Search results

[…] most sensitive of personal data to the newly-conceived legal category of “neural data.” Each of these laws defines “neural data” in related but distinct ways, raising a number of important questions: just how broad should this new data type be? How can lawmakers draw clear boundaries for a data type that, in theory, could […]

[…] AI Governance and Safety at IMDA; Derek Ho, Deputy Chief Privacy, AI and Data Responsibility Officer at Mastercard; and Patrick Chua, Senior Principal Digital Strategist at Singapore Airlines (SIA). The experts discussed AI governance from both an industry and regulatory perspective. The panelists highlighted that AI governance is cross-functional and requires collaborative effort from […]

[…] oversight purposes. The supervising body typically has some discretion as to how to implement its sandbox, such as the focus (technology or sector-specific), the vetting process, the number of accepted applicants, and evaluation metrics for success. Application and selection: As part of the vetting process, participating organizations must explain to the regulatory body why […]

[…] privacy . Financial firms are required and incentivized to engage in a range of anti-fraud programs. Firms often seek to determine whether a particular International Bank Account Number (IBAN) involved in a cross-border transaction is at high risk for fraud. Traditionally , this process involves cooperation between financial institutions that can raise compliance questions […]

[…] under federal health privacy law at all. Instead, protections depend on the state where a user lives, or whether the product falls under one of a growing number of state-level privacy laws or consumer health privacy laws. Laws like New York’s S929/NY HIPA, which remains in legislative limbo, reflect growing state interest in regulating […]

[…] generate a human-readable response. Stage 2: Embedding contextual information Complex contextual information can be reflected as patterns in high-dimensional vectors. The greater the complexity, the higher the number of features that are needed. These are reflected as parameters of the high dimension vectors. Contrariwise, low dimension vectors contain fewer features and have lower representational […]

[…] likely to result in a “high risk” to data subjects. The draft guidelines propose a two-tier approach to assess this risk, considering both quantitative factors (like the number of data subjects) and qualitative ones (such as data sensitivity). Notably, if a DPIA reveals a high overall risk, organizations may be required to notify the […]

[…] of certain types of personal data. Under the amendments, a controller cannot disclose the following types of data in response to a consumer access request: social security number; government-issued identification number (including driver’s license number); financial account number; health insurance or medical identification number; account password, security question or answer; and biometric data. Instead, […]

[…] BOARD MEETING June 11–13, 2025 • Washington, D.C. Sovereignty, Localization, and Related Challenges to Effective Cybersecurity Discussion Leads: John Verdi and Jocelyn Aqua SESSION DESCRIPTION An increasing number of regulations seek to restrict or limit organizations’ ability to process data in certain countries or outside of specific jurisdictions. These restrictions are creating significant challenges […]

[…] process to issue these rules, and engaged with numerous stakeholders and closely monitored market developments to promote consumer interests, innovation, and competition. Ms. Strickland’s testimony lists a number of valuable aspects to the rule, including its treatment of consumer controls, screen scraping, security obligations, and industry standards. Her testimony also highlights five areas of […]