Podcasts about general data protection regulation gdpr

John McVeigh Today, we have a guest post on the complexities of navigating Brexit and GDPR for companies on both sides of the border- provided by ASSUREMORE. ASSUREMORE is a management consultancy business specialising in GDPR compliance - founded by John McVeigh. To find out more about ASSUREMORE and the services they provide, please click here. When the General Data Protection Regulation (GDPR) came into force in 2018, it applied uniformly to all EU member states - including the United Kingdom and the Republic of Ireland. However, Brexit changed the game. We now have two parallel regimes: The EU GDPR applies to any organisation operating in the European Union. The UK GDPR applies to businesses operating in the United Kingdom. Although the laws are nearly identical in principle, they are legally separate. This means that if you're based in one jurisdiction but process personal data from the other with no local base, you may need to appoint a GDPR representative there. It's a requirement that many businesses are unaware of or have overlooked, despite it coming into effect as soon as the UK fully left the EU. "Two Versions of GDPR" in Practice "Essentially, there are now two versions of GDPR," explains John McVeigh. "If your business is based in only one jurisdiction but still handles personal data from the other, you'll likely need a representative. It's something that was never really spotlighted when Brexit happened - and it catches people out." Before Brexit, a company in Northern Ireland selling services to the Republic of Ireland (and vice versa) faced no additional compliance beyond standard EU GDPR. Once the UK left, businesses in the Republic effectively became "outside" of UK legal territory, and businesses in Northern Ireland or Great Britain likewise became "outside" of the EU's legal territory. As a result, many organisations - large or small, B2C or B2B - now come under Article 27 of the respective GDPR regime. When Do You Need a GDPR Representative? Under Article 27 (EU GDPR or UK GDPR), a non-EU or non-UK organisation that processes the personal data of individuals in the other territory may need to appoint an official GDPR representative if: You do not have an "establishment" (e.g. an office, subsidiary, or physical presence) in the territory where your customers or data subjects reside. You are offering goods or services to individuals in that territory (even free services can count). You process personal data that can identify living individuals (for instance, storing "joe.blogs@companyx.com" rather than simply "info@companyx.com"). If all your data is strictly non-personal (like a generic info@ address or purely anonymous records), or if your activity in the other jurisdiction is truly "occasional" and poses minimal risk, you might be exempt. However, genuine exemptions are rare in practice, especially for consumer-facing businesses or those storing personal details of clients, suppliers, or leads. B2C vs. B2B B2C: Businesses selling directly to consumers in the other jurisdiction face the highest scrutiny - especially if they store names, addresses, payment details, or marketing preferences of private individuals. Consumers are more likely to exercise data protection rights and file complaints if they feel their privacy is being mishandled. B2B: Even if you primarily serve other companies, you typically store personal data for key contacts - e.g. "john.smith@clientcompany.com" - which means GDPR still applies. The risk of complaints may be somewhat lower, but the legal requirement remains. The Cross-Border Example A classic scenario is a manufacturer or retailer in the Republic of Ireland that has always sold products seamlessly into Northern Ireland or Great Britain. Suddenly, that same business is deemed "non-UK" for data protection purposes - even though physically they might be only kilometres away across the border. If they do not have a dedicated office in the UK, they will likely need a UK GDPR r...

In today's podcast, we discussed the critical area of consumer protection law, focusing on consumer privacy. Consumer protection law covers a broad range of areas including product safety, false advertising, fair credit reporting, debt collection practices, warranties, consumer contracts, and unfair trade practices. Due to the increasing importance of protecting personal data in the digital age, we concentrated on consumer privacy.Consumer privacy is centered on protecting individuals' personal information from unauthorized collection, use, and disclosure. This information, known as Personally Identifiable Information (PII), includes names, addresses, phone numbers, email addresses, social security numbers, credit card details, browsing history, and location data. Protecting this data is crucial to prevent identity theft, financial fraud, and other harms. Strong privacy measures empower consumers by giving them control over their data and fostering trust between individuals and businesses, which is essential for a healthy digital economy.Protecting consumer privacy is necessary for several reasons: to prevent identity theft and fraud, to safeguard sensitive information from being misused for discriminatory practices, to give consumers rights over their data, and to build trust between consumers and businesses.Key regulatory frameworks that shape consumer privacy law include the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The GDPR emphasizes principles such as data minimization, purpose limitation, and obtaining explicit consent before processing personal data. It also gives individuals rights to access, correct, and erase their data. The CCPA grants California residents the rights to know what data is collected, to request its deletion, and to opt out of its sale. These regulations show a global trend toward stricter controls over how personal data is handled.Despite these regulations, challenges remain, including data breaches, pervasive tracking and surveillance of online activities, targeted advertising practices, complexities of cross-border data transfers, and emerging technologies.Enforcement mechanisms, such as regulatory bodies and judicial remedies, are essential for effective consumer privacy protection.Consumer privacy law will continue to evolve in response to technological advancements and the increasingly global nature of data flows. Enhanced consumer empowerment tools and ongoing regulatory innovation will likely shape future legal developments.

Summary In this episode of Chattinn Cyber, Marc Schein welcomes back Ken Rashbaum, a partner at Barton LLP and a professor at Fordham Law School. Ken, a well-respected privacy attorney, shares his journey from being a trial lawyer and prosecutor to becoming a leading figure in data protection and cybersecurity. He discusses how his early work in healthcare law, particularly with the introduction of HIPAA, paved the way for his focus on privacy and cybersecurity on a global scale. Their chat shifts to the current landscape of data protection regulations in the U.S. Ken explains the fragmented nature of these laws, which primarily exist at the state level, with only limited federal regulations in healthcare and children's information. He expresses skepticism about significant changes in federal regulation following the recent presidential election, highlighting the philosophical divide between the two major political parties regarding privacy legislation. Ken emphasizes that voters are increasingly concerned about the privacy and security of their personal information, which complicates the regulatory landscape. Marc and Ken then delve into the importance of cybersecurity provisions in contracts, particularly for midsize businesses. Ken argues that simply stating compliance with applicable laws is insufficient due to the evolving nature of cybersecurity regulations. He advocates for more detailed cybersecurity requirements in contracts to provide clarity and certainty for all parties involved. Ken also addresses the challenges small and mid-sized businesses face when negotiating contracts with larger corporations, suggesting that they assess risks and consider mitigation strategies, such as implementing multi-factor authentication. The discussion also touches on the implications of the General Data Protection Regulation (GDPR) for businesses that may not operate in Europe but have customers there. Ken advises that companies should be aware of their obligations under GDPR if they market to EU residents, as the global nature of the internet makes it difficult to avoid these regulations. He stresses the importance of transparency and understanding the data protection implications of using artificial intelligence in business agreements, given the rapid development of AI technology. Finally, Ken highlights the need for continuous learning in the field of cybersecurity and data protection, urging professionals to stay updated on current changes and adapt to the evolving needs of businesses. He concludes by encouraging open communication and collaboration between legal advisors and businesses to ensure that contracts are tailored to meet the specific needs and risks of each party. The episode wraps up with Ken sharing his contact information and resources for listeners seeking further guidance on these critical issues. Key Points Fragmented Data Protection Regulations: Ken explains the current state of data protection laws in the U.S., highlighting the lack of comprehensive federal regulations outside of healthcare and children's information. He notes that most regulations exist at the state level, leading to a complex and inconsistent legal landscape. Importance of Detailed Cybersecurity Provisions in Contracts: The conversation emphasizes that simply stating compliance with applicable laws in contracts is insufficient. Ken advocates for including specific cybersecurity requirements to provide clarity and certainty for all parties involved, especially given the evolving nature of cybersecurity regulations. Challenges for Midsize Businesses: Ken discusses the difficulties that small and midsize businesses face when negotiating contracts with larger corporations. He suggests that these businesses assess their risks and consider mitigation strategies, such as implementing cybersecurity measures like multi-factor authentication. Implications of GDPR: The podcast addresses the relevance of the General Data...

The intersection of technology and health has seen remarkable advancements in recent years, with wearables emerging as a pivotal element in personal health monitoring. Among these innovations, the smart ring stands out as a revolutionary tool that combines convenience, functionality, and advanced health monitoring capabilities. The Circular smart ring, recently introduced at the Consumer Electronics Show (CES), exemplifies this evolution, offering features that empower users to take control of their health in unprecedented ways.A New Era of Health MonitoringAt the heart of the Circular smart ring's innovation is its ability to perform electrocardiogram (ECG) readings. This feature allows users to monitor their heart health with a simple touch of the ring, making it a game-changer in the realm of personal health devices. Traditionally, obtaining an ECG required a visit to a healthcare professional, involving cumbersome equipment and often lengthy procedures. In recent years, the technology has been added into larger wearable devices, such as watches.Circular's integration of this technology into a small wearable format not only streamlines the process but also democratizes access to vital health information. With the capability to detect arrhythmias - irregular heartbeats - within just 30 seconds, users can gain insights into their cardiac health without the need for immediate medical intervention.The Journey of CircularThe inception of Circular was rooted in a desire to enhance personal wellness through innovative technology. Initially, the company's founders sought to create a ring that would wake users with gentle vibrations, a concept that highlights the importance of personalized experiences in health technology. However, upon collaborating with medical professionals, the focus shifted towards integrating health and wellness features. This pivot led to the development of functionalities such as sleep analysis, activity tracking, and stress monitoring, laying the groundwork for the advanced capabilities present in the latest iteration of the ring.Comprehensive Health InsightsThe Circular smart ring does not merely focus on heart health; it encompasses a broad spectrum of health metrics. Through its accompanying app, users can monitor various indicators, including sleep quality, physical activity, and even blood oxygen levels (SpO2). The ring records data every two minutes, providing a minute's worth of information for each health metric. This level of detail allows users to identify patterns and make informed decisions about their health, such as recognizing symptoms of sleep apnea through the analysis of blood oxygenation levels during sleep.Moreover, the incorporation of artificial intelligence (AI) enhances the ring's functionality. By analyzing anonymized data from users, the AI can offer personalized recommendations, translating complex health metrics into understandable insights. This feature is particularly beneficial in a world where many individuals may not fully grasp what terms like heart rate variability (HRV) or SpO2 mean. The ring effectively bridges the gap between advanced medical technology and everyday usability, making health management accessible to a broader audience.Ethical Considerations and Data PrivacyAs with any device that collects health data, ethical considerations are paramount. Circular is committed to adhering to stringent data protection regulations, such as the General Data Protection Regulation (GDPR) in Europe. The company emphasizes the importance of anonymizing data to ensure user privacy while still leveraging this information to enhance the accuracy and efficacy of its health monitoring features. This careful approach underscores the balance between innovation and ethical responsibility, fostering trust among users.The Circular smart ring represents a significant milestone in the evolution of wearable health technology. Its ability to offer ECG readings, coupled with a comprehensive suite of health monitoring features, positions it as a leader in the market. As consumers increasingly seek convenient ways to manage their health, the smart ring stands out as a promising solution, combining functionality with a sleek design.Conclusion: The Future of Wearable Health TechnologyIn conclusion, the Circular smart ring is not just a novel gadget; it is a transformative tool that empowers individuals to take charge of their health. By integrating advanced medical technology into a user-friendly format, it paves the way for a future where health monitoring is as effortless as wearing a piece of jewelry. As innovation continues to drive the wearable technology landscape, the potential for smart rings and similar devices to enhance personal wellness is boundless, heralding a new era of health empowerment for all.Interview by Marlo Anderson of The Tech Ranch.Sponsored by: Get $5 to protect your credit card information online with Privacy. Amazon Prime gives you more than just free shipping. Get free music, TV shows, movies, videogames and more. The most flexible tools for podcasting. Get a 30 day free trial of storage and statistics.

