The Bundesamt für Sicherheit in der Informationstechnik (BSI), part of the German Ministry of Internal Affairs, has investigated web shops which show that they are often unsafe. Seven out of ten researched webshop platforms use vulnerable JavaScript libraries. In addition, almost all solutions had inadequate password policies and nearly half of the products use end-of-life […]
The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended states that the executive order is too vague, and leaves US courts — who would be the sole interpreters of the proposed EU-US Data Privacy Framework — wiggle room to approve the bulk collection of data for signals intelligence, and doesn’t apply […]
The ChatGPT tool is a language model based on the GPT-3.5 architecture and trained by OpenAI. It uses a web crawler to collect data and generate responses to user input. While this technology has many useful applications, it also raises concerns about the potential misuse of proprietary information. One way that the ChatGPT tool collects […]
A cybersecurity insurer predicts that a 13% growth to 1,900 CVEs monthly would include 270 high-severity and 155 critical-severity vulnerabilities. The predictions are based on data collected over the last ten years. For most CVEs, the time to exploit is within 90 days of public disclosure, while the majority of exploits take place within the […]
The EDPS – European Data Protection Supervisor states in an opinion that in order to act as a controller, the entity / involved party must determine the purposes & essential means of the processing. “Essential means” are closely linked to the purpose and the scope of the processing.On the other hand, “non-essential means” concern more […]
Irish university MTU Cork has decided to close all four campuses for two days and cancel all classes due to an intrusion into its IT systems. The attack took place last weekend and would have been detected at an early stage. The university gives no details about what kind of attack it is exactly and […]
Google AI was promoted in an advert designed to show off its new AI bot (Bard). Unfortunately Bard answered a query incorrectly. On Twitter last Monday, the bot was asked about what to tell a nine-year-old about discoveries from the James Webb Space Telescope. It offered the response that the telescope was the first to […]
The Italian privacy regulator has ordered a popular AI chatbot to cease processing data on domestic citizens after breaking GDPR rules. The ‘virtual friend’ app tries to improve users’ emotional well-being and help users understand their thoughts and calm anxiety through stress management, socialization and the search for love,” but doesn’t seem to comply with […]
Privacy by Design (PbD) is about to become an international privacy standard for the protection of consumer products and services. This will have a huge impact. As a guideline, Privacy by Design applies to IT systems, accountable business practices, and physical design and networked infrastructure.
Public bodies should take into account the possible sensitive nature and large amounts of data processed by public bodies. But how to guarantee the fundamental right to the protection of personal data? The EDPB therefore underlines the need for public bodies to act in full compliance with the GDPR when using cloud-based products or services. […]