SolarWinds Chief Information Security Officer Tim Brown indicated fellow CISOs have concerns regarding the potential liability tied to data breaches they handle, CyberScoop reports. Brown said his experience with the 2019 Russia-backed SolarWinds hack caused him and other CISOs to think more about protecting themselves from liability rather than being solely focused on protecting the company from cyberattacks.Full story
Digital rights group Eko alleged Meta has not complied with requests from users to opt out of data collection and targeted advertising, Reuters reports. The group filed complaints to data protection authorities in Germany, Norway and Spain, while Eko spokesperson Eoin Dubsky said regulators "must pull Meta into line."Full story
Sonas Housing, a charity for domestic abuse victims, claimed abusers are trying to exploit Ireland's Data Protection Act to obtain victims' information, The Irish Times reports.
Google is facing a class-action lawsuit in the U.S. District Court for the Northern District of California after consumers claimed the company collected and shared voice recordings with third parties without consent, MediaPost reports.
The U.K. Information Commissioner's Office launched separate investigations into TikTok, Reddit and Imgur to examine their use of children's data and compliance with U.K. Children's Code obligations. IAPP Staff Writer Lexie White reports on details of the investigation and the ICO's broader efforts on children's privacy.Full story
The Japan Times reports on a bill introduced by Japan's government that would allow the ability to investigate uses of AI and publicly identify those who use the technology to commit harm. The bill would pay special attention to instances where a person's rights and interests are affected, according to Minister of Education, Culture, Sports, Science and Technology Nagaoka Keiko.Full story
A common thread among the multiple lawsuits seeking to block the U.S. Department of Government Efficiency from accessing sensitive government data is alleged U.S. Privacy Act violations, Wired reports. The law prevents a federal agency from disclosing an individual's personal records, even within that specific agency, unless the individual grants permission in writing or the data falls under 12 disclosure exceptions in the law.
Cybersecurity professionals are expressing concerns over the new U.K. and U.S. approaches framing AI safety as strictly a cybersecurity issue, Axios reports. Some consensus exists over how AI security includes protecting models from hacks, data breaches and model poisoning. However, as AI regulation in the U.S. gets debated in Congress it is unclear what AI safety areas, such as reducing bias and model reliability, may be deprioritized.
Euractiv reports on the European Commission's silence around U.S. government personnel and policy changes that could impact the validity of the EU-U.S. Data Privacy Framework. The Commission has yet to make formal statements regarding the removal by the White House of U.S.
Denmark's data protection authority, Datatilsynet, and the country's Digital Agency are looking for AI projects to participate in a second regulatory sandbox program. The deadline for applying is 4 April.Full story