The intersection of technology and health has seen remarkable advancements in recent years, with wearables emerging as a pivotal element in personal health monitoring. Among these innovations, the smart ring stands out as a revolutionary tool that combines convenience, functionality, and advanced health monitoring capabilities. The Circular smart ring, recently introduced at the Consumer Electronics Show (CES), exemplifies this evolution, offering features that empower users to take control of their health in unprecedented ways.A New Era of Health MonitoringAt the heart of the Circular smart ring's innovation is its ability to perform electrocardiogram (ECG) readings. This feature allows users to monitor their heart health with a simple touch of the ring, making it a game-changer in the realm of personal health devices. Traditionally, obtaining an ECG required a visit to a healthcare professional, involving cumbersome equipment and often lengthy procedures. In recent years, the technology has been added into larger wearable devices, such as watches.Circular's integration of this technology into a small wearable format not only streamlines the process but also democratizes access to vital health information. With the capability to detect arrhythmias - irregular heartbeats - within just 30 seconds, users can gain insights into their cardiac health without the need for immediate medical intervention.The Journey of CircularThe inception of Circular was rooted in a desire to enhance personal wellness through innovative technology. Initially, the company's founders sought to create a ring that would wake users with gentle vibrations, a concept that highlights the importance of personalized experiences in health technology. However, upon collaborating with medical professionals, the focus shifted towards integrating health and wellness features. This pivot led to the development of functionalities such as sleep analysis, activity tracking, and stress monitoring, laying the groundwork for the advanced capabilities present in the latest iteration of the ring.Comprehensive Health InsightsThe Circular smart ring does not merely focus on heart health; it encompasses a broad spectrum of health metrics. Through its accompanying app, users can monitor various indicators, including sleep quality, physical activity, and even blood oxygen levels (SpO2). The ring records data every two minutes, providing a minute's worth of information for each health metric. This level of detail allows users to identify patterns and make informed decisions about their health, such as recognizing symptoms of sleep apnea through the analysis of blood oxygenation levels during sleep.Moreover, the incorporation of artificial intelligence (AI) enhances the ring's functionality. By analyzing anonymized data from users, the AI can offer personalized recommendations, translating complex health metrics into understandable insights. This feature is particularly beneficial in a world where many individuals may not fully grasp what terms like heart rate variability (HRV) or SpO2 mean. The ring effectively bridges the gap between advanced medical technology and everyday usability, making health management accessible to a broader audience.Ethical Considerations and Data PrivacyAs with any device that collects health data, ethical considerations are paramount. Circular is committed to adhering to stringent data protection regulations, such as the General Data Protection Regulation (GDPR) in Europe. The company emphasizes the importance of anonymizing data to ensure user privacy while still leveraging this information to enhance the accuracy and efficacy of its health monitoring features. This careful approach underscores the balance between innovation and ethical responsibility, fostering trust among users.The Circular smart ring represents a significant milestone in the evolution of wearable health technology. Its ability to offer ECG readings, coupled with a comprehensive suite of health monitoring features, positions it as a leader in the market. As consumers increasingly seek convenient ways to manage their health, the smart ring stands out as a promising solution, combining functionality with a sleek design.Conclusion: The Future of Wearable Health TechnologyIn conclusion, the Circular smart ring is not just a novel gadget; it is a transformative tool that empowers individuals to take charge of their health. By integrating advanced medical technology into a user-friendly format, it paves the way for a future where health monitoring is as effortless as wearing a piece of jewelry. As innovation continues to drive the wearable technology landscape, the potential for smart rings and similar devices to enhance personal wellness is boundless, heralding a new era of health empowerment for all.Interview by Marlo Anderson of The Tech Ranch.Sponsored by: Get $5 to protect your credit card information online with Privacy. Amazon Prime gives you more than just free shipping. Get free music, TV shows, movies, videogames and more. The most flexible tools for podcasting. Get a 30 day free trial of storage and statistics.

In today's digital era, where personal data drives decisions and innovation, privacy and data protection have become non-negotiable priorities. Organizations across industries face mounting pressure to comply with complex regulations while maintaining customer trust. This is where IAPP (International Association of Privacy Professionals) certifications come into play. Certifications such as CIPP (Certified Information Privacy Professional), CIPM (Certified Information Privacy Manager), AIGP (Artificial Intelligence Governance Professional), and CIPT (Certified Information Privacy Technologist) help professionals design and sustain robust data protection frameworks. The Growing Relevance of IAPP Certifications With the global surge in data privacy regulations, like the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other region-specific laws, organizations now face significant penalties for non-compliance. This environment underscores the demand for professionals who are not only aware of the legal requirements but also skilled in embedding privacy into business operations. IAPP certifications uniquely position individuals to meet these demands, offering structured education tailored to specific roles and challenges in the data protection landscape. View More: Benefits of IAPP Certifications in Building a Strong Data Protection Framework

In this episode of the Data Malarkey podcast, master data storyteller Sam Knowles is joined by Alice Wallbank, a professional support lawyer for the law firm Shoosmiths, whose clients include Mercedes-Benz, Octopus Ventures, and Travelodge. The company also specialises in working for businesses in both the property and banking sector.   The Financial Times has garlanded Shoosmiths as “one of Europe's most innovative law firms”, and Alice's pioneering role at the company – focused on privacy, data, and increasingly AI – is symptomatic of a business in the vanguard of a profession catching up with the broadest implications of technology.   At the start of this year, Alice co-hosted an excellent ‘data insights' conference – naturally hybrid, both in the room and online – which featured a keynote from Austrian activist and lawyer, Max Schrems. Schrems is famous for his successful campaigns against Facebook (and Meta) for their violations of European data privacy laws.   Before joining Shoosmiths, Alice spent six years as the principal legal counsel for the cyber and information security division of the leading technology business, QinetiQ.    Alice is a passionate advocate of the EU's General Data Protection Regulation (GDPR), describing it “as a good thing for data privacy – without a shadow of a doubt”. Although first introduced in 2016 and in place since 2018, it has its origins in a 1995 directive, designed to protect the rights and freedoms of individuals from Big Tech. Alice believes this showed “remarkable foresight”.   One of the very few people in the UK, Europe, and the world to have read all 90,000 words of the EU's AI Act, artificial intelligence gives Alice that fabled reaction to trench warfare of “a combination of boredom and terror”. There are huge potential upsides – such as radiography diagnostics – and massive downsides from a system that is “at heart a self-limiting black box” dealing in “biases in, biases out”.   And in a Data Malarkey exclusive, Alice is our first guest in more than 40 episodes … to sing. She dons her white stilettos, dances round her handbag, and turns the clock back to 1984 for a tuneful rendition of Rockwell's dancefloor smash, Somebody's Watching Me – for Alice, an insightful foreshadowing of data privacy issues 40 years into the future.   EXTERNAL LINKS   Shoosmiths home page – https://www.shoosmiths.com   Alice's profile on the Shoosmiths' site – https://www.shoosmiths.com/people/cvdetails/alice-wallbank   Alice's article on Ashley Madison – https://www.grip.globalrelay.com/could-the-ashley-madison-data-breach-happen-today/   Another blog from Alice, this time on the environmental credentials of GDPR.   The EU AI Act – all 90,000 words of it – here   Rockwell's Somebody's Watching Me from 1984 – https://www.youtube.com/watch?v=7YvAYIJSSZY     To find out what kind of data storyteller you are, complete our data storytelling scorecard at https://data-storytelling.scoreapp.com. It takes just two minutes, and we'll send you your own personalised scorecard which tells you what kind of data storyteller you are.  

Blockchain technology, much like its early application in cryptocurrencies, is hailed as a revolutionary force poised to disrupt traditional systems in this case, supply chain finance. Just as Bitcoin threw the traditional banking model into disarray by eliminating intermediaries and offering decentralized, peer-to-peer transactions, blockchain is poised to revolutionize supply chains. Its promise lies in greater transparency, efficiency, and automation. But, just as crypto's journey has shown, the road from innovation to widespread adoption is rarely straightforward. Challenges like regulatory uncertainty, integration hurdles, and resistance from established players still loom large. The excitement around blockchain's potential to transform supply chain finance is real but so too are the obstacles that lie ahead. Balancing Transparency with Privacy Transparency is blockchain's hallmark, touted as a tool to reduce fraud and streamline processes. But in industries where proprietary information like pricing structures or supplier identities must be closely guarded, transparency can become a liability. Think about the pharmaceutical industry, where sharing sensitive pricing or formulation data could easily compromise competitive advantage. Permissioned blockchains offer a middle ground, allowing access to authorized participants while keeping sensitive details private. However, implementing these systems across multiple stakeholders with differing needs and access levels isn't just about adding new tech it's a logistical challenge that demands careful coordination. Smart Contracts: Not a One-Size-Fits-All Solution Picture this: goods arrive at their destination, and a smart contract instantly triggers payment. No emails, no back-and-forth negotiations, no delays. It's automated, seamless, and efficient until it's not. While a Deloitte reports that smart contracts can reduce transaction times by 80% and cut operational costs by 30%, these benefits are limited to simple, binary transactions. When things go awry maybe the goods don't meet quality standards or delivery is late the rigidity of smart contracts becomes apparent. Not every aspect of supply chain finance can be boiled down to if X happens, then Y triggers. Human oversight, with all its judgment calls, still plays a vital role in resolving complex disputes. Overcoming Barriers to Adoption Now let's talk about small and medium-sized enterprises (SMEs). Blockchain has been hailed as the great equalizer, giving smaller players access to the same financial tools as their larger counterparts. But for SMEs, the reality is far more nuanced. According to the World Economic Forum, only 1% of SMEs globally are using blockchain. Why? The upfront costs are daunting. For a small agricultural supplier in Kenya or a boutique clothing manufacturer in Italy, implementing blockchain requires capital for infrastructure upgrades, new technology, and skilled personnel resources that are already stretched thin. Government grants and industry consortiums could help, but without a concerted effort to lower these entry barriers, many SMEs will remain on the outside looking in. Regulatory: The Elephant in the Room Blockchain's decentralized nature has been its biggest strength, but also its biggest headache when it comes to regulation. Different industries whether it's food, pharmaceuticals, or finance have strict compliance rules. The lack of unified global standards for blockchain use creates a regulatory minefield. Take the European Union's General Data Protection Regulation (GDPR), for instance. Blockchain's immutable ledger directly clashes with GDPR's strict rules on data privacy and the right to be forgotten. It's a fundamental misalignment that needs to be addressed before blockchain can become mainstream in these industries. Navigating these regulations will take collaboration not just between businesses, but between governments and tech innovators. Sure, blockchain promises to cut out ...

In a week marked by significant regulatory actions and high-profile arrests, two distinct stories have captured global attention. On one hand, LinkedIn has been slapped with a €310 million fine by the Irish Data Protection Commission for violating the European Union's General Data Protection Regulation (GDPR). The fine stems from LinkedIn's practices related to personal data handling for advertising purposes, specifically the lack of a valid legal justification for collecting data intended for targeted online advertisements.On the other hand, former FTX CEO Sam Bankman-Fried has been arrested in the Bahamas. Bankman-Fried, a prominent figure in the cryptocurrency world, has been at the center of a massive financial scandal involving the collapse of FTX, one of the largest cryptocurrency exchanges. His arrest is a significant development in the ongoing investigation into the financial mismanagement and potential fraud that led to the downfall of FTX.The contrast between these two events highlights the diverse nature of global regulatory actions and the consequences of non-compliance. In the case of LinkedIn, the fine underscores the importance of adhering to stringent data privacy regulations, particularly in the digital age where personal data is increasingly valuable. For Sam Bankman-Fried, his arrest signals a serious escalation in the legal pursuit of accountability for his role in the FTX debacle.Both stories serve as reminders of the critical need for transparency and compliance in various sectors. As regulatory bodies continue to enforce strict standards, individuals and organizations must ensure they operate within the bounds of the law to avoid severe consequences. The €310 million fine on LinkedIn and the arrest of Sam Bankman-Fried are stark examples of what can happen when these standards are not met.

The General Data Protection Regulation (GDPR) has been in effect since 2018, reshaping how businesses handle personal data across the globe. While many view GDPR as solely a legal or IT challenge, its impact ripples far beyond those departments—it touches every aspect of an organization. For CFOs, GDPR isn't just about compliance; it's about safeguarding the financial health of the company, managing operational risks, and ensuring long-term sustainability. CFOs must be at the forefront of creating a GDPR-compliant organization, not only to avoid costly penalties but to protect the organization's reputation.Greet Gemels is the Chief Financial and Operating Officer at Advantage Group International, where she oversees the Finance, Human Resources, and Operations functions of a global market research company. In this episode, Greet and host Melissa Howatson discuss the critical implications of GDPR for CFOs and analyze the financial and operational risks involved.Discover how CFOs can effectively navigate current and evolving GDPR requirements to mitigate data security risks, ensure regulatory compliance, and safeguard their organization's financial and operational integrity.Discussed in This EpisodeHow GDPR data privacy laws have transformed data handling practices and regulatory compliance across organizations.The tangible and intangible costs of achieving GDPR compliance, along with the serious repercussions of non-compliance.The risks and implications of working with third-party vendors for tasks such as human resources and payroll.The critical need for strategic resource allocation, cross-functional collaboration, and robust metrics to assess the financial impact of GDPR compliance efforts.

