on Security · · International

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.

Who should care: Cybersecurity · Privacy officers · Administrators

#breach Read original →
News
Privacy Commissioner of Canada · · Canada

Submission to the Standing Senate Committee on National Security, Defence and Veterans Affairs on Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts

Submission to the Standing Senate Committee on National Security, Defence and Veterans Affairs on Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts

Read original →
AI Governance
OECD AI Policy Observatory · · International

Establishing the shared foundations for collective AI security

AI security, prompt injection, AI agents and model poisoning: building shared foundations for secure AI deployment. The post Establishing the shared foundations for collective AI security appeared first on OECD.AI.

Who should care: AI governance · Lawyers · Administrators · General readers · Policy

#ai-governance#ai Read original →
Breach
Krebs on Security · · International

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.

Who should care: Cybersecurity · Privacy officers · Administrators

#breach Read original →
AI Governance
Krebs on Security · · International

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.

Who should care: AI governance · Lawyers · Administrators · General readers · Policy

#ai-governance#ai#security Read original →
Breach
The Guardian — Privacy · · International

UK Biobank has my data, but I’m not worried. I know the benefits are too great to consider pulling out | Polly Toynbee

A dataset from UK Biobank — a large longitudinal health research repository — reportedly appeared for sale on Alibaba's platform in China, prompting concern among researchers and a warning from UK Science Minister Patrick Vallance that further such attempts are anticipated. Columnist Polly Toynbee argues the research value of such studies outweighs the risks.

Why this matters: The incident illustrates that even well-governed research databases carrying sensitive, long-term health records are vulnerable to unauthorized distribution, raising questions about whether participants' informed consent extends to scenarios where their data surfaces on foreign commercial platforms beyond any regulator's reach.

Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance

#breach#healthcare Read original →
Breach
The Guardian — Privacy · · International

Some Interrail travellers told to cancel passports as hacked data posted online

Eurail, which sells passes, says data being ‘offered for sale on dark web’ after December breach affecting 300,000 people Holidaymakers across Europe are facing the stress and expense of getting new passports after their personal data was posted on the dark web after a hack of the Interrail company Eurail. Personal data, including passport numbers, names, phone numbers, email and home addresses and dates of birth of more than 300,000 European travellers was accessed in December. But this week Eurail revealed to customers that “data copied during the security incident has been offered for sale…

Who should care: Cybersecurity · Privacy officers · Administrators

#breach Read original →
← Prev Page 2 of 3 Next →