News
Notes from the IAPP Canada: Special report on CRA breaches raises fresh privacy concerns
Notes from the IAPP Canada: Special report on CRA breaches raises fresh privacy concerns IAPP
Search & browse the archive
The full corpus — beyond today's front page.
824 results · page 31 of 35
News
Why is it still so hard to get corporate buy-in for privacy compliance?
Why is it still so hard to get corporate buy-in for privacy compliance? IAPP
Who should care: Lawyers · Compliance
#regulation
Read original →
News
How Canada is approaching the evolving cybersecurity landscape
How Canada is approaching the evolving cybersecurity landscape IAPP
News
Brazil reshapes children's data protection under the 'Digital ECA' framework
Brazil reshapes children's data protection under the 'Digital ECA' framework IAPP
Who should care: General readers · Privacy officers · Policy
#privacy
Read original →
News
Five steps to protect your organisation from AI-powered cyber threats
Five steps to protect your organisation from AI-powered cyber threats Information Commissioner's Office
Who should care: General readers · AI governance · Policy
#ai
Read original →
News
A view from Brussels: To ban or not to ban
A view from Brussels: To ban or not to ban IAPP
News
King's Speech signals diffuse UK digital policy agenda, but no AI bill
King's Speech signals diffuse UK digital policy agenda, but no AI bill IAPP
Who should care: General readers · AI governance · Policy
#ai
Read original →
News
Notes from the Asia-Pacific region: Malaysia tightens data protection expectations with trio of guides
Notes from the Asia-Pacific region: Malaysia tightens data protection expectations with trio of guides IAPP
Who should care: General readers · Privacy officers · Policy
#privacy
Read original →
News
Letter to the Standing Senate Committee on Rules, Procedures and the Rights of Parliament on its study on the inclusion of provisions relating to e-petitions into the Rules of the Senate
Letter to the Standing Senate Committee on Rules, Procedures and the Rights of Parliament on its study on the inclusion of provisions relating to e-petitions into the Rules of the Senate
Who should care: Lawyers · Compliance
#regulation
Read original →
News
Letter to the Standing Committee on Access to Information, Privacy and Ethics on the Main Estimates for the Office of the Privacy Commissioner of Canada for 2026-2027
Letter to the Standing Committee on Access to Information, Privacy and Ethics on the Main Estimates for the Office of the Privacy Commissioner of Canada for 2026-2027
News
Letter to the Standing Committee on Procedure and House Affairs on the privacy implications of Bill C-25
Letter to the Standing Committee on Procedure and House Affairs on the privacy implications of Bill C-25
News
Shutterstock to Pay $35 Million to Settle FTC Allegations Over Illegal Subscription and Cancellation Practices
Shutterstock Inc. will pay $35 million to settle Federal Trade Commission allegations that the online digital photo and video platform illegally made tens of millions of dollars from a range of unfair and deceptive practices, including charging consumers for products without their informed consent and making it difficult to cancel subscriptions. “Subscription and negative option features can be beneficial for both companies and consumers, making renewal simpler and streamlining payment processes,” said Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection. “But these bene…
Who should care: General readers · Privacy officers · Policy
#privacy
Read original →
AI Governance
Companies pair up to release Automated AI Governance Package
Two companies have jointly launched an automated AI governance package, targeting organizations seeking structured tools to manage compliance and oversight of artificial intelligence systems. The product appears aimed at streamlining governance workflows, though specific technical details and partner identities were not disclosed in the announcement.
Why this matters: Automated governance tools can embed accountability into AI pipelines, but they may also create a false sense of compliance while obscuring how personal data is actually processed — making independent human oversight and transparency to affected individuals equally critical.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
AI Governance
The AI governance conversation is happening in the wrong room
A piece published through the IAPP argues that current AI governance discussions are taking place in forums or among stakeholders that exclude key voices, suggesting the existing deliberative spaces are misaligned with the breadth of interests at stake.
Why this matters: When AI governance is shaped without input from civil society, affected communities, or digital rights advocates, resulting frameworks risk prioritizing industry or institutional interests over individual privacy protections and civil liberties safeguards.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
News
From privacy policies to machine-readable governance: Rethinking data control in the age of AI
From privacy policies to machine-readable governance: Rethinking data control in the age of AI IAPP
Who should care: General readers · AI governance · Policy
#ai
Read original →
News
Maryland enacts a first-of-its-kind surveillance pricing law, but there are loopholes
Maryland enacts a first-of-its-kind surveillance pricing law, but there are loopholes IAPP
Who should care: Privacy officers · Cybersecurity · General readers · Policy
AI Governance
Amendments move Colorado AI Act's focus from risk to transparency
Proposed amendments to Colorado's AI Act would shift the law's regulatory emphasis away from risk-based obligations for developers and deployers toward transparency and disclosure requirements, representing a notable recalibration of how the state approaches AI governance.
Why this matters: A transparency-first framework could give individuals clearer visibility into when and how automated systems affect decisions about them — though it may place less enforceable burden on companies to prevent harm before it occurs.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
AI Governance
Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
Healthcare
Palantir’s access to identifiable NHS England patient data is ‘dangerous’, MPs say
UK parliamentarians have raised alarms over NHS England granting Palantir and other contractors broad access to identifiable patient records — before pseudonymisation — as part of an AI platform development project. Internal NHS documents reportedly acknowledged the arrangement carries a risk of eroding public trust.
Why this matters: Providing a US defence-linked firm with pre-anonymised health records raises acute concerns about patient consent, data sovereignty, and the scope of permissible use — particularly given Palantir's history of government surveillance contracts. Individuals rarely anticipate their medical data reaching such actors.
Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · AI governance · Policy
News
FTC Chairman Ferguson Advises Companies to Comply with the Take It Down Act
Federal Trade Commission Chairman Andrew N. Ferguson sent letters today to more than a dozen prominent technology companies reminding businesses of their obligation to comply fully with the Take It Down Act (TIDA) no later than May 19. Signed into law last year by President Donald J. Trump with the strong support of First Lady Melania Trump, TIDA requires covered platforms to establish a process allowing victims, including children, to request removal of intimate photos or videos shared without their consent. The letters were sent to major platforms, including Amazon, Alphabet, Apple, A…
Who should care: General readers · Privacy officers · Policy
#privacy
Read original →
Breach
Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc following major cyber attack and data breach
The UK's Information Commissioner's Office has levied a fine of approximately £1 million against South Staffordshire Plc and its water utility subsidiary following a significant cyberattack that resulted in a personal data breach affecting customers.
Why this matters: When critical infrastructure operators fail to secure personal data, ordinary people bear the consequences of exposed information with little recourse. Regulatory penalties signal that custodians of sensitive data face accountability, reinforcing individuals' right to expect adequate protection.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance
News
ARC Conference
ARC Conference Data Protection Commission
Who should care: General readers · Privacy officers · Policy
#privacy
Read original →
News
Smart glasses: what was old is new again?
Smart glasses: what was old is new again? LINC CNIL
News
[Survey] – How do the French view smart glasses?
[Survey] – How do the French view smart glasses? LINC CNIL