Secure
your systems, or else!
New
York State Expected to Increase Enforcement of Cybersecurity
Practices
Companies
should take note of two imminent developments in New York in the area
of cybersecurity regulation: enforcement of the New York Department
of Financial Services (NYDFS) Cybersecurity
Regulation (Regulation)
and the effective date of the Stop Hacks and Improve Electronic Data
Security Act (SHIELD Act or Act). The Regulation and the Act both
contain prescriptive cybersecurity requirements and new breach
notification obligations for regulated organizations. The
Act has a particularly broad reach,
impacting any company that owns or licenses private information of
New York residents.
The
NYDFS Regulation originally came into effect on March 1, 2017, and
provided for a two-year
implementation plan for
companies to develop a robust cybersecurity program.
… In
addition, on July 25, 2019, Governor Cuomo signed into law the SHIELD
Act.
Notably, the Act applies to any company that owns or licenses
“private information” of New York residents – even
organizations that do not conduct business in the state.
The Act contains both expanded breach notification obligations
(which have been in effect since October 2019) and specific
requirements to maintain reasonable administrative, technical, and
physical safeguards to protect personal information. These new
substantive cybersecurity requirements will take effect on March 21,
2020.
Every
student a potential criminal or terrorist?
‘Weapon
Detecting AI’ is Now Scanning Students in South Carolina Schools
Over
the past year, administrators at West Florence High School have
deployed a variety of new surveillance technologies, embracing a
distinct vision of the future of public education.
Earlier
this year, the South Carolina district installed vape detectors—which
come equipped with chemical sensors and microphones that send alerts
directly to the principal—in bathrooms and hallways. During their
first week of use, the devices caught
12 students.
School-issued Chromebook laptops also now come pre-installed with
Gaggle, a new
breed of surveillance software that
monitors students’ every action on the devices, both on and off
school grounds.
And
most recently, the metal detectors that stood sentinel at school
entrances have disappeared. In their place, schools across Florence
District 1 are now equipped with millimeter wave body scanners from
Evolv Technology. The company claims that the devices, which are
similar to modern airport scanners, can scan 60 people a minute using
machine learning algorithms that detect guns, knives, and other
threats, and then notify security guards exactly where the objects
are on a person’s body.
… Educators
in places like Florence are understandably predisposed to spend that
money and err on the side of caution. But student privacy and civil
rights advocates worry that some districts are being hoodwinked by
for-profit companies that promise more than their technology can
deliver in order to capitalize on the fear of mass shootings.
Those
who do not understand encryption are doomed to repeat this question.
Dan
Sabbagh reports:
MI5’s director general has called on technology companies to find a way to allow spy agencies “exceptional access” to encrypted messages, amid fears they cannot otherwise access such communications.
Sir Andrew Parker is understood to be particularly concerned about Facebook, which announced plans to introduce powerful end-to-end encryption last March across all the social media firm’s services.
Read
more on The
Guardian.
[From
the article:
Parker
called on the tech firms to “use the brilliant technologists you’ve
got” to answer a question: “Can you provide end-to-end encryption
but on an exceptional basis – exceptional basis – where there is
a legal warrant and a compelling case to do it, provide access to
stop the most serious forms of harm happening?”
In
case you missed something.
FTC
Releases 2019 Privacy and Data Security Update
The
Federal Trade Commission today released its annual privacy
and security update for 2019,
highlighting a record year for enforcement actions aimed at
protecting consumer privacy and data security.
Start
planning...
Close
to the Finish Line: Observations on the Washington Privacy Act
We
wrote
last week that
Washington State seems poised to become the second US state to pass a
major comprehensive privacy bill. The proposed Washington Privacy
Act (WPA) would be mostly aligned with the EU’s GDPR, the global
gold standard for data protection (although there are still some
significant differences). Read our full comparison
of the WPA with GDPR and other privacy laws.
At a minimum, the WPA goes much further than the California Consumer
Privacy Act (CCPA). Perhaps the most significant difference between
the WPA and CCPA is that the WPA would require companies and even
non-profits to obtain affirmative (“opt in”) consent for the
collection of sensitive data, including biometric data and
geolocation data.
Let’s talk
about an architecture for education.
A
Vision of AI for Joyful Education
In
a 2013 post, Facebook CEO Mark Zuckerberg sketched out a “rough
plan”
to provide free, basic internet to the world and thus spread
opportunity and interconnection. However, the United
Nations Human Rights Council reported that,
in Myanmar, Facebook’s efforts to follow through on such
aspirations accelerated hate speech, fomented division, and incited
offline violence in the Rohingya genocide. Free, basic internet now
serves as a warning of the complexities of technological impact on
society. For Chris, an AI researcher in education, and Lisa, a
science educator and student of international cyber policy, this
example gives pause: What unintended consequences could AI in
education have?
Does
this make them a target for a bunch of lawsuits?
Musicians
Algorithmically Generate Every Possible Melody, Release Them to
Public Domain
Two
programmer-musicians wrote every possible MIDI melody in existence to
a hard drive, copyrighted the whole thing, and then released it all
to the public in an attempt
to stop musicians from getting sued.
Freebies!
Smithsonian
Releases 2.8 Million Images Into Public Domain
Smithsonian
Magazine –
“Culture connoisseurs, rejoice: The Smithsonian
Institution is
inviting the world to engage with its vast repository of resources
like never before. For the first time in its 174-year history, the
Smithsonian has released 2.8 million high-resolution two- and
three-dimensional images from across its collections onto an open
access online platform for
patrons to peruse and download
free of charge.
Featuring data and material from all 19 Smithsonian museums, nine
research centers, libraries, archives and the National Zoo, the new
digital depot encourages the public to not just view its contents,
but use, reuse and transform them into just about anything they
choose—be it a postcard, a beer koozie or a pair of bootie shorts
And this gargantuan data dump is just the beginning. Throughout the
rest of 2020, the Smithsonian will be rolling out another 200,000 or
so images, with more to come as the Institution continues to digitize
its collection of 155
million items and counting. “Being
a relevant source for people who are learning around the world is key
to our mission,” says Effie
Kapsalis,
who is heading up the effort as the Smithsonian’s senior digital
program officer. “We can’t imagine what people are going to do
with the collections. We’re prepared to be surprised.”
The database’s launch also marks the latest victory for a growing global effort to migrate museum collections into the public domain. Nearly 200 other institutions worldwide—including Amsterdam’s Rijksmuseum, New York’s Metropolitan Museum of Art and the Art Institute of Chicago —have made similar moves to digitize and liberate their masterworks in recent years. But the scale of the Smithsonian’s release is “unprecedented” in both depth and breadth, says Simon Tanner, an expert in digital cultural heritage at King’s College London…”
No comments:
Post a Comment