Euractiv reports the Council of the European Union is drawing closer to a consensus position on the proposed European Health Data Space. The council's Working Party on Public Health agreed on amendments to the European Commission's proposed provisions regarding secondary use of data, including withholding data for the purposes of public security and national security.
IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan, CIPP/US, CIPM, breaks down the latest privacy developments in the nation’s capital, including a look at the potential road ahead for the proposed American Data Privacy and Protection Act as the 118th U.S. Congress settles into its new structure.Full Story
A view from Brussels: ENISA cybersecurity priorities and the threat landscape analysis
Kenyan President William Ruto announced the formation of a “data protection registration system” as part of the country’s observation of global Data Privacy Day, The Star reports. Ruto made the announcement as part of a two-day event in Nairobi that connected “stakeholders from government agencies (and) private and public sectors . . .
The U.S. Department of Commerce National Institute of Standards and Technology released its Artificial Intelligence Risk Management Framework 1.0 Jan. 26. Required under the National AI Act of 2020, the framework is the product of 15 months of work by NIST scientists who compiled public comments from more than 240 AI stakeholders through multiple listening sessions and workshops, while producing two previous drafts of the document last year. The framework is voluntary but will help organizations deploying AI systems to enhance their trustworthiness and reduce biases.
The Saudi Arabian Data and Artificial Intelligence Authority opened public consultation for its secondary data use guidelines Jan. 25. The objective is “establishing the legal framework for sharing data for research, development and innovation purposes.” The consultation period runs until Feb. 9.Full Story
The U.S. FBI and international partners in Germany and the Netherlands seized multiple servers allegedly belonging to ransomware group Hive, CyberScoop reports. Hive, "considered a top-five ransomware threat by the FBI," allegedly targeted more than 1,500 victims globally since June 2021.
The Office of the Privacy Commissioner of Canada published a guide with five tips for improving privacy impact assessments. The OPC found the missteps organizations take when conducting PIAs include not understanding their legal authority to collect certain personal data, defining the scope of a PIA for “clear analysis,” and creating and implementing an action plan based on the PIA.Full Story
The fate of Meta's data transfers to the U.S. is now facing an EU General Data Protection Regulation Article 65 dispute resolution mechanism in the EU, after Ireland's Data Protection Commission was unable to resolve objections from other EU data protection authorities to its draft enforcement decision. The case is now in the hands of the Secretariat of the European Data Protection Board, which — after it completes its administrative work — will officially trigger the Article 65 dispute resolution process.