The General Data Protection Regulation (GDPR) has been in effect since 2018, reshaping how businesses handle personal data across the globe. While many view GDPR as solely a legal or IT challenge, its impact ripples far beyond those departments—it touches every aspect of an organization. For CFOs, GDPR isn't just about compliance; it's about safeguarding the financial health of the company, managing operational risks, and ensuring long-term sustainability. CFOs must be at the forefront of creating a GDPR-compliant organization, not only to avoid costly penalties but to protect the organization's reputation.Greet Gemels is the Chief Financial and Operating Officer at Advantage Group International, where she oversees the Finance, Human Resources, and Operations functions of a global market research company. In this episode, Greet and host Melissa Howatson discuss the critical implications of GDPR for CFOs and analyze the financial and operational risks involved.Discover how CFOs can effectively navigate current and evolving GDPR requirements to mitigate data security risks, ensure regulatory compliance, and safeguard their organization's financial and operational integrity.Discussed in This EpisodeHow GDPR data privacy laws have transformed data handling practices and regulatory compliance across organizations.The tangible and intangible costs of achieving GDPR compliance, along with the serious repercussions of non-compliance.The risks and implications of working with third-party vendors for tasks such as human resources and payroll.The critical need for strategic resource allocation, cross-functional collaboration, and robust metrics to assess the financial impact of GDPR compliance efforts.

This Day in Legal History: Watergate Trial BeginsOn October 4, 1974, the trial of key Watergate conspirators began, marking a significant moment in American legal and political history. The defendants included top Nixon administration officials H.R. Haldeman, John Ehrlichman, John Mitchell, Robert Mardian, and Kenneth Parkinson. These men were accused of participating in the cover-up of the break-in at the Democratic National Committee headquarters, a scandal that would ultimately lead to President Nixon's resignation.The trial was presided over by Judge John Sirica, who had played a pivotal role in uncovering the truth behind Watergate. At the outset, the court reviewed transcripts of the now-infamous Watergate tapes, which had been secretly recorded by President Nixon in the Oval Office. These recordings captured critical conversations revealing the extent of the administration's involvement in the cover-up.The tapes provided key evidence, especially a June 23, 1972, conversation known as the "smoking gun" tape, in which Nixon and Haldeman discussed obstructing the FBI's investigation. The trial was part of the broader legal reckoning following Nixon's resignation two months earlier in August 1974.Haldeman and Ehrlichman, two of Nixon's closest aides, were found guilty of conspiracy, obstruction of justice, and perjury. John Mitchell, Nixon's former Attorney General, was also convicted on conspiracy charges. This trial helped close one chapter of the Watergate scandal, demonstrating the judicial system's role in holding even the highest-ranking officials accountable for abuses of power.A federal court has blocked President Biden's latest student debt relief plan, ruling it likely unconstitutional. The U.S. District Court for the Eastern District of Missouri granted a preliminary injunction requested by a coalition of seven Republican-led states. Judge Matthew T. Schelp, who issued the ruling, emphasized the public interest in ensuring the government follows the law. The plan, which would have canceled debt for 27 million borrowers, is now paused.The plaintiffs argue the plan is an executive overreach. While Georgia was dismissed from the lawsuit for lacking standing, Missouri's Higher Education Loan Authority was found to have suffered an injury, giving Missouri standing to continue the case. This ruling temporarily halts the debt relief program as the court considers whether to permanently strike it down. The injunction is a blow to Biden's efforts to reduce student debt, following the U.S. Supreme Court's earlier decision in 2023 that struck down a broader relief plan. Another related plan, known as “SAVE,” which aims to provide zero-dollar payments and expedite forgiveness for some borrowers, is also under review by the Eighth Circuit Court. This decision prevents the debt relief plan from taking effect while the court evaluates the case, reflecting the court's consideration of the public interest and potential harm.Biden's Latest Student Debt Relief Plan Blocked by Federal CourtThe U.S. government has supported Nvidia investors in a Supreme Court case where they allege the company misled the market about its reliance on cryptocurrency mining sales. The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) filed a brief urging the Court to allow the case to proceed, siding with the investors. The Ninth Circuit Court previously revived the class action, ruling that Nvidia's CEO Jensen Huang made materially false or misleading statements about the company's revenue dependence on crypto mining, particularly before a 2018 market downturn.Nvidia disputes the case, claiming the investors' allegations were based on unreliable expert data. However, the DOJ and SEC argued that the claims were backed by multiple sources, including accounts from former employees, a Royal Bank of Canada report, Nvidia's own public statements, and SEC filings. These sources collectively suggest Nvidia earned $1.35 billion more from crypto sales during the boom than it disclosed.The government emphasized that the Private Securities Litigation Reform Act (PSLRA), which governs investor lawsuits, was not misapplied by the Ninth Circuit. It rejected Nvidia's argument that the case was based solely on unsubstantiated expert opinions, pointing out that the allegations were supported by sufficient evidence to infer Nvidia's intent to mislead investors.Nvidia Investors Backed by US in Supreme Court Crypto Sales CaseThe European Union's top court has ruled that Meta must limit the use of personal data collected from Facebook users for targeted advertising. This decision supports privacy advocate Max Schrems, who argued that Meta's personalized advertising violated privacy regulations by processing personal data without proper limitations. The Court of Justice of the European Union (CJEU) emphasized that under the EU's General Data Protection Regulation (GDPR), the principle of data minimization restricts how much personal data companies can use for targeted ads.Meta responded by stating it has invested heavily in privacy features and does not use sensitive data for personalized ads. Schrems' lawyer welcomed the decision, saying it would significantly reduce the amount of data Meta and other companies can use for advertising, even when users consent. This ruling marks another victory for Schrems, who has repeatedly taken Meta to court over alleged GDPR violations.Meta must limit data use for targeted advertising, top EU court rules | ReutersCupertino, California, has reached a settlement with the state's Department of Tax and Fee Administration, allowing the city to retain millions in sales tax revenue tied to Apple's online sales through August 2024. The settlement resolves a dispute that began in 2021 when the department audited Cupertino's 26-year tax-sharing agreement with Apple. Under this agreement, Apple treated all in-state online sales as originating from Cupertino, directing a portion of the state sales tax to the city, which in turn shared 35% of the revenue with Apple.The tax department has scrutinized similar deals with other retailers like Best Buy and Williams-Sonoma, arguing that businesses need to show active participation in the transactions where the sales are reported. Last year, Cupertino set aside $56.5 million to potentially repay the state as the dispute escalated to $60.3 million by February 2024.The settlement avoids litigation, but the city did not disclose specific financial details or directly reference Apple in the announcement. It clarified that the agreement does not impact its tax-sharing arrangement with any taxpayer.Cupertino Settles With State in Apple Sales Tax-Sharing FightThis week's closing theme is by Pyotr Ilyich Tchaikovsky.This week's closing theme is the Adagio lamentoso from Tchaikovsky's Symphony No. 6 in B minor, Op. 74, also known as the "Pathétique" Symphony. Tchaikovsky composed this masterpiece in 1893, just a few months before his sudden and mysterious death. The "Pathétique" Symphony is widely regarded as his most personal and emotionally charged work, filled with profound sorrow and introspection.The fourth movement, "Adagio lamentoso," is the symphony's haunting conclusion. Unlike most symphonies, which end on a triumphant or uplifting note, Tchaikovsky chose to close his final symphony with this slow, lamenting movement. It reflects deep melancholy and resignation, expressing a sense of despair that resonates with listeners. The music ebbs and flows between quiet, intimate passages and moments of overwhelming intensity, capturing the fragility and tragedy of life.Tchaikovsky was known for his ability to express raw emotion through music, and the "Adagio lamentoso" exemplifies this talent. The theme's descending lines seem to mirror a downward spiral into sorrow, giving it an almost funereal quality. Some have speculated that the symphony reflects Tchaikovsky's own inner turmoil and struggles, adding a layer of poignancy to the already emotional score.As you listen to the "Finale" this week, take note of its deep, somber beauty and how Tchaikovsky blends anguish with moments of quiet reflection. It's a fitting close to a symphony that grapples with life's most profound emotions.Without further ado, Pyotr Ilyich Tchaikovsky's Symphony No. 6 in B minor, Op. 74, the Pathetique Symphony. Enjoy.  This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.minimumcomp.com/subscribe

In Episode 3 of The Marketing Corner, we had very special guest, Marc Enzor, founder of Geeks 2 You and co-host, Roger LaFaye of LaFaye processing. The Marketing Corner is proudly sponsored by: David Bradley Insurance, Medicare A to Z C Eaton Photography LaFaye Processing dba MiCamp Last Bridge Media Mark Weiss | Sales Performance Strategies In this episode, we'll dive deep into why marketing and cybersecurity are essential for small businesses, how they intersect, and what strategies you can implement to protect and grow your business in the digital age. Why Marketing Matters for Small Businesses Marketing is the lifeblood of any small business. It's the key to building brand awareness, attracting new customers, retaining loyal clients, and driving sales. For many small businesses, particularly those that don't have the luxury of a massive advertising budget, marketing can be the most efficient way to reach target audiences and stand out in the marketplace. 1. Building Brand Awareness One of the most significant benefits of marketing is that it helps establish brand awareness. In a world where consumers are bombarded with options, making your business known is critical. Through consistent branding, targeted content, and customer engagement, small businesses can build a reputation and gain recognition within their industries. 2. Connecting with Customers Effective marketing enables businesses to connect with their audience on a personal level. With the right strategies, small businesses can create a sense of community, respond to customer needs, and build trust. Personalized marketing messages, customer reviews, and interactive social media campaigns help foster relationships that are the backbone of small business success. 3. Driving Sales and Growth At the end of the day, every small business needs marketing to drive sales. Whether it's through online ads, content marketing, or direct outreach, a smart marketing plan ensures you reach potential customers where they are, increasing the likelihood of conversions. The more visibility your business has, the more opportunities you create for growth. The use of tools like Google Analytics, Facebook Insights, and email marketing software helps small businesses track the effectiveness of their marketing campaigns. By understanding what works and what doesn't, businesses can make data-driven decisions that maximize return on investment (ROI). The Growing Threat of Cybersecurity Risks for Small Businesses While marketing helps businesses grow, cybersecurity ensures that growth is not derailed by digital threats. Cybersecurity has become a critical concern for small businesses, as they are increasingly targeted by cybercriminals. The misconception that small businesses are too small to be attacked is one of the main reasons they fall victim to cyber threats. In fact, small businesses often have weaker security systems, making them an easier target for hackers. 1. Data Protection Small businesses often handle sensitive customer information, including payment details, personal data, and confidential communications. Protecting this data is paramount, not only for maintaining trust but also for complying with regulations such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). A data breach can have devastating effects, leading to financial losses, reputational damage, and even legal repercussions. Implementing strong cybersecurity measures, such as encryption, secure payment gateways, and firewalls, is critical to ensure customer data is safe from cybercriminals. Educating employees about phishing attacks and password security can also greatly reduce the risk of breaches.

