I didn't expect to have fun talking about GDPR, CRA, DMA, DSA, and all those WTFs but my colleague Denise did a stellar job at making her policy work accessible!
Because tech doesn't exist in the void, it's important to understand the role of policy & compliance people and how their expertise is crucial to us.
Das #BSI ist inzwischen auch aufgewacht und warnt vor dem #xz Backdoor. Das ist löblich, die Warnung selbst aber nicht ganz korrekt.
Die vielen Millionen Internet-Server laufen in den seltensten Fällen auf Bleeding-Edge-Systemen, sondern auf stabilen, wie etwa #DebianStable, #UbuntuServer, #SLES oder #RHEL. Keine der genannten Distributionen enthält den #xzbackdoor.
Ist das wieder nur schlafmütziger #Compliance Fick-Fuck einer deutschen Behörde, oder möchte man ...
"Wir möchten Sie informieren, dass wir für die Verwaltung Ihrer personenbezogenen Daten ein neues System verwenden. [...] Haben sich Ihre Interessen und Themenpräferenzen geändert, dann können Sie diese hier (URL) aktualisieren."
➡️ ich besuche die Seite und muss erst mal zwei 3rd-Party-Cloud-Firmen Codeausführung erlauben, bis ich auf der Seite irgendwas sehe oder gar auswählen kann.
The #DigitalMarketsAct mandates Meta to "enable end users to freely choose to opt-in to [combining or cross-using personal data] by offering a less personalised but equivalent alternative".
When I pointed out to Meta that by offering users to either #consent to #SurveillanceAds or pay € 275 per year for #Instagram & #Facebook isn't "equivalent alternative" they said, Meta has to do that because of #GDPR 😤 Really??
Leveraging my #privacy and #ai friends. A super talented and capable undergraduate student graduating at the end of the quarter reached out to me asking for career routes forward, prior to (or perhaps instead of) law school, that would allow for the exploration of #dataprivacy, #compliance, and AI #policy.
I know about IAPP and their training and certification programs, but didn't immediately have any additional resources off the top of my head. Thoughts? Tips? Thanks!
When an #EU user installs a third-party app store with #iOS 17.4 and travel outside the EU "for a longer period of time", that app store will stop working.
So they will stop getting updates. From the oh-we're-so-secure phone company. Seriously #WTF Apple.
"Among articles stating that data was available upon request, only 17% shared data upon request. The presence of Data Availability Statements was not associated with higher rates of data sharing."
For >100 yrs, since Donald Trump’s grandfather started buying land in NYC, the #Trump family has run a real estate business in NY.
Barring a successful #legal appeal of Fri’s decision by a NY Supreme Court judge, that could change.
After finding that #TrumpOrganization executives had engaged in years of #fraud by inflating their #property values to get better #insurance & #tax rates, #Engoron ordered that the company operate under the close eye of 2 overseers, a monitor & an independent director of compliance, to ensure #compliance w/ #financial reporting obligations.
In other words, #Trump can remain the owner, but he has lost control.
Obwohl nun neu aufgetauchte Dokumente belegen, dass der wichtige Abteilungsleiter Bonhoff deutlich stärker Druck für das Fördergeld machte, als das Ministerium bisher zugab, beharrt es auf dem Standpunkt, aus #Compliance-Sicht sei alles völlig in Ordnung.
Das Ministerium offenbart damit einen fragwürdigen Umgang mit Interessenkonflikten und sendet ein völlig falsches Signal. Gerade nach der Debatte um #Graichen sollte die Bundesregierung Integrität und Compliance groß schreiben und nicht mit zweierlei Maß messen.
Kritik an dem Vorgang kommt auch aus der Union: „Intransparenz und Salamitaktik des Verkehrsministeriums müssen hier und jetzt ein Ende finden“, sagte @UlrichLange, Fraktionsvize @cducsubt gegenüber dem @handelsblatt.
Healthcare cybersecurity is vital. Sam Bocetta explores strategies for HIPAA compliance, including conducting risk assessments, enhancing data protection, and training staff to protect patient information.
The #FOSDEM fringe event #FOSS#license and #security#compliance tools yesterday was great! The room was filled with energy and knowledge and the willingness to improve things. Many concrete ideas to follow up on. #SBOM all the things!
@theregister have published an article on my complaint to the Irish DPC in relation to Meta opting people in to their "Free with Ads" tier for Facebook and Instagram:
If you are coming to FOSDEM and like to connect with old or new #communities beyond the actual conference, find a list of possible events on // foss.events: https://foss.events/#February
Wishing everyone a great time - wherever you finally end up going ^^
Just had to file a complaint against Hilton for not complying with direct #marketing opt-outs, non-compliance with #GDPR Articles 5,6,7,12,13,21 and 25 as well as Article 5(3) of 2002/58/EC for their web site, #mobile application and #email service which all use tracking technologies without consent.
Actors #naming in EU laws:
"The end user and recipient of the service are both natural and legal persons using a certain service. However, the #DSA recipient of the service can be a person acting in a personal or commercial/professional capacity whereas the #DMA end user can only be a person acting in a personal capacity."