IAPP GPS 2024: Anticipating the Future of AI Regulation Enforcement

At the IAPP Global Privacy Summit 2024, discussions revealed the challenges of aligning AI with privacy regulations like the GDPR and the upcoming EU AI Act. Regulators and industry leaders emphasized the need for a legal basis in data collection for AI, addressing challenges in global regulation conformity and data scraping. With AI's advancement, there's a critical balance between innovation and privacy, underscored by legal actions against companies for data misuse and the call for global standards in AI governance. Read more

Google Agrees to Delete Billions of Records Containing Personal Data as Part of a Settlement in the Chrome Privacy Case

Google has agreed to delete billions of personal information records from its Chrome browser, resolving a lawsuit that claimed illegal surveillance, even in Incognito mode. The settlement, still pending court approval, mandates improved privacy disclosures and additional restrictions on data collection without compensating consumers. The outcome, valued between $4.75 and $7.8 billion, is seen as a significant win for privacy, potentially influencing future digital information handling. However, Google faces ongoing legal challenges, including antitrust allegations, which could impact its operations and revenue streams. Read more

Meta Opposes the US FTC's Attempt to Modify the 2020 Privacy Settlement

Meta Platforms has declined the FTC's request to revise a 2020 privacy settlement despite voluntarily reporting two errors in its Messenger Kids app. Despite investing $5.5 billion in privacy measures, the FTC aims to tighten rules against profiting from minors' data and the use of facial recognition. Meta, disputing claims of misleading parents, has taken legal action against the FTC's dual role as investigator and judge, while an appeals court has allowed the FTC's probe to continue for now. Read more

Federal Authorities Investigate Suspected Theft and Disclosure of Classified US Government Data

The US Department of State is probing a cyber incident after a hacker, known online as IntelBroker, claimed to have leaked classified data from the Pentagon and other security agencies on the dark web. The leaked information reportedly includes government and military officials' contact details, along with classified communications among the Five Eyes intelligence alliance. IntelBroker alleges the data was obtained via a breach of Acuity, a consulting firm serving the US government, exploiting a zero-day vulnerability in GitHub. Acuity acknowledges the attack but assesses the data as non-sensitive. Read more

AT&T Addresses Major Customer Data Leak on the Dark Web

AT&T is alerting millions of its customers about a leak of personal data, including Social Security numbers, found on the dark web. The data, believed to be from 2019 or earlier, affects around 7.6 million current and 65.4 million former customers, with leaked details such as passcodes, which are said to be easily decrypted. In response, AT&T has reset passwords and is offering credit monitoring services. The breach discovery followed a nationwide service outage in February, which was not linked to this cyber incident. The company is cooperating with investigations led by the FBI and the Department of Homeland Security. Read more