Summary of Chapter 12: The Right to Privacy Chapter 12 explores the evolution and scope of privacy rights in the United States, addressing its origins, key legal developments, and emerging challenges. 1. Origins and Development of the Right to Privacy Privacy rights have historical roots in English common law, particularly the notion that the home should be protected from state intrusion. In the U.S., the modern concept of privacy was significantly shaped by the 1890 article by Samuel Warren and Louis Brandeis, The Right to Privacy, which argued for privacy as an independent legal right. Although privacy is not explicitly mentioned in the Constitution, courts have recognized it as an implied right through various amendments. Landmark cases like Griswold v. Connecticut (1965) and Roe v. Wade (1973) established constitutional protections for privacy in areas such as contraception, reproductive rights, and personal autonomy. 2. Reproductive Rights Reproductive rights have been at the center of privacy law: Contraception: Griswold v. Connecticut established the right to use contraception as part of the constitutional right to privacy. This was later extended to unmarried individuals in Eisenstadt v. Baird. Abortion: In Roe v. Wade, the Supreme Court recognized a woman's right to choose to have an abortion, framing it as part of her right to privacy. This right was later modified in Planned Parenthood v. Casey with the "undue burden" test, and ultimately overturned by Dobbs v. Jackson Women's Health Organization (2022), allowing states to regulate or ban abortion. 3. Right to Marry and Family Autonomy Right to Marry: The Supreme Court has recognized marriage as a fundamental right. In Loving v. Virginia, it struck down bans on interracial marriage, and in Obergefell v. Hodges, it extended the right to marry to same-sex couples, framing marriage as a fundamental aspect of personal liberty and autonomy. Family Autonomy: Parents' rights to raise their children are protected under the right to privacy. Key cases like Pierce v. Society of Sisters and Troxel v. Granville affirm that parents have the right to make decisions about their children's education and upbringing without undue government interference. 4. Emerging Issues in Privacy Law Privacy law faces new challenges in the digital age: Digital Privacy: The collection and use of personal data by companies and government agencies, particularly in the realm of surveillance, have raised significant concerns. Cases like Carpenter v. United States have extended privacy protections to digital data. Genetic Privacy: Advances in biotechnology and genetic testing have introduced concerns about the use of genetic information, leading to laws like the Genetic Information Nondiscrimination Act (GINA) to protect against misuse. The Right to Be Forgotten: This concept, prominent in Europe under the General Data Protection Regulation (GDPR), allows individuals to request the removal of personal data from the internet. In the U.S., its potential implementation is debated due to concerns over free speech and access to information. Conclusion Chapter 12 outlines the significant legal protections around privacy in the U.S., tracing its origins and addressing key issues like reproductive rights and family autonomy. It also highlights emerging challenges in privacy law, particularly in the digital age, showing how courts and lawmakers must adapt to new technological and societal changes to protect individual privacy. --- Support this podcast: https://podcasters.spotify.com/pod/show/law-school/support

Ride-hailing platform Uber has been fined €290 million — around $324 million at current exchanges rates — by the Netherlands' privacy watchdog for breaching the European Union's General Data Protection Regulation (GDPR). Learn more about your ad choices. Visit podcastchoices.com/adchoices

Privacy by Default and Design is a fundamental principle of the General Data Protection Regulation (GDPR). It prioritises transparency, user control, and data security from the outset. This approach ensures that privacy is integrated into systems and processes by default rather than as an afterthought. By embedding these practices, organisations enhance trust and accountability while meeting regulatory requirements. However, challenges such as resistance to change and the need for cultural transformation must be addressed to implement this principle effectively.In this episode of the Don't Panic It's Just Data, Tudor Galos, Senior Privacy Consultant, speaks to Paulina Rios Maya, Head of Industry Relations, about the impact of privacy by default and design extend to user experience, where issues like consent fatigue and the necessity for user-friendly interfaces arise. Key Takeaways:Organisations face challenges in implementing privacy by default and design, including resistance to change and the need for cultural transformation.Privacy by default and design impact user experience, with issues like consent fatigue and the need for user-friendly interfaces.Regulations like GDPR and CCPA incorporate privacy by default and design principles, emphasising compliance and accountability.Chapters:00:00 - Introduction and Overview01:00 - Core Principles of Privacy by Default and Design02:19 - Difference from Traditional Privacy Practices04:09 - Challenges in Implementing Privacy by Default and Design05:33 - Impact of Privacy by Default on User Experience08:14 - Alignment of Privacy by Default with Regulations09:04 - Ensuring Compliance and Trust11:24 - Implications of Emerging Technologies on Privacy13:15 - Innovations in Privacy-Enhancing Technologies15:50 - Conclusion

It goes without saying that privacy and the creation of laws and regulations around it are fundamental to determining how we will live and work with technology, and whether technology operates in service of democratic societies or only in service of governments and corporations. A couple of weeks ago, Justin Hendrix had a chance to speak with two leaders from the Future of Privacy Forum (FPF)-Jules Polonetsky, its CEO, and Anne J. Flanagan, the head of its new Center on AI. They discussed the recent US Supreme Court decision to overturn the Chevron doctrine and its implications for privacy legislation in the United States, the fierce battle over privacy laws in the US, and potential conflicts between Europe's General Data Protection Regulation (GDPR) and the new AI Act. And, they talked about how the 15-year-old Future of Privacy Forum envisions its role in the age of artificial intelligence.

Irish businesses continue to face challenges in complying with the General Data Protection Regulation (GDPR) six years on from its introduction, according to new research. The findings were presented by Forvis Mazars and McCann FitzGerald LLP in their latest joint survey, "GDPR and Digital Legislation: A Survey of the Impact and Effect on Organisations in Ireland". The research, which was conducted by Ipsos B&A, found that just 15% of businesses consider their organisation to be 'fully compliant' with the legislation, which is billed as the toughest privacy and security law in the world. A further 58% of respondents indicated their organisation was 'materially compliant', and 25% said their organisation was 'somewhat compliant'. In order to achieve their compliance targets, half of the businesses surveyed believe they need more resourcing, financial investments or further expertise in this space. The research also found that 82% of respondents believe the risks associated with GDPR non-compliance are increasing, with respondents citing 'reputational risk' as the most important factor in determining an organisation's data protection risk appetite, followed by 'fear of fines'. Eight in 10 (81%) of the businesses surveyed say they intend to improve their compliance status. This is the eighth edition of the Forvis Mazars and McCann FitzGerald LLP annual survey on the impact of GDPR on organisations in Ireland. As well as examining the latest perceptions among Irish businesses regarding GDPR compliance, the report also assesses awareness and readiness for a wave of new legislative developments from the European Union in response to rapid technological changes. Findings show that 60% of those surveyed are concerned about the impact of new digital legislation on their organisation, which includes DORA (the Digital Operational Resilience Act), the AI Act, the Data Act, the Data Governance Act, the Digital Services Act, the Online Safety and Media Regulation Act, the Digital Markets Act, the Network and Information Security Directive 2 (NIS2) and the Cyber Resilience Act. There is also a high degree of uncertainty regarding the new legislation with many respondents being unsure of their applicability to their business, which suggests further education and awareness is required within organisations. Key Findings: 82% of respondents agree that the risks associated with GDPR non-compliance are increasing, up from 70% in last year's survey. 81% of respondents intend on improving their compliance status. 59% of respondents are concerned about the prospect of being fined for GDPR non-compliance, compared to 58% in last year's survey. 47% of respondents agree that working to comply with GDPR has delivered many benefits for their organisation, up from 34% last year. Over half of the respondents (52%) say that the CEO of their organisation is strongly engaged in GDPR compliance and data privacy, compared to 50% in 2023. Six out of 10 respondents are concerned about upcoming digital legislation. 63% of respondents indicated that the AI Act will apply to their organisation. Liam McKenna, Partner in Consulting Services at Forvis Mazars, said: "This survey underscores the essential need for organisations to remain up to date with both current and forthcoming regulations in the digital space. Irish businesses must diligently maintain their compliance initiatives, particularly amid the significant financial and reputational risks at stake. "Although GDPR regulations were implemented in 2018, that only 15% of Irish companies are fully compliant is a concern for Irish business, particularly in light of further digital legislation coming down the tracks including the Digital Operational Resilience Act (DORA), AI Act, Data Act, and Digital Services Act, among others. Irish companies therefore need to urgently focus on GDPR adherence, while actively gearing up for new legislative requirements." Paul Lavery, Partner at McCann FitzGerald LLP, added: "The...

This Day in Legal History: Pivotal LGBTQ+ Rights DecisionsOn this day, June 26th, in legal history, two pivotal Supreme Court decisions significantly advanced the cause of marriage equality in the United States.On June 26, 2013, the Supreme Court delivered its decision in United States v. Windsor. In a 5-4 ruling, the Court struck down Section 3 of the Defense of Marriage Act (DOMA), which had defined marriage for federal purposes as the union between a man and a woman. Edith Windsor, the plaintiff, had been denied a spousal tax exemption after her same-sex spouse's death, prompting her to challenge the law. The Court held that DOMA's definition of marriage was unconstitutional as it violated the principles of due process and equal protection guaranteed by the Fifth Amendment. This landmark decision allowed same-sex couples to receive the same federal benefits as heterosexual couples, marking a significant step forward for LGBTQ+ rights and equality.Two years later, on June 26, 2015, the Supreme Court issued another historic ruling in Obergefell v. Hodges. In another closely divided 5-4 decision, the Court declared that same-sex marriage is a constitutional right under the 14th Amendment. The case consolidated several challenges from same-sex couples who had been denied the right to marry or have their marriages recognized by their home states. Justice Anthony Kennedy, writing for the majority, stated that the right to marry is a fundamental right inherent in the liberty of the person, and under the Due Process and Equal Protection Clauses of the 14th Amendment, same-sex couples cannot be denied that right. This ruling effectively legalized same-sex marriage across the United States, ensuring that all states must perform and recognize marriages between individuals of the same sex.These decisions on June 26th were monumental in affirming the rights of same-sex couples and dismantling legal barriers to marriage equality, marking significant victories for the LGBTQ+ community and setting precedents for future civil rights advancements.Supreme Court Justice Ketanji Brown Jackson recently surprised defense attorneys with her unexpected votes against criminal defendants, despite her background as a former federal defender. In two cases decided at the end of the term, Jackson broke from her liberal colleagues. She joined the majority in a case broadening expert witness testimony and dissented in another that reinforced the right to a jury trial.President Joe Biden highlighted Jackson's unique experience as a public defender when nominating her in 2022. In Diaz v. United States, a 6-3 decision, the Court sided with prosecutors on expert witness testimony, allowing experts to discuss what most defendants generally know. Jackson joined Justice Clarence Thomas's majority opinion and wrote separately, suggesting the rule could benefit both prosecutors and defendants.In Erlinger v. United States, the Court ruled 6-3 to apply the Apprendi v. New Jersey precedent broadly, requiring juries to decide facts that could increase sentences. Jackson dissented, arguing that Apprendi limits legislative efforts to create fairer sentencing systems. She suggested overturning Apprendi, which surprised many in the defense community given its importance to defendants' rights.Some notable defense attorneys have expressed disappointment in her positions, though acknowledging that public defender views are not monolithic.Justice Jackson Takes Unexpected Positions in Criminal CasesA recent study by Georgetown University's Center on Education and Workforce revealed that law school graduates earn a median salary of $72,000 after debt payments four years into their careers. However, this figure varies significantly depending on the law school attended. Graduates from seven elite law schools, including Columbia, University of Pennsylvania, and Harvard, have median earnings of over $200,000 after debt. In contrast, graduates from 33 lower-ranking law schools earn $55,000 or less.The report, titled "A Law Degree Is No Sure Thing: Some Law School Graduates Earn Top Dollar, but Many Do Not," shows that law graduates typically leave school with a median debt of $118,500. Columbia Law School offers the highest return on investment with net median earnings of $253,800 after four years, followed by other top-tier schools. These elite institutions account for about 20% of law students and tend to send over half their graduates to high-paying jobs at large law firms.Conversely, 20 law schools have graduates with median net earnings of $50,000 or less after debt payments, including Cooley Law School and Atlanta's John Marshall Law School. The study utilized data from various sources, such as the U.S. Census Bureau and the American Bar Association, to assess employment outcomes, salaries, bar passage rates, and debt.The report underscores a significant disparity in financial outcomes between graduates of top-ranked law schools and those from lower-ranked institutions.Law grads' median earnings of $72,000 after debt show 'vast gulf' in pay, study finds | ReutersLawmakers in the United States are pushing for the first major federal data privacy legislation, the American Privacy Rights Act, which has bipartisan support. The bill, sponsored by Democratic Senator Maria Cantwell and Republican Representative Cathy McMorris Rodgers, aims to establish a national data privacy standard. This would allow individuals to access, delete, and opt out of their data being used for targeted advertising, and would create a national data broker registry.The U.S. has lagged behind other regions like the European Union, which implemented the General Data Protection Regulation (GDPR) in 2018. Industry groups, including the U.S. Chamber of Commerce and TechNet, argue that the bill lacks safeguards to prevent states from adding their own regulations, which could complicate compliance for businesses. They advocate for a unified national standard without additional state-level regulations.Privacy advocates, however, contend that the bill would hinder states from addressing new technological developments and responding to emerging privacy issues. They fear that federal pre-emption could stifle the progressive influence of states like California, which often leads in privacy regulations. Ashkan Soltani, from the California Privacy Protection Agency, warned against setting static regulations given the rapid pace of technological advancements.Democratic Representative Suzan DelBene supports the bill, citing the current "patchwork" of state laws as problematic for small businesses. The bill will undergo a markup hearing on Thursday, a crucial step before potentially advancing to a House vote.US lawmakers push for federal data privacy law; tech industry and critics are wary | ReutersA federal judge has ruled that Walt Disney Co. must face an antitrust class action lawsuit filed by 25 subscribers to YouTube TV and DirecTV Stream. The subscribers allege that Disney's agreements with rival streaming TV providers, which included access to ESPN content, restrained trade and led to higher prices. Judge Edward J. Davila of the US District Court for the Northern District of California found that the plaintiffs plausibly alleged Disney's conduct harmed competition in the streaming live pay TV market (SLPTV).The lawsuit claims Disney's agreements prevented other streamers from offering lower-priced bundles excluding ESPN, thus raising subscription costs and protecting Disney-owned Hulu from competition. Despite partially dismissing the initial complaint, the judge allowed an amended complaint to proceed, alleging violations of the federal Sherman Act and state antitrust laws. While the court dismissed claims for damages under the Sherman Act, limiting potential relief to an injunction, it allowed most state antitrust claims to continue, except for those under the Illinois Antitrust Act and Tennessee Trade Practices Act.The decision follows the Justice Department's plans to review a proposed new streaming service by Disney, Fox Corp., and Warner Bros. Discovery Inc. for potential consumer harm. The case, Biddle et al v. Walt Disney Co., continues to highlight concerns over anticompetitive practices in the streaming industry.Disney Must Face Antitrust Class Suit by TV Streaming Consumers This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.minimumcomp.com/subscribe

