Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In…
How to write a GDPR data privacy notice…
Data protection law in the UK has changed as a result of Brexit. You can find the latest guidance here. Under the GDPR (General Data Protection Regulation), organisations must provide individuals with certain information via a…
7 key stages of the data protection impact…
Under the GDPR, DPIAs (data protection impact assessments) are mandatory for data processing that is “likely to result in a high risk to the rights and freedoms of data subjects”. Effectively a type of risk…
Virginia Data Privacy Law
Virginia is about to get a data privacy law, modeled on California’s law.Read more: schneier.com
A guide to the GDPR and CCTV in…
You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). The Regulation isn’t just about written details, like names and addresses; it applies to any information that can…
The Problem with Treating Data as a Commodity
Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or…
What are the best books on data privacy?
Looking for affordable ways to keep your data secure? Sometimes the simplest solutions are the best – and nothing beats the simplicity of a book. With books, you get expert advice at your fingertips. You…
NoxPlayer Android Emulator Supply-Chain Attack
It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company’s…
Extracting Personal Information from Large Language Models Like…
Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the right sorts of queries. Paper: “Extracting Training Data…