SypherPrivacyTalks - July 2024 - Week 29

Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

EU AI Act published: A new era for AI regulation begins

lw.com • 10+ min read

📜 The world's first comprehensive legal framework for AI sets the stage for future regulation both inside and outside the EU.
The publication of the EU AI Act in the EU Official Journal on 12 July marks a major milestone in the regulation of artificial intelligence (AI). 
This landmark legislation creates the world's first comprehensive legal framework for AI and sets the stage for future regulation of AI both within and outside the EU.

The AI Act will enter into force on 2 August 2024. For information on the implementation timetable… read more
🇷🇴 The Romanian version of the AI Act is available here.

OpenAI failed to report a major data breach in 2023 

csoonline.com • 3 min read

💥A hacker broke into OpenAI's internal messaging system early last year, gaining access to employee discussions about the company's latest AI advances, according to a report in the New York Times.
San Francisco-headquartered OpenAI confirmed the breach to employees and its board of directors in April 2023, but chose not to disclose it publicly. The company argued that no customer or partner data had been compromised and that it believed the hacker was an individual, not a state-sponsored actor, the report added … read more

Microsoft ad subsidiary Xandr accused of violating GDPR

theregister.com • 4 min read

🕵️‍♂️ Privacy advocacy group NOYB has filed a complaint with Italy's DPA Garante against Xandr, an adtech company owned by Microsoft since 2021 although still structurally autonomous.
The allegations include "highly intrusive data processing", as well as breaches of several GDPR rules.... read more

See the actual complaint here.

Spotify fined in Sweden over GDPR data access complaint

techcrunch.com  • 2  min read

💶 Music streaming giant Spotify has been fined around €3.4 million (penalty reduced from €5 million), more than four years after it was accused of violating users' data access rights in the European Union by failing to provide full information about the personal data it processes in response to individual requests… read more

More information on the rationale of the reduced penalty here (article in Swedish).

NIS2 compliance is the beginning, better security the goal

techzine.eu • 7 min read

🛡️ As organisations prepare for the new European NIS2 directive, there is still uncertainty in some countries as to how the government will implement it into legislation. 
Changes will take place over the next 12 months, resulting in necessary enhancements to security… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.

Photo by Guillaume Périgois on Unsplash