United Kingdom
ICO sets out priorities to protect children’s privacy online
- The UK Information Commissioner’s Office will continue to prioritise children’s privacy with a new Children’s Code strategy.
- The code builds on the progress to date and sets out the priority areas that social media and video-sharing platforms need to improve on in the coming year.
- Information Commissioner John Edwards said that he is “calling on social media and video-sharing platforms to assess and understand the potential data harms to children on their platforms, and to take steps to mitigate them.”
ICO joins global data protection and privacy enforcement programme
- The UK Information Commissioner’s Office signed a multilateral agreement to join the Global Cooperation Arrangement for Privacy Enforcement (CAPE).
- The ICO and Global CAPE will work together in enforcement of cross-border protection and privacy matters.
- The ICO will assist with investigations and share information with member countries, including the United States, Australia, Canada, Mexico, Japan, the Republic of Korea, the Philippines, Singapore, and Chinese Taipei.
United States
US and UK Announce Partnership on Science of AI Safety
- The UK and US AI Safety Institutes signed a Memorandum of Understanding (MOU) to work together on artificial intelligence safety research, evaluations, and guidance.
- This partnership follows the UK’s AI Safety Summit held last November and will see both countries working to align their scientific approaches and work closely to accelerate and rapidly iterate robust suites of evaluation for AI models, systems, and agents.
- The US and UK AI Safety Institutes have laid out plans to build a common approach to AI safety testing and to share their capabilities to ensure these risks can be tackled effectively.
- This partnership will take effect immediately.
Ransomware group requested $30M from Las Vegas casino data breach
- Ransomware group Star Fraud requested a USD $30 million ransom payment for stolen data during a cyberattack in September 2023 on MGM Resorts International.
- The cyberattack breached consumers’ personally identifiable information and affected the casino’s system, leading to USD $100 million in lost revenue.
Europe
Five companies sanctioned by Garante for illicitly processing biometric data
- Italy’s data protection authority, the Garante, fined five waste disposal companies after they allegedly used facial recognition technology to determine employee attendance.
- The authority intervened following complaints from several employees, and also highlighted the particular risks for workers’ rights connected to the use of facial recognition systems.
- Garante said that it directed the companies to delete the biometric data and use “less invasive systems to control the presence of their employees and collaborators in the workplace.”
France’s latest foreign interference bill questions democratic control over surveillance services
- Members of the French Parliament supported a bill that would expand Intelligence Law to enable the use of surveillance on “foreign influence.”
- The law currently uses surveillance measures to monitor behaviour flagged as potential terrorism, and the Senate is expected to discuss the bill this month.
- Privacy experts raised concerns that expanding the law could threaten privacy and civil liberties since the algorithms used for surveillance are secret and not available for scrutiny.
International
Privacy Commissioner launches ‘precautionary’ inquiry into Foodstuffs’ facial recognition tech
- An inquiry by the Privacy Commissioner will monitor the way stores are running Foodstuffs’ North Island trial of facial recognition technology to make sure it is compliant with the Privacy Act.
- Commissioner Michael Webster says that at the end of the six-month trial, an assessment of the results will be made.
- Furthermore, other matters will be considered, specifically in terms of concerns highlighted around the nature of privacy and intrusive technology being used in a retail setting.
