Update.
310,000 Records Compromised In University Of Colorado Data Breach, Including Social Security Numbers & University Financial Information
Audra Streetman reports:
The University of Colorado released new information on Friday about the Accellion data breach that compromised more than 310,000 university records. Officials say the data accessed in the breach includes personally identifiable information, including grades and transcript data, visa and disability status, medical and prescription information and in limited cases, Social Security numbers and university financial account information.
Read more on CBS Denver. The university has not yet reported the number of patients who had ePHI involved — or if they have, HHS hasn’t added it to the public breach tool yet.
For my Computer Security students.
https://venturebeat.com/2021/04/09/microsoft-open-sources-tool-to-use-ai-in-simulated-attacks/
Microsoft open-sources tool to use AI in simulated attacks
As part of Microsoft’s research into ways to use machine learning and AI to improve security defenses, the company has released an open source attack toolkit to let researchers create simulated network environments and see how they fare against attacks.
Microsoft 365 Defender Research released CyberBattleSim, which creates a network simulation and models how threat actors can move laterally through the network looking for weak points. When building the attack simulation, enterprise defenders and researchers create various nodes on the network and indicate which services are running, which vulnerabilities are present, and what type of security controls are in place. Automated agents, representing threat actors, are deployed in the attack simulation to randomly execute actions as they try to take over the nodes.
Trying to keep up!
Alaska’s Consumer Data Privacy Act: Another CCPA Copycat, but With Its Own Unanswered Questions
Nancy Libin of Davis Wright Tremaine writes:
Last week, Alaska joined the growing number of states considering comprehensive consumer privacy legislation when, at the behest of Governor Dunleavy, the Consumer Data Privacy Act was introduced in both chambers of the Alaska legislature. If enacted, the Act would become effective on January 1, 2023.
The Act is modeled after the California Consumer Privacy Act (CCPA) and provides consumers certain rights and imposes obligations on businesses that collect consumers’ personal information. Although similar to the CCPA in many respects, it diverges from the CCPA in some significant ways that would pose compliance challenges for businesses.
Read more on Privacy & Security Law Blog.
Surveillance as intimidation. (Or Commissioners as unreasonable people?)
NZ: Case note 302694 [2021]: Man complains about neighbour’s security camera
From the office of the Privacy Commissioner of New Zealand, this recent decision and case note:
A man complained that his neighbour had installed a security camera aimed at the back gate of his property, which made him feel intimidated.
Section 27
The man’s complaint raised issues under section 27 of the Privacy Act 2020.
Section 27 provides that the information privacy principles do not apply to the collection of personal information where it is collected or held solely for the purposes of, or in connection with that person’s personal, family, or household affairs.
We found that section 27 applied here as there had been ongoing disputes between the man and his neighbour over parking and interactions with guests. Therefore, in our view, the information was collected in connection with the neighbour’s domestic affairs.
However, section 27 does not apply where the collection, use or disclosure of the information in question would be highly offensive to an ordinary, reasonable person. We considered that the collection of images in the man’s backyard did not reach the threshold of highly offensive.
Read more on privacy.org.nz
Even if AI does not own the patent, they will shake up this area of law.
https://www.lexology.com/library/detail.aspx?g=15897da3-9229-4ff6-bccf-62169f0e8df3
Disclosing AI Inventions - Part I: Identifying the Unique Disclosure Issues
Our recent post “Tracking AI Prosecution Trends at the U.S. Patent Office” presented USPTO data which suggests that future prosecution of AI inventions may be less focused on patent eligibility under 35 U.S.C. §101 and more focused on the traditional requirements of §§ 102, 103 and 112. This post is the first of a two part series looking into the challenges that AI inventions present to one of these traditional requirements: patent disclosure under 35 U.S.C. §112(a). In this Part I, we identify the unique disclosure issues with AI inventions. In Part II, we provide practice tips for describing and enabling AI inventions.
A fundamental premise of most patent systems is the quid pro quo by which an inventor discloses his or her invention to the public in return for exclusive rights to use such invention for a limited time. Recent advances in artificial intelligence (AI) have sparked debate as to whether current patent disclosure requirements can enrich the public with AI inventions such that the granting of the exclusive right is justified. This debate inevitably centers on the “black box” nature of a particular type of AI: machine learning. Machine learning is the dominant AI technique disclosed in patents.[1] As such, understanding the patent disclosure issues presented by AI inventions requires an understanding of the basics of machine learning.
(Related) Would we allow them to patent this technique?
https://www.rt.com/news/520595-machine-learning-language-cancer-alzheimers/
Algorithms used by Netflix, Amazon, and Facebook can ‘predict’ language of cancer and diseases such as Alzheimer’s – study
Researchers have developed a machine-learning algorithm similar to those used by Facebook and Netflix that can decode the molecular language of disease and potentially revolutionize the world of medicine.
Recommendations on social media and online entertainment platforms are derived from powerful machine-learning algorithms that monitor behavior patterns to suggest potential friends or connections, or the next series or film to watch on platforms such as Netflix. Predictive text on a smartphone also makes use of deep language learning to anticipate which words a user is likely to need next as they write a sentence.
If similar machine-learning algorithms can be trained to produce massive language models based on protein interactions within the human body, the results could prove to be revolutionary for the field of medicine, and may unlock the secret to defeating some of humanity’s most intractable and devastating diseases.
Perspective.
https://thehill.com/opinion/technology/547418-the-reality-of-americas-ai-talent-shortages
The reality of America's AI talent shortages
The concern about an artificial intelligence, or AI, workforce shortage in the United States is rapidly becoming a top national security priority. Calls for additional legislative action are mounting as the national security community sees talent as a key enabler in outcompeting China. An increasing number of proposals, including those in the 2021 National Defense Authorization Act and others based on the recommendations of the National Security Commission on Artificial Intelligence, have the goal of growing and cultivating the domestic AI workforce based on the premise of shortages.
However, there is little data on actual U.S. AI labor market dynamics to inform whether there is an AI workforce shortage, and if so, what type and to what extent. Moreover, there is no standard definition of “AI workforce.” This makes it difficult, if not impossible, to determine which workers are in short supply and how to best address it.
Perspective. Is this cart before the horse?
White House set to host Google, Intel CEOs to discuss computer chip supply chain
(Related) Ready, fire, aim? OR because these poor companies are nearly broke?
President Biden calls on Congress to help fight semiconductor shortage
President Biden called for funding to fight the semiconductor shortage in the White House's first budget proposal to Congress today. The request from the White House includes $150 million to fund two new manufacturing programs, one of which would target semiconductor manufacturing in the U.S.
(Related) Of course, a mere $150 million won’t build a semiconductor facility.
Intel is spending $20 billion to build two new chip plants in Arizona
Pandemic: year two.
https://dilbert.com/strip/2021-04-10