In this episode, we covered a wide range of fascinating stories from the worlds of technology, science, and culture. We began with Meta's decision to pause its AI plans in Europe after facing privacy complaints and regulatory pressure. The company had intended to use public content shared by European users to train its AI models, but concerns were raised about potential violations of the General Data Protection Regulation (GDPR). Meta expressed disappointment with the delay but will continue to engage with European authorities to ensure compliance.Next, we discussed Pope Francis' historic address to the G7 summit, where he warned about the dangers of artificial intelligence and urged leaders to keep the technology human-centric. The Pope emphasized the need to safeguard human control over AI decision-making, particularly when it comes to the use of weapons. The G7 leaders largely reflected the Pope's concerns in their final statement, pledging to better coordinate AI governance and regulatory frameworks.We then explored new insights into the Sun's magnetic field, which plays a crucial role in space weather events that can impact Earth. Recent research suggests that the magnetic field originates much closer to the Sun's surface than previously thought, potentially improving our ability to predict solar storms. We also examined some of the most controversial pieces of evidence for extraterrestrial life, from the Viking Mars landers' experiments to the famous "Wow!" signal. Finally, we looked at DARPA's unveiling of six innovative design concepts for future vertical takeoff and landing uncrewed aerial vehicles, which could revolutionize military operations and support a variety of missions.From Perplexity's Discover feed:Meta AI Paused in Europehttps://www.perplexity.ai/page/Meta-AI-Paused-ygSGrVcvQw20304OyHeP7QPope Francis Warns of AIhttps://www.perplexity.ai/page/Pope-Francis-Warns-osv5m6OaRr2t93t616RB9wSun's Magnetic Field Reversalhttps://www.perplexity.ai/page/Suns-Magnetic-Field-fSbHZg1gRa22Td_o7MOt_APotential Evidence for Dyson Sphereshttps://www.perplexity.ai/page/Potential-Evidence-for-1nvOtz6LT.e409dgPwstDgDARPA Shows Uncrewed X-Plane Concepthttps://www.perplexity.ai/page/DARPA-Shows-Uncrewed-WCO8ihVxRWWRLKatkfTYoAPerplexity is the fastest and most powerful way to search the web. Perplexity crawls the web and curates the most relevant and up-to-date sources (from academic papers to Reddit threads) to create the perfect response to any question or topic you're interested in. Take the world's knowledge with you anywhere. Available on iOS and Android Join our growing Discord community for the latest updates and exclusive content. Follow us on: Instagram Threads X (Twitter) YouTube Linkedin

The EU's General Data Protection Regulation (GDPR) has now been in force for six years. During that time, fines have totalled billions of euros, with over €1 billion in fines coming in the past 12 months. The most recent fines show that both large and small businesses are subject to regulators' scrutiny. With fines and enforcement actions, developments in GDPR case law and new challenges of AI, data protection remains one of the most complex areas of compliance. Despite best efforts, many organisations are still falling short when it comes to getting GDPR right. In this podcast, we examine GDPR's widespread impact not just in Europe but around the world. As places like Brazil, California, and even China race to enact GDPR-like protections, what does the future hold for data privacy? The podcast covers: Recent GDPR fines and case studies International developments and new GDPR-style laws around the world Focus areas for EU data protection authorities Where the UK and US stand with data protection and GDPR Artificial intelligence and data protection laws Best practice guidance to solidify your GDPR compliance

By Adam Turteltaub There's no General Data Protection Regulation (GDPR) in the US. Absent a comprehensive, national privacy law, states have stepped in to fill the gap. As Adam Greene (LinkedIn), Partner at Davis Wright Tremaine explains in this podcast, that's creating some complications. The California Consumer Privacy Act (CCPA) already differs from subsequent laws in several states which use language reminiscent of the GDPR. And while there are many similarities, some differences are substantial. For example, some state laws are targeted at businesses, not non-profits. That's an important distinction for healthcare with so many non-profit institutions. Perhaps the greatest challenge for organizations is figuring out which standard to follow, if any. Do they take a state-by-state approach, or one national approach based on the toughest state laws? Whatever the choice, it's important to determine what data you have since there may be limits on collection and a requirement to share that data with consumers who want to see it. Listen in to learn more about what the states are requiring and what you need to do to meet their expectations.

Artificial Intelligence (AI) has emerged as a transformative force in various fields, with its potential for innovative applications being increasingly recognized. One such application is the analysis of behavior for health purposes, a field in which BlueSkeye AI is making significant strides.AI analyzes behavior for healthBlueSkeye AI is a company that specializes in analyzing medically relevant behavior from facial expressions and voice patterns. The company employs AI algorithms to detect subtle movements, muscle actions, gaze patterns, and tone of voice that could be indicative of underlying medical conditions. By interpreting these behavioral cues, BlueSkeye AI aims to diagnose conditions such as depression and other neurodegenerative diseases.The AI technology developed by BlueSkeye AI extends beyond mere facial recognition of emotions like happiness or anger. It delves into micro-expressions, asymmetries, and subtle behavioral cues that may not be easily perceptible to humans. By scrutinizing these intricate behavioral patterns, AI can yield valuable insights into an individual's mental and physical health.Advantages and usage of AI analysisThe application of this technology involves interactive tasks and questions designed to elicit specific behavioral signals associated with a particular condition. For instance, a virtual assistant may pose questions about a person's day or prompt them to mimic facial expressions to assess their motor neuron function. By evaluating the responses, tone of voice, and facial expressions, AI can make predictions about a person's health status.A key advantage of using AI to analyze behavior for health is its capacity to detect gradual changes over time. While individuals may have a general sense of their well-being on a day-to-day basis, AI can monitor long-term trends and identify subtle changes that could signal the onset of a medical condition. This long-term monitoring can be particularly beneficial for detecting neurodegenerative diseases like Parkinson's, where early intervention is crucial for improved outcomes.The Health Foundation Platform, an initiative by BlueSkeye AI, serves as a platform for pharmaceutical companies and researchers to conduct studies using facial recognition technology. This platform facilitates the rapid setup of studies, enabling researchers to collect data on behavior and health outcomes.Challenges to implementationThe development and implementation of mental health technology also involve regulatory challenges. Companies like BlueSkeye AI have chosen to comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR) to ensure the privacy and security of patient data. This commitment to regulatory compliance underscores the company's dedication to providing safe and effective solutions for mental health monitoring.AI technology also has the potential to integrate with healthcare systems and provide diagnostic capabilities. By connecting with healthcare providers, AI-powered mental health technology can streamline the diagnosis and treatment process, leading to improved patient outcomes. This level of integration represents a significant advancement in the field of mental health technology and has the potential to transform the management of mental health conditions. But, overcoming the challenges of privacy and acceptance could limit the reach.Conclusion: AI behavioral analysis can improve diagnosisIn conclusion, AI technology holds the potential to revolutionize the way we analyze behavior for health purposes. By harnessing advanced algorithms and facial recognition technology, companies like BlueSkeye AI are leading the way in developing innovative solutions for diagnosing and monitoring medical conditions. As AI continues to evolve, we can anticipate even more sophisticated applications in healthcare that enhance patient outcomes and transform the field of medicine.Interview by Todd Cochrane of Geek News Central.Sponsored by: Get $5 to protect your credit card information online with Privacy. Amazon Prime gives you more than just free shipping. Get free music, TV shows, movies, videogames and more. The most flexible tools for podcasting. Get a 30 day free trial of storage and statistics.

Artificial Intelligence (AI) has emerged as a transformative force in various fields, with its potential for innovative applications being increasingly recognized. One such application is the analysis of behavior for health purposes, a field in which BlueSkeye AI is making significant strides.AI analyzes behavior for healthBlueSkeye AI is a company that specializes in analyzing medically relevant behavior from facial expressions and voice patterns. The company employs AI algorithms to detect subtle movements, muscle actions, gaze patterns, and tone of voice that could be indicative of underlying medical conditions. By interpreting these behavioral cues, BlueSkeye AI aims to diagnose conditions such as depression and other neurodegenerative diseases.The AI technology developed by BlueSkeye AI extends beyond mere facial recognition of emotions like happiness or anger. It delves into micro-expressions, asymmetries, and subtle behavioral cues that may not be easily perceptible to humans. By scrutinizing these intricate behavioral patterns, AI can yield valuable insights into an individual's mental and physical health.Advantages and usage of AI analysisThe application of this technology involves interactive tasks and questions designed to elicit specific behavioral signals associated with a particular condition. For instance, a virtual assistant may pose questions about a person's day or prompt them to mimic facial expressions to assess their motor neuron function. By evaluating the responses, tone of voice, and facial expressions, AI can make predictions about a person's health status.A key advantage of using AI to analyze behavior for health is its capacity to detect gradual changes over time. While individuals may have a general sense of their well-being on a day-to-day basis, AI can monitor long-term trends and identify subtle changes that could signal the onset of a medical condition. This long-term monitoring can be particularly beneficial for detecting neurodegenerative diseases like Parkinson's, where early intervention is crucial for improved outcomes.The Health Foundation Platform, an initiative by BlueSkeye AI, serves as a platform for pharmaceutical companies and researchers to conduct studies using facial recognition technology. This platform facilitates the rapid setup of studies, enabling researchers to collect data on behavior and health outcomes.Challenges to implementationThe development and implementation of mental health technology also involve regulatory challenges. Companies like BlueSkeye AI have chosen to comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR) to ensure the privacy and security of patient data. This commitment to regulatory compliance underscores the company's dedication to providing safe and effective solutions for mental health monitoring.AI technology also has the potential to integrate with healthcare systems and provide diagnostic capabilities. By connecting with healthcare providers, AI-powered mental health technology can streamline the diagnosis and treatment process, leading to improved patient outcomes. This level of integration represents a significant advancement in the field of mental health technology and has the potential to transform the management of mental health conditions. But, overcoming the challenges of privacy and acceptance could limit the reach.Conclusion: AI behavioral analysis can improve diagnosisIn conclusion, AI technology holds the potential to revolutionize the way we analyze behavior for health purposes. By harnessing advanced algorithms and facial recognition technology, companies like BlueSkeye AI are leading the way in developing innovative solutions for diagnosing and monitoring medical conditions. As AI continues to evolve, we can anticipate even more sophisticated applications in healthcare that enhance patient outcomes and transform the field of medicine.Interview by Todd Cochrane of Geek News Central.Sponsored by: Get $5 to protect your credit card information online with Privacy. Amazon Prime gives you more than just free shipping. Get free music, TV shows, movies, videogames and more. The most flexible tools for podcasting. Get a 30 day free trial of storage and statistics.

