United Kingdom
What does AI plan mean for NHS patient data and is there cause for concern?
- As part of an AI action plan, UK ministers have committed to creating a National Data Library for building artificial intelligence (AI) models. The library will include at least five “high-impact” public datasets, and calls for a National Data Library to be used by tech startups and researchers in order to train new models.
- The prime minister, Keir Starmer, indicated patient data from the NHS could be part of this, as there was a “huge opportunity” to improve healthcare. Patient data has already been used by NHS trusts to develop AI models to predict conditions (such as high blood pressure and eye diseases).
- The director of foundational AI at the UK’s Alan Turing Institute has noted the health data could be matched to other information to identify patients; however, AI models can be trained to prevent this re-identification.
- The data may be used for profit-making purposes, but the plan is clear “public trust, national security, privacy, ethics, and data protection” must be taken into consideration by ministers and officials.
A breach of Gravy Analytics’ huge trove of location data threatens the privacy of millions
- There has been a hack and data breach of Gravy Analytics, a data broker. Whilst the full scale of the breach is unknown, the alleged hacker has already published a large sample of location data from consumer phone apps.
- The dataset contains data derived from popular Android and iPhone apps, including FlightRadar, Grindr, and Tinder. These apps have denied direct business links to Gravy Analytics, but acknowledged displaying ads.
- The data also allows for easy de-anonymization of ordinary individuals. There are dangers that the dataset presents for LGBTQ+ users, whose location data derived from certain apps could identify them in countries that criminalize homosexuality.
- To prevent the use impact of these hacks in the future, it is advisable to protect against advertising surveillance. It is possible to use ad-blockers built into the device-level features of Apple and Android devices.
United States
Google, YouTube Users Advance Privacy Suit Over Children’s Data
- Google LLC and YouTube LLC face some claims of a long-running proposed class action alleging the violation of state privacy and consumer-protection laws. The class action allege the collection of children’s information without informing parents or obtaining their consent.
- The Magistrate Judge of the US District Court for the Norther District of California has allowed the claims concerning of intrusion upon seclusion to survive. She also allowed their claims under the consumer-protection statutes of Indiana, Massachusetts and New Hampshire to survive for the purpose of damages, along with their equitable relief-claims under the statutes of Florida, Massachusetts, Michigan, New Hampshire, and Tennessee.
- Previously, the judge had dismissed the lawsuit and given the plaintiffs’ limited leave to amend their complaint.
TikTok restores service in US after Trump pledge
- TikTok is resuming services to its 170 million users in the US after President-elect Donald Trump said he would issue an executive order to give the app a reprieve when he takes office on Monday.
- Bytedance, TikTok’s parent company, previously ignored the law requiring it to sell its US operations to avoid a ban. This was upheld by the Supreme Court this Friday, to come into effect on Sunday.
- Trump previously backed a ban of the platform, and has now promised to delay implementation of the law and allow more time for a deal to be made. The legal authority Trump will use to delay the implementation of a law that is already in effect is unclear, but it is expected that his government will not enforce the ban if he issues an executive order.
- Any executive order that goes against the law could be fought in court. The Solicitor General Elizabeth Prelogar was adamant that an executive order cannot change the law retroactively. University of Richmond law professor Carl Tobias said that the law does include a provision that would allow the president to postpone the ban for up to 90 days, if he can show that the company is making substantial progress on alleviating national security issues.
- TikTok has started working again, and in a popup message to users thanked Trump for “providing the necessary clarity and assurance” and said it would work with Trump “on a long-term solution that keeps TikTok in the United States”.
Europe
Parliament backs Bruno Gencarelli as new privacy watchdog
- The Committee on Civil Liberties, Justice and Home Affairs (LIBE) has endorsed Bruno Gencarelli for a five-year term as the union’s privacy watchdog. In the role, they would be responsible for keeping the EU institutions’ handling of personal data in check, implicitly guiding privacy protection across the EU.
- The new appointee will tackle issues such as the concern over the Commission’s dependence on Microsoft software, and possible cybersecurity concerns. Members of European Parliament asked candidates about the training of AI on personal data and how to protect data privacy in a more hostile geopolitical environment.
- LIBE will have to agree with the Council on the appointment, which will vote on their preferred candidate on Friday.
‘Sheep for hire’: Trump, Musk and Zuckerberg’s dangerous plan for Europe
- Zuckerberg, head of Facebook parent company Meta, has posted on social media that he is “going to work with President Trump to push back on governments around the world that are going after American businesses.”
- The EU is one possible target, as increasingly stringent digital laws have led to Meta being fined more than a billion dollars over the last few years.
- Zuckerberg also announced the abandoning of fact-checking programmes that fight misinformation of Facebook and Instagram. In doing so, he has joined X CEO Elon Musk, in pushing against EU digital rules.
- Italian centre-left lawmaker Brando Benifei, who spearheaded the EU’s first rulebook on artificial intelligence (AI) and now co-heads the European Parliament’s AI monitoring group, said that this pushback against the bloc’s regulations appeared for fear that similar stringent rules might spread to other parts of the world.
International
Canada’s privacy watchdog ‘in contact’ with PowerSchool on student data hack
- PowerSchool software, used by schools to store student data, was the subject of a high-profile data breach.
- The breach involved some “personally identifiable information”. It is not yet known the extent of the breach, and the number of individuals affected.
- Canada’s privacy commissioner is in contact with PowerSchool to obtain more information about the breach, and determine what to do next.
OPPO, RealMe admit illegal loan apps preinstalled in their phones
- The Chinese smartphone manufacturers OPPO and RealMe admitted they preinstalled loan applications on their devices to facilitate bank transactions, without the approval of the Bank of Thailand.
- OPPO and RealMe have promised to withdraw devices featuring the application from the market immediately. Consumers can demand the removal of the app, or file complaints if such apps remain.
- The Personal Data Protection Committee has requested a detailed report on the personal data collected through Fineasy (one of the installed loan applications), and of its usage.