In a recent report Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential information, client data, source code, or regulated information to the ChatGPT. In one case, an executive cut and pasted the firm’s 2023 strategy document into […]
The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended states that the executive order is too vague, and leaves US courts — who would be the sole interpreters of the proposed EU-US Data Privacy Framework — wiggle room to approve the bulk collection of data for signals intelligence, and doesn’t apply […]
The ChatGPT tool is a language model based on the GPT-3.5 architecture and trained by OpenAI. It uses a web crawler to collect data and generate responses to user input. While this technology has many useful applications, it also raises concerns about the potential misuse of proprietary information. One way that the ChatGPT tool collects […]
The EDPS – European Data Protection Supervisor states in an opinion that in order to act as a controller, the entity / involved party must determine the purposes & essential means of the processing. “Essential means” are closely linked to the purpose and the scope of the processing.On the other hand, “non-essential means” concern more […]
The Italian privacy regulator has ordered a popular AI chatbot to cease processing data on domestic citizens after breaking GDPR rules. The ‘virtual friend’ app tries to improve users’ emotional well-being and help users understand their thoughts and calm anxiety through stress management, socialization and the search for love,” but doesn’t seem to comply with […]
Privacy by Design (PbD) is about to become an international privacy standard for the protection of consumer products and services. This will have a huge impact. As a guideline, Privacy by Design applies to IT systems, accountable business practices, and physical design and networked infrastructure.
Public bodies should take into account the possible sensitive nature and large amounts of data processed by public bodies. But how to guarantee the fundamental right to the protection of personal data? The EDPB therefore underlines the need for public bodies to act in full compliance with the GDPR when using cloud-based products or services. […]
Every person has the right to know to whom his or her personal data have been disclosed.A citizen requested Österreichische Post, the principal operator of postal and logistical services in Austria, to disclose to him the identity of the recipients to whom it had disclosed his personal data. The post gave petitioner only the categories […]
Meta received a GDPR fine of €390M (210 million and €180 million fines for Facebook and Instagram) and accused the company of lacking proper legal grounds to process millions of Europeans’ with its data-fueled advertising model. Meta strongly disagree with the DPC’s final decision, and believes to fully comply with GDPR by relying on Contractual […]
The US government demands direct access to databases of European police services containing biometric data of European citizens. The US makes this entry mandatory for countries participating in the so-called Visa Waiver Program, which allows citizens of certain countries to travel to the United States without a visa. At the beginning of this year, US […]