OpenAI is currently facing an investigation in the European Union over alleged privacy breaches related to ChatGPT generating incorrect information about individuals. The privacy rights non-profit group NOYB has filed a complaint against OpenAI for violating the General Data Protection Regulation (GDPR). The complaint accuses OpenAI of failing to correct inaccurate information generated by ChatGPT, not disclosing the source of data or what data ChatGPT stores about individuals, and refusing to rectify or erase data upon request. Consequently, the Austrian Data Protection Authority has been asked to investigate OpenAI's data processing practices and ensure compliance with the complainant's request to access the data. This scrutiny underscores the importance of transparency and accountability in AI systems, particularly in handling personal data and upholding privacy rights.The National Society of IT Service Providers (NSITSP) has recently introduced a new badge system to recognize exceptional contributions within the IT service industry. This program includes various badges such as honors for leadership, client endorsements, individual contributions, continuing education, and professional distinction. The badges aim to acknowledge and celebrate the achievements and expertise of individuals within the IT service industry. Four things to know today00:00 OpenAI Faces Investigation Request by Austrian Authority Over Alleged Privacy Breaches04:05 Expanding AI's Reach: OpenAI and Anthropic Enhance Features for Broader Application07:09 LevelBlue Launches as AT&T's Spinoff, Aiming to Redefine Managed Cybersecurity08:32 NSITSP's Badge System to Recognize Contributions Across Leadership and Client Endorsements   Supported by:  https://huntress.com/mspradio/  All our Sponsors:   https://businessof.tech/sponsors/      Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

Hey! We'll both earn $50 when you join Current and receive a qualifying Direct Deposit. Terms apply. Just use my link or code when signing up. Code: WILLIAMW243 https://current.com/get-started/?creator_code=WILLIAMW243 OpenAI faces a legal challenge in the European Union due to a complaint about ChatGPT's inaccurate responses, particularly when it generates false personal information. A European privacy rights group, noyb, lodged the complaint with the Austrian Data Protection Authority, asserting that OpenAI's ChatGPT often provides incorrect data about individuals, which it then fails to correct or erase. This inability to adjust false information reportedly contravenes the General Data Protection Regulation (GDPR), raising significant privacy and accuracy concerns.

In this episode of State of Identity, host Cameron D'Ambrosi welcomes Greg Leighton, Vice Chair of the Privacy and Incident Response Team at Polsinelli, for a deep dive into the evolving landscape of data privacy and security. Discover how technology's rapid advancement outpaces legal frameworks, prompting novel challenges for businesses and legal professionals, and how Polsinelli navigates this dynamic terrain. Find out how changes in laws like the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) impact businesses, leading to innovative compliance and risk management strategies. From the implications of web-tracking lawsuits to the regulatory focus on AI and automated decision-making, this conversation sheds light on the key issues keeping clients at night and the complex interplay between technology, law, and privacy. Gain insights into Greg's thoughts on data governance and the future of digital identity, as well as the intriguing potential of generative AI in enhancing and complicating the privacy landscape.

In this episode, we explore the vast implications of the EU AI Act, the world's first comprehensive AI regulation. With this legislation, the EU hopes to create a framework to regulate AI systems across the EU. But the Act will impact companies who do any business in the EU, and, similar to the General Data Protection Regulation (GDPR), the AI Act will likely set a global standard. This episode will provide key background on how the AI Act was developed, its main elements, including an understanding of its risk-based approach, and critical advice on what companies must be aware of. Importantly, we focus on how companies can prepare to comply. This episode will feature: A basic understanding of the AI Act How it will likely impact your company  The impact of GDPR on AI – and why that matters  How you can prepare – and when you need to Future trends in AI regulation around the world The episode features the VinciWorks compliance team and a legal GDPR / AI expert.

Digitalization is becoming increasingly important in businesses to enhance flexibility and efficiency across the entire value chain. The pace of digital adoption, transformation, and delivery in recent years has accelerated exponentially. More and more businesses are applying digital practices and technology in their operations. On April 17, 2023, the Vietnamese government issued the first-ever Personal Data Protection Decree (PDPD). This document consolidates and harmonizes Vietnam's various data protection laws, with the potential to align them with the EU's General Data Protection Regulation (GDPR), German Federal Data Protection Act (BDSG-neu), etc. standards.Coming into force on July 1, 2023, the PDPD applies to both domestic and foreign individuals/entities that are directly or indirectly involved in personal data processing activities in Vietnam. Therefore, complying with legal regulations and data protection is not only minor risk management for businesses, but it also has significant implications for finance, legal issues, and taxes.In today's podcast episode, our host Marko Walde, Chief Representative of the AHK in Vietnam, Myanmar, Cambodia, and Laos is delighted to welcome two experts to delve into this topic and discuss some helpful hints for businesses regarding the new decree:·       Johannes Klausch, Partner, LUTHER Law Vietnam·       Nguyen Minh Thoai, CEO, DIGI-TEXX Vietnam*** AHK Vietnam is your reliable partner in rolling out a strategic investment in Vietnam as well as developing your business endeavors within the Vietnamese market. We establish connections, provide practical advice, and assist you not only in optimizing opportunities but also in coping with challenges.  Find us at vietnam.ahk.de/en/ for more details!

In this episode of GovTech Today, hosts Russell Lowery and Jennifer Saha delve into the complex topic of privacy and regulatory frameworks in California. They discuss European regulations influencing California legislation, such as the General Data Protection Regulation (GDPR), and discuss local laws such as the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). The hosts evaluate the roles of the CCPA and CPRA, especially pertaining to consumer rights, data brokers, and the wider implications for businesses and internet companies. They also outline the role of the California Privacy Protection Agency (CPPA) in enforcing these laws. The discussion concludes with reflections on the rapid pace of tech innovations like AI, the importance of understanding and managing these technologies' impact, and the necessity for businesses and individuals to keep abreast of regulatory changes.00:05 Introduction to the Episode00:26 Understanding Privacy Laws in California00:52 Exploring the California Consumer Privacy Act03:06 The Impact of CCPA on Data Brokers03:34 Introduction to the California Privacy Rights Act03:46 Understanding the Role of the California Privacy Protection Agency04:41 The Regulatory Process and Challenges06:54 The Impact of Privacy Laws on Businesses08:14 The Future of Privacy Regulations and AI12:33 The Importance of Compliance and Collaboration15:18 Looking Forward: Upcoming Legislation16:05 Conclusion and Final Thoughts

In an era dominated by digital transactions and interconnected systems, the role of accountants has expanded beyond traditional number-crunching to becoming guardians of sensitive information. One of the paramount responsibilities on their shoulders is ensuring compliance with data privacy regulations, a task exemplified by the stringent standards set forth in the General Data Protection Regulation (GDPR).

When Google unveiled its answer to OpenAI’s ChatGPT this month, Gemini, the pitch was: AI that can run efficiently on everything from data centers to your smartphone. But it came with a caveat for users in the UK and the European Union: you can’t use it there, for now. After the EU’s recent passage of the AI Act, Marketplace’s Lily Jamali spoke with Andrea Renda of the Center for European Policy Studies. He says Google is trying to convince European lawmakers that Gemini complies with the continent’s tough privacy law, the General Data Protection Regulation (GDPR). Renda says the GDPR is likely why Gemini hasn’t made it to Europe, yet.

When Google unveiled its answer to OpenAI’s ChatGPT this month, Gemini, the pitch was: AI that can run efficiently on everything from data centers to your smartphone. But it came with a caveat for users in the UK and the European Union: you can’t use it there, for now. After the EU’s recent passage of the AI Act, Marketplace’s Lily Jamali spoke with Andrea Renda of the Center for European Policy Studies. He says Google is trying to convince European lawmakers that Gemini complies with the continent’s tough privacy law, the General Data Protection Regulation (GDPR). Renda says the GDPR is likely why Gemini hasn’t made it to Europe, yet.

PODCAST: This Week in Amateur Radio Edition #1294 Release Date: December 16, 2023 Here is a summary of the news trending This Week in Amateur Radio. This week's edition is anchored by Chris Perrine, KB2FAF, Dave Wilson, WA2HOY, Don Hulick, K2ATJ, Will Rogers, K5WLR, Eric Zittel, KD2RJX, Michael Lamontain, KE2AWY, Bob Donlon, W3BOO, George Bowen, W2XBS, and Jessica Bowen, KC2VWX. Produced and edited by George Bowen, W2XBS. Approximate Running Time: 1:57:28 Trending headlines in this week's bulletin service: Podcast Download: https://bit.ly/TWIAR1293 Trending headlines in this week's bulletin service 1. WRC-23: WRC-23 Days 11+12/Week 3: The Future Beckons 2. AMSAT: Proposal Submitted To The European Space Agency For Geostationary Microwave Amateur Payload 3. AMSAT: ARISS Celebrates 40th Anniversary Of Owen Gariott's Landmark STS-9 Operation 4. AMSAT: Satellite Shorts From All Over 5. Ofcom UK: Ofcom Nabs Individual Causing Harmful Interference On The Amateur Bands 6. WIA: Historic Transmitter In Sweden To Transmit Traditional Christmas Message 7. WRC-23: WRC-23 Reaches Acceptable Conclusion On 23 Centimeter Issue 8. NASA: NASA Receives Laser Beamed Message From 10 Million Miles Away 9. RW: Ham Radio Operators Give KNYO A Boost After Tower Collapse 10. QRZ: 12 Days Of Christmas On Air Special Event 11. ARRL: ARRL National Convention Coming To HamVention 2024 In Xenia 12. ARRL: Harborcreek Student Led ARISS Contact A Success 13. YOTA: Youth On The Air Summer Camp 2024 To Be Held In Americas 14. WIA: Class License Format To Begin On New Years In Australia 15. UK Ofcom: Ofcom Amateur Radio Licensing Changes Upcoming In 2024 For UK Amateurs 16. DLARC Has A Christmas Wish List And More 17. Have A World Radiosport Team Championship Organizer At Your Next Club Meeting 18. European Space Agency Looking At Possible Amateur Payload On An Upcoming Satellite 19. Australian Amateur Makes A New Online Study Guide Available 20. New Year Long Award Program Is Launched By US Islands Program 21. "A Hams Christmas" read by Bill Contineeli, W2XOY 22. Upcoming conventions, hamfests, and contest listing 23. ARRL: ARDC and ARRL Announce $2.1 million for the next generation of Amateur Radio - Part One 24. ARRL: ARDC and ARRL Announce $2.1 million for the next generation of Amateur Radio - Part Two 25. FCC: FCC Senators Markey, Blackburn send a letter to the FCC on the 12 gigahertz proceeding 26. NCVEC: New amateur extra class question pool is released to be become effective on July 01, 2024 27. ARRL: Bandwidth limits replace symbol rates on the HF bands, other bands now open for comment 28. New Willy Wonka movie celebrated by upcoming special event station W0NKA Plus these Special Features This Week: * Our technology reporter Leo Laporte, W6TWT will be here to talk about staying safe with the help of a VPN, and will discuss the European Union's General Data Protection Regulation (GDPR). * Working Amateur Radio Satellites with Bruce Paige, KK5DO - AMSAT Satellite News * Foundations of Amateur Radio with Onno Benschop VK6FLAB, will take a look at Reporting On Radio Harmonic Power. * The DX Corner with Bill Salyers, AJ8B with news on DXpeditions, DX, upcoming contests and more. * Weekly Propagation Forecast from the ARRL * Bill Continelli, W2XOY - The History of Amateur Radio. This week, Bill programmed The Wayback Machine for 1974. In the first of two parts, Bill explains that 1974 was the year the FCC introduced its convoluted amateur radio restructuring plan. ----- Website: https://www.twiar.net X: @twiar Facebook: https://www.facebook.com/groups/twiari RSS News: https://twiar.net/?feed=rss2 Automated: https://twiar.net/TWIARHAM.mp3 (Static file, changed weekly) ----- Visit our website at www.twiar.net for program audio, and daily for the latest amateur radio and technology news. You can air This Week in Amateur Radio on your repeater! Built in identification breaks every 10 minutes or less. This Week in Amateur Radio is heard on the air on nets and repeaters as a bulletin service all across North America, and all around the world on amateur radio repeater systems, weekends on WA0RCR on 1860 (160 Meters), and more. This Week in Amateur Radio is portable too! The bulletin/news service is available and built for air on local repeaters (check with your local clubs to see if their repeater is carrying the news service) and can be downloaded for air as a weekly podcast to your digital device from just about everywhere. This Week in Amateur Radio is also carried on a number of LPFM stations, so check the low power FM stations in your area. You can also stream the program to your favorite digital device by visiting our web site www.twiar.net. Or, just ask Siri, Alexa, or your Google Nest to play This Week in Amateur Radio! This Week in Amateur Radio is produced by Community Video Associates in upstate New York, and is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. If you would like to volunteer with us as a news anchor or special segment producer please get in touch with our Executive Producer, George, via email at w2xbs77@gmail.com. Also, please feel free to follow us by joining our popular group on Facebook, and follow our feed on X! Thanks to FortifiedNet.net for the server space! Thanks to Archive.org for the audio space.

In this episode of the AI Today podcast hosts Kathleen Walch and Ron Schmelzer define the terms Anonymization, General Data Protection Regulation (GDPR), Uncanny Valley, explain how these terms relate to AI and why it's important to know about them. If you're not familiar with the General Data Protection Regulation (GDPR) is a European Union regulation focused on data protection and privacy first published in 2016. Continue reading AI Today Podcast: AI Glossary Series – Anonymization, General Data Protection Regulation (GDPR), Uncanny Valley at Cognilytica.

In today's episode of Tech Talks Daily Podcast, we delve into a subject of immense relevance to organizations across the European Union—the Network and Information Security Directive, commonly known as NIS2. Neil sits down with Arik Diamant, Principle Solution Architect EMEA at Claroty, to unpack this complex and transformative piece of legislation. Set to come into effect by October 2024, NIS2 aims to fortify the cybersecurity landscape of the European Union, mandating a higher level of resilience within organizations. Arik brings a unique perspective to this conversation, advocating that for Chief Information Security Officers (CISOs), NIS2 is nothing short of a dream come true. He highlights how the directive forces organizations to meticulously lay out strategy objectives and incident response plans. But what truly stands out in this directive is the emphasis on information sharing and collaboration among organizations. This focus, Arik argues, is not just a step in the right direction, but a leap towards creating a fortified, collective cybersecurity environment. Yet, the clock is ticking. Arik underscores the urgency for organizations to act swiftly to ensure they are in compliance with the new directive. Drawing a parallel with the General Data Protection Regulation (GDPR), he observes that just like its predecessor, NIS2 is expected to have a sweeping impact on the business ecosystem. While GDPR focused on data protection and privacy, NIS2 takes a broader approach, targeting the overall cybersecurity infrastructure. This makes it a complex, yet welcome challenge for CISOs who are entrusted with not just safeguarding information but also ensuring a resilient cybersecurity framework. One of the critical points of discussion in this episode revolves around financial planning. Arik explains that budget allocation is not just about throwing money at the problem; it requires strategic foresight to identify and prioritize key areas that align with NIS2 requirements. He warns against common pitfalls, emphasizing the need for meticulous planning, especially given the relatively short timeframe for compliance. Moreover, the conversation takes an interesting turn when it shifts towards supply chain cybersecurity. NIS2 extends its reach beyond the organization, mandating a close examination of cybersecurity preparedness across the supply chain. This means that companies now need to consider not just their internal practices, but also how secure their external partnerships are. Arik provides valuable insights into how organizations can navigate this complex landscape, offering suggestions for collaborative strategies to enhance security measures. In a notable comparison, Arik describes the introduction of NIS2 as akin to the advent of GDPR, particularly in the imposition of penalties for non-compliance. He calls attention to the onus of responsibility now placed on organizations, reiterating that failure to comply will not go unnoticed or unpunished. As the episode winds down, I raise the topic of national cyber crisis management, asking Arik to envision the role national authorities will play in this new regulatory framework. Arik suggests that there is an opportunity for member states to learn from each other's experiences, thereby collectively raising the bar on cybersecurity standards across the European Union. This episode serves as a comprehensive guide to understanding the multi-faceted elements of NIS2, providing actionable insights for organizations gearing up for the compliance deadline. From budgetary considerations to supply chain security, and from the role of national authorities to the penalties for non-compliance, the conversation with Arik Diamant leaves no stone unturned. 

Are the citizens of the EU at risk of becoming second-class digital citizens? It's well known at this point that Europe doesn't have its own version of Silicon Valley. Many believe that this is in large part due to its digital regulatory approach—the General Data Protection Regulation (GDPR), the Digital Markets Act (DMA), and the AI act, among others. While Congress hasn't passed a federal privacy law in the US, states like California have enacted rules similar to the EU model—at least on paper. Are the consequences of such regulation overstated? Is it possible to have consumer protection without sacrificing innovation? Evan discusses with Brian Chau, former mathematician and machine learning engineer and current research fellow at Alliance for the Future. He's also the author of the widely-read AI Pluralism newsletter. In a recent piece for Pirate Wires, he argues that Europe's digital regulations are turning EU residents into “second-class digital citizens.”

Brandon Wiebe, General Counsel and Head of Privacy at Transcend, offers tips about implementing data governance frameworks and how to utilize software in the process. Brandon's company is a privacy platform that helps legal and compliance teams automate data compliance tasks. Brandon explains that most data privacy laws, like the General Data Protection Regulation (GDPR) in the EU and U.S. state laws like the California Consumer Privacy Act (CCPA), generally require similar things of companies: notice at the time of customer data collection implementation of data security obligations that companies have a lawful basis for collecting information and that use of the information is consistent with the companies stated purpose for collecting it individuals have the right to opt out of data sale or sharing. Despite the many data privacy laws already enacted and new ones on the horizon, Brandon is quick to emphasize that data privacy teams should not let perfect be the enemy of good. They must get started somewhere in their data privacy policy journey. He says the best place to start is an organizational data map detailing all the places in a company's tech stack holding data subject to privacy regulations. Once a company has its data mapped, it can more easily comply with customer requests for information as permitted under data privacy laws and can also ensure it is not keeping more data than needed. Brandon also touches on why AI can complicate data privacy efforts, but also notes that artificial intelligence can also assist with data privacy efforts.

Startup Privacy Policies

In this episode, we dive into the allegations that OpenAI has violated the General Data Protection Regulation (GDPR), which could result in a hefty 4% penalty on their global annual revenue. Get on the AI Box Waitlist: ⁠https://AIBox.ai/⁠ Facebook Community: ⁠⁠https://www.facebook.com/groups/739308654562189/⁠⁠ Discord Community: ⁠https://aibox.ai/discord⁠ Follow me on X: ⁠https://twitter.com/jaeden_ai⁠

User privacy on internet platforms is sliding higher up the “to do” list of the EU's regulators. Five years after a trailblazing law was passed – the General Data Protection Regulation (GDPR) – we're starting to see its enforcement moving up a notch. For big tech companies that rely on personalized advertising, like Meta and Alphabet, their future in the EU is starting to look a little more complicated. Host: Bentley Kaplan, MSCI ESG ResearchGuests: Yoon Young Chung & Andrew Young, MSCI ESG ResearchProducer: Gabriela de la Serna, MSCI ESG Research

Geopolitics has always played a role in prosecuting hackers. But it's getting a lot more complicated, as Kurt Sanger reports. Responding to a U.S. request, a Russian cybersecurity executive has been arrested in Kazakhstan, accused of having hacked Dropbox and Linkedin more than ten years ago. The executive, Nikita Kislitsin, has been hammered by geopolitics in that time. The firm he joined after the alleged hacking, Group IB, has seen its CEO arrested by Russia for treason—probably for getting too close to U.S. investigators. Group IB sold off all its Russian assets and moved to Singapore, while Kislitsin stayed behind, but showed up in Kazakhstan recently, perhaps as a result of the Ukraine war. Now both Russia and the U.S. have dueling extradition requests before the Kazakh authorities; Paul Stephan points out that Kazakhstan's tenuous independence from Russia will be tested by the tug of war.  In more hacker geopolitics, Kurt and Justin Sherman examine the hacking of a Russian satellite communication system that served military and civilian users. It's reminiscent of the Viasat hack that complicated Ukrainian communications, and a bunch of unrelated commercial services, when Russia invaded. Kurt explores the law of war issues raised by an attack with multiple impacts. Justin and I consider the claim that the Wagner group carried it out as part of their aborted protest march on Moscow. We end up thinking that this makes more sense as the Ukrainians serving up revenge for Viasat at a time when it might complicate Russian's response to the Wagner group.  But when it's hacking and geopolitics, who really knows? Paul outlines the legal theory—and antitrust nostalgia—behind the  FTC's planned lawsuit targeting Amazon's exploitation of its sales platform.   We also ask whether the FTC will file the case in court or before the FTC's own administrative law judge. The latter may smooth the lawsuit's early steps, but it will also bring to the fore arguments that Lina Khan should recuse herself because she's already expressed a view on the issues to be raised by the lawsuit. I'm not Chairman Khan's biggest fan, but I don't see why her policy views should lead to recusal; they are, after all, why she was appointed in the first place. Justin and I cover the latest Chinese law raising the risk of doing business in that country by adopting a vague and sweeping view of espionage.  Paul and I try to straighten out the EU's apparently endless series of laws governing data, from General Data Protection Regulation (GDPR) and the AI Act to the Data Act (not to be confused with the Data Governance Act). This week, Paul summarizes the Data Act, which sets the terms for access and control over nonpersonal data. It's based on a plausible idea—that government can unleash the value of data by clarifying and making fair the rules for who can use data in new businesses. Of course, the EU is unable to resist imposing its own views of fairness, thus upsetting existing commercial arrangements without really providing any certainty about what will replace them. The outcome is likely to reduce, not improve, the certainty that new data businesses want.  Speaking of which, that's the critique of the AI Act now being offered by dozens of European business executives, whose open letter slams the way the AI Act kludged the regulation of generative AI into a framework where it didn't really fit. They accuse the European Parliament of “wanting to anchor the regulation of generative AI in law and proceeding with a rigid compliance logic [that] is as bureaucratic …  as it is ineffective in fulfilling its purpose.” And you thought I was the EU-basher.  Justin recaps an Indian court's rejection of Twitter's lawsuit challenging the Indian government's orders to block users who've earned the government's ire. Kurt covers a matching story about whether Facebook should suspend Hun Sen's Facebook account for threatening users with violence. I take us to Nigeria and question why social media thinks governments can be punished for threatening violence. Finally, in two updates, I note that Google has joined Facebook in calling Canada's bluff by refusing to link to Canadian news media in order to avoid the Canadian link tax.  And I do a victory lap for the Cyberlaw Podcast's Amber Alert feature. One week after we nominated the Commerce Department's IT supply chain security program for an Amber Alert, the Department answered the call by posting the supply chain czar position in USAJOBS. Download 466th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

Geopolitics has always played a role in prosecuting hackers. But it's getting a lot more complicated, as Kurt Sanger reports. Responding to a U.S. request, a Russian cybersecurity executive has been arrested in Kazakhstan, accused of having hacked Dropbox and Linkedin more than ten years ago. The executive, Nikita Kislitsin, has been hammered by geopolitics in that time. The firm he joined after the alleged hacking, Group IB, has seen its CEO arrested by Russia for treason—probably for getting too close to U.S. investigators. Group IB sold off all its Russian assets and moved to Singapore, while Kislitsin stayed behind, but showed up in Kazakhstan recently, perhaps as a result of the Ukraine war. Now both Russia and the U.S. have dueling extradition requests before the Kazakh authorities; Paul Stephan points out that Kazakhstan's tenuous independence from Russia will be tested by the tug of war.  In more hacker geopolitics, Kurt and Justin Sherman examine the hacking of a Russian satellite communication system that served military and civilian users. It's reminiscent of the Viasat hack that complicated Ukrainian communications, and a bunch of unrelated commercial services, when Russia invaded. Kurt explores the law of war issues raised by an attack with multiple impacts. Justin and I consider the claim that the Wagner group carried it out as part of their aborted protest march on Moscow. We end up thinking that this makes more sense as the Ukrainians serving up revenge for Viasat at a time when it might complicate Russian's response to the Wagner group.  But when it's hacking and geopolitics, who really knows? Paul outlines the legal theory—and antitrust nostalgia—behind the  FTC's planned lawsuit targeting Amazon's exploitation of its sales platform.   We also ask whether the FTC will file the case in court or before the FTC's own administrative law judge. The latter may smooth the lawsuit's early steps, but it will also bring to the fore arguments that Lina Khan should recuse herself because she's already expressed a view on the issues to be raised by the lawsuit. I'm not Chairman Khan's biggest fan, but I don't see why her policy views should lead to recusal; they are, after all, why she was appointed in the first place. Justin and I cover the latest Chinese law raising the risk of doing business in that country by adopting a vague and sweeping view of espionage.  Paul and I try to straighten out the EU's apparently endless series of laws governing data, from General Data Protection Regulation (GDPR) and the AI Act to the Data Act (not to be confused with the Data Governance Act). This week, Paul summarizes the Data Act, which sets the terms for access and control over nonpersonal data. It's based on a plausible idea—that government can unleash the value of data by clarifying and making fair the rules for who can use data in new businesses. Of course, the EU is unable to resist imposing its own views of fairness, thus upsetting existing commercial arrangements without really providing any certainty about what will replace them. The outcome is likely to reduce, not improve, the certainty that new data businesses want.  Speaking of which, that's the critique of the AI Act now being offered by dozens of European business executives, whose open letter slams the way the AI Act kludged the regulation of generative AI into a framework where it didn't really fit. They accuse the European Parliament of “wanting to anchor the regulation of generative AI in law and proceeding with a rigid compliance logic [that] is as bureaucratic …  as it is ineffective in fulfilling its purpose.” And you thought I was the EU-basher.  Justin recaps an Indian court's rejection of Twitter's lawsuit challenging the Indian government's orders to block users who've earned the government's ire. Kurt covers a matching story about whether Facebook should suspend Hun Sen's Facebook account for threatening users with violence. I take us to Nigeria and question why social media thinks governments can be punished for threatening violence. Finally, in two updates, I note that Google has joined Facebook in calling Canada's bluff by refusing to link to Canadian news media in order to avoid the Canadian link tax.  And I do a victory lap for the Cyberlaw Podcast's Amber Alert feature. One week after we nominated the Commerce Department's IT supply chain security program for an Amber Alert, the Department answered the call by posting the supply chain czar position in USAJOBS. Download 466th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

In May 2018, the European Union's General Data Protection Regulation (GDPR) became effective. The immediate impact was seen in the millions of dollars and man hours spent on compliance; the loss of certain websites or services from the European Union, such as the Los Angeles Times; and changes to user experiences and privacy choices. Advocates of the GDPR have argued that the tradeoffs are worth it for improved cybersecurity and the increased privacy rights of EU citizens, but critics have pointed to the potential impact on other values, such as speech and innovation, and have questioned if the GDPR has actually led to improvements or just increased red tape.Five years on, the impact of the GDPR on Americans and American companies as well as their European counterparts continues to be felt. As the United States debates its own potential federal data privacy law and sees an emerging patchwork of state laws, what lessons can we learn from the GDPR about benefits and consequences of data privacy regulation? Hosted on Acast. See acast.com/privacy for more information.

Hey hey, AI...is this where privacy comes to die? There is more to these pixels...than meets the eye! Artificial intelligence maybe taking your privacy!Last time Bob had Mike Carey on the show, he assured us that robots would not take over the law for at least five years. Now, chatGPT has taken the world by storm and virtually everyone has head of it...if not already used it. But when you ask it a question you may be exposing private data about yourself. And, AI likely already knows all about you anyway. Is That Even Legal?  Lawmakers, scientists, and many others are very concerned about AI...but everyone also loves it!  What's next?Listen in as Bob and AI guru Mike talk about the present and possible future dangers of AI to your privacy.  But first....here's a description of the show as written by a robot (in less than a minute --- the show 43 minutes long!):In this podcast, the speakers discuss the issues related to AI privacy. They talk about how AI is being used in various industries to improve efficiency and productivity but also raise concerns about the privacy of data. They explain how AI algorithms work by analyzing large amounts of data, and if this data is not protected, it can be misused by cybercriminals. The speakers also discuss the importance of AI privacy regulations and how governments are working to implement them. They talk about the European Union's General Data Protection Regulation (GDPR) and how it has set a standard for data privacy regulations worldwide. They also discuss the challenges of implementing such regulations and the need for collaboration between governments, businesses, and individuals to protect personal data. Overall, the podcast emphasizes the importance of AI privacy and the need for individuals to be aware of their rights to privacy and take steps to protect their personal information. 

On today's episode, host Bill Fisher is joined by analysts Paul Briggs, Evelyn Mitchell, and Carina Perkins to discuss the global state of data protection five years on from the introduction of the General Data Protection Regulation (GDPR), and what lies ahead as regulators get to grips with the rapidly evolving AI space.   Follow us on Instagram at:  https://www.instagram.com/behindthenumbers_podcast/   For sponsorship opportunities contact us: advertising@insiderintelligence.com For more information visit: https://www.insiderintelligence.com/contact/advertise/ Have questions or just want to say hi? Drop us a line at podcast@emarketer.com    For a transcript of this episode click here:  https://content-na1.emarketer.com/podcast-around-world-gdpr-turns-5-years-old-what-expect-ai-regulation   © 2023 Insider Intelligence    InMobi is a leading provider of content, monetization, and marketing technologies that help fuel growth for industries around the world. The company's end-to-end advertising software platform, connected content and commerce experiences activate audiences, drive real connections, and diversify revenue for businesses globally. With deep expertise and unique reach in mobile, InMobi is a trusted and transparent technology partner for marketers, content creators and businesses of all kinds.  

In this episode, Constantine Karbaliotis from nNovation, a certified privacy professional with a wealth of experience in the field of privacy and data protection joins the show. Constantine has served as a privacy officer for two multinational corporations, and now serves multiple organizations as a privacy advisor. Constantine is well-versed in a range of privacy program management areas, including policy development, implementing PIA/PbD programs, vendor privacy management, breach management and response, addressing notice, consent, and data subject rights issues, as well as contract issues such as data transfer agreements and security/privacy addenda. During our conversation, we explore the evolution of Canadian data privacy regulations, from their early beginnings to the current landscape, which is shaped by a range of federal and provincial laws. We discuss the primary Canadian privacy regulations that individuals and organizations should be aware of, and the differences between federal and provincial privacy laws, and how they impact individuals and organizations. We also delve into how the Canadian government enforces privacy regulations, and the penalties that individuals and organizations can face for non-compliance. Additionally, we examine how recent high-profile data breaches have affected Canadian privacy regulations and the changes made in response. We explore the challenges posed by emerging technologies, such as artificial intelligence and the Internet of Things, and their impact on Canadian privacy regulations. We also look at how individuals and organizations can stay up-to-date with the latest developments in Canadian privacy regulation and the resources available to help them comply. Topics: How has Canadian privacy regulation evolved over the years, and what impact has this had on individuals and organizations? What are the primary Canadian privacy regulations that individuals and organizations should be aware of? What are the differences between federal and provincial privacy laws in Canada, and how do they impact individuals and organizations? How does the Canadian government enforce privacy regulations, and what penalties can individuals and organizations face for non-compliance? How have recent high-profile data breaches affected Canadian privacy regulations, and what changes have been made in response? How does Canadian privacy regulation compare to other countries, such as the EU's General Data Protection Regulation (GDPR)? How can individuals and organizations stay up-to-date with the latest developments in Canadian privacy regulation, and what resources are available to help them comply? How do emerging technologies, such as artificial intelligence and the Internet of Things, affect Canadian privacy regulations, and what challenges do they pose? What do you see as the future of Canadian privacy regulation, and how do you think it will continue to evolve in the years to come? Resources: nNovation

The “godfather of AI” has left Google, offering warnings about the existential risks for humanity of the technology. Mark MacCarthy calls those risks a fantasy, and a debate breaks out between Mark, Nate Jones, and me. There's more agreement on the White House summit on AI risks, which seems to have followed Mark's “let's worry about tomorrow tomorrow” prescription. I think existential risks are a bigger concern, but I am deeply skeptical about other efforts to regulate AI, especially for bias, as readers of Cybertoonz know. I argue again that regulatory efforts to eliminate bias are an ill-disguised effort to impose quotas more widely, which provokes lively pushback from Jim Dempsey and Mark. Other prospective AI regulators, from the Federal Trade Commission (FTC)'s Lina Khan to the Italian data protection agency, come in for commentary. I'm struck by the caution both have shown, perhaps due to their recognizing the difficulty of applying old regulatory frameworks to this new technology. It's not, I suspect, because Lina Khan's FTC has lost its enthusiasm for pushing the law further than it can be pushed. This week's example of litigation overreach at the FTC include a dismissed complaint in a location data case against Kochava, and a wildly disproportionate ‘remedy” for what look like Facebook foot faults in complying with an earlier FTC order.  Jim brings us up to date on a slew of new state privacy laws in Montana, Indiana, and Tennessee. Jim sees them as business-friendly alternatives to General Data Protection Regulation (GDPR) and California's privacy law. Mark reviews Pornhub's reaction to the Utah law on kids' access to porn. He thinks age verification requirements are due for another look by the courts.   Jim explains the state appellate court decision ruling that the NotPetya attack on Merck was not an act of war and thus not excluded from its insurance coverage. Nate and I recommend Kim Zetter's revealing story on the  SolarWinds hack. The details help to explain why the Cyber Safety Review Board hasn't examined SolarWinds—and why it absolutely has to—because the full story is going to embarrass a lot of powerful institutions. In quick hits,  Mark makes a bold prediction about the fate of Canada's law requiring Google and Facebook to pay when they link to Canadian media stories: Just like in Australia, the tech giants and the industry will reach a deal.  Jim and I comment on the three-year probation sentence for Joe Sullivan in the Uber “misprision of felony” case—and the sentencing judge's wide-ranging commentary.  I savor the impudence of the hacker who has broken into Russian intelligence's bitcoin wallets and burned the money to post messages doxing the agencies involved. And for those who missed it, Rick Salgado and I wrote a Lawfare article on why CISOs should support renewal of Foreign Intelligence Surveillance Act (FISA) section 702, and Metacurity named it one of the week's “Best Infosec-related Long Reads.”  Download 456th Episode (mp3)  You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

There's an upcoming Virtual World Initiative (aka the Metaverse Initiative) at the European Commission on May 31st, and I had a chance to get Florence G'sell's thoughts on it. She's a law professor in France teaching at the University of Lorraine and leads the Digital, Governance and Sovereignty Chair at Sciences Po. If anything, she believes that this initiative might highlight some gaps in the many relatively new regulations that span from the AI Act, Digital Services Act, Digital Markets Act, and that it may reveal some needed amendments for the General Data Protection Regulation (GDPR). We do a deep dive into some of the XR relevant provisions of the AI Act, and do a broad overview of the Fundamental Rights approach to technology policy development and that there may already be some foundational principles. She points out that the right to respect for mental integrity already currently exists within the EU's Fundamental Charter of Human Rights: “Everyone has the right to respect for his or her physical and mental integrity.” But that the XR and neuro technologies may highlight new threats to these rights. The EU uses these human rights to help address technologies that provide systemic risks to fundamental rights. We also talk about a failed effort by the EU Parliament in 2017 to provide “electronic personhood” status for autonomous robots / AI

As promised, the Cyberlaw Podcast devoted half of this episode to an autopsy of Gonzalez v. Google LLC , the Supreme Court's first opportunity in a quarter century to construe section 230 of the Communications Decency Act. And an autopsy is what our panel—Adam Candeub, Gus Hurwitz, Michael Ellis and Mark MacCarthy—came to perform. I had already laid out my analysis and predictions in a separate article for the Volokh Conspiracy, contending that both Gonzalez and Google would lose. All our panelists agreed that Gonzalez was unlikely to prevail, but no one followed me in predicting that Google's broad immunity claim would fall, at least not in this case. The general view was that Gonzalez's lawyer had hurt his case with shifting and opaque theories of liability, that Google's arguments raised concerns among the Justices but not enough to induce them to write an opinion in such a muddled case. Evaluating the Justices' performance, Justice Neil Gorsuch's search for a textual answer drew little praise and some derision while Justice Ketanji Jackson won admiration even from the more conservative panelists. More broadly, there was a consensus that, whatever the fate of this particular case, the court will find a way to push the lower courts away from a sweeping immunity for platforms and toward a more nuanced protection. But because returning to the original intent of section 230 is not likely after 25 years of investment based on a lack of liability, this more nuanced protection will not have much grounding in the actual statutory language. Call it a return to the Rule of Reason. In other news, Michael summed up recent developments in cyber war between Russia and Ukraine, including imaginative attacks on Russia's communications system. I wonder whether these attacks—which are sexy but limited in impact—make cyber the modern equivalent of using motorcycles as a weapon in 1939.  Gus brings us up to date on recent developments in competition law, including a likely Department of Justice's challenge to Adobe's $20 Billion Figma deal, new airline merger challenge, the beginnings of opposition to the Federal Trade Commission's (FTC) proposed ban on noncompete clauses, and the third and final nail in the coffin of the FTC's challenge to the Meta-Within merger.  In European cyber news, the European Union is launching a consultation designed to make U.S. platforms pay more of European telecom networks' costs. Adam and Gus note the rent-seeking involved but point out that rent-seeking in U.S. network construction is just as bad, but seems to be extracting rents from taxpayers instead of Silicon Valley. The EU is also getting ready to fix the General Data Protection Regulation (GDPR), in the sense that gamblers fix a prize fight. The new fix will make sure Ireland never again wins a fight with the rest of Europe over how aggressively to extract privacy rents from U.S. technology companies. I am excited about Apple's progress in devising a blood glucose monitor that could go into a watch. Adam and Gus tell me not to get too excited until we know how many roadblocks The Food and Drug Administration (FDA) will erect to the use and analysis of the monitors' data. In quick hits,  Gus confirms our suspicion that generative AI Is coming for the lawyers' jobs And that Illinois' biometric privacy law has gone from a really bad idea to a social, economic, and litigation catastrophe.  The Illinois Supreme Court could have staved this one off and didn't.  Download 445th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.