EU Commission: The GDPR has been an overall success
The GDPR proved to be flexible to support digital solutions in unforeseen
circumstances such as the Covid-19 crisis. The report also concludes that
harmonisation across the Member States is increasing, although there is a
certain level of fragmentation that must be continually monitored. It also
finds that businesses are developing a compliance culture and increasingly use
strong data protection as a competitive advantage. The GDPR has acted as a
catalyst for many countries and states around the world – e.g., Chile, South
Korea, Brazil, Japan, Kenya, India, Tunisia, Indonesia, Taiwan and the state
of California – to consider how to modernise their privacy rules, the EC
noted. They also pointed out that it provided data protection authorities many
corrective powers to enforce it (administrative fines, orders to comply with
data subject’s requests, bans on processing or the suspension of data flows,
etc.) There is room for improvement, though. “For example, we need more
uniformity in the application of the rules across the Union: this is important
for citizens and for businesses, especially SMEs. We need also to ensure that
citizens can make full use of their rights,” noted Didier Reynders,
Commissioner for Justice.
AI experts say research into algorithms that claim to predict criminality must end
:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/66974326/acastro_180730_1777_facial_recognition_0003.0.jpg)
A coalition of AI researchers, data scientists, and sociologists has called on
the academic world to stop publishing studies that claim to predict an
individual’s criminality using algorithms trained on data like facial scans
and criminal statistics. Such work is not only scientifically illiterate, says
the Coalition for Critical Technology, but perpetuates a cycle of prejudice
against Black people and people of color. Numerous studies show the justice
system treats these groups more harshly than white people, so any software
trained on this data simply amplifies and entrenches societal bias and racism.
“Let’s be clear: there is no way to develop a system that can predict or
identify ‘criminality’ that is not racially biased — because the category of
‘criminality’ itself is racially biased,” write the group. “Research of this
nature — and its accompanying claims to accuracy — rest on the assumption that
data regarding criminal arrest and conviction can serve as reliable, neutral
indicators of underlying criminal activity. Yet these records are far from
neutral.” An open letter written by the Coalition was drafted in response to
news that Springer, the world’s largest publisher of academic books, planned
to publish just such a study.
Embedding ESG into banks’ strategies
Bank CEOs know they need to act. In fact, in a global survey by KPMG
International in autum last year (before COVID-19), almost three‑quarters of
banking CEOs said they believed their future growth will be largely determined
by their ability to anticipate and navigate the shift to a low-carbon,
clean-technology economy. However, most are struggling to come to grips with
what that really means for their bank going forward. Take the transition risk,
for example. Bank executives understand the "new reality" will require them to
pivot their finance towards greener and more sustainable companies and
investments. But they also know they can’t just flick a switch; they still
have significant books of business wrapped up in loans and instruments to
‘brown’ assets. As long as those brown assets continue to generate profits for
the bank, bank executives will need to balance their duty to finance the ESG
transition against their fiduciary duties to shareholders. Banks, regulators
and politicians are also struggling to understand all of the potential
unintended consequences of their shift towards more ESG-related business
strategies. Declining to renew loans on existing coal mines, for example, may
improve a banks’ carbon disclosures.
Facebook, IoTeX, R3 Among New Members of Confidential Computing Consortium
“Confidential computing brings privacy-preserving smart devices to the next
level by not only allowing users to own their private data, but also to use it
in a privacy-preserving way,” Raullen Chai, CEO of IoTex, told CoinDesk in an
email. “This has major implications for consumer-facing industries such as
health care and smart homes, as well as enterprise for private multi-party
data sharing and interactions.” Chai, based in San Francisco, said there are
two immediate use cases where confidential computing could make an impact on
everyday people’s privacy. One is facial recognition in public spaces,
an area that is under intense debate and scrutiny, particularly as protests
against police brutality continue in the U.S. There are traditionally two
sides to this debate, said Chai. On one side are privacy-conscious people who
don’t want images of their faces scanned and analyzed by governments and other
actors. On the other are governments (their supporters) who, broadly, are
prepared to sacrifice people’s privacy in the name of public good.
Confidential computing has something for each hand.
Technology for a no-touch world
Now that machines can understand us almost as well as another human, we’ll see
the technology take us back to a virtual version of the old days. We’ll be
able to walk into an elevator and simply say, in any language, “Tenth floor,
please.” Vending machines were invented to automate things such as candy and
ticket stands, which were operated by clerks who people could speak to. In the
coming years, we’ll again ask for what we want instead of pushing a button,
but we won’t be talking to a person. Paris-based Thales, for example, is
marketing its Transcity voice-recognition ticket machine to train stations:
Travelers speak to tell it where they want to go, and it prints their ticket.
Next-generation ATMs will veer toward becoming virtual tellers, according to
Doug Brown, an executive at ATM maker NCR, who spoke about the technology in a
recent news article. ... The effort to get machines to recognize faces also
goes back to the 1960s, when an inventor named Woody Bledsoe, possibly funded
by the CIA, laid down some of the field’s foundational research and dreamed of
wearing glasses that would tell him the names of everyone he met. But as with
speech technology, computers then didn’t have enough power or data or clever
enough programming to make facial recognition work.
Is working from home the death knell for offices?
What will happen once the coronavirus is brought under control, either by a
vaccine, or by an effective treatment? Will companies encourage staff to
continue working from home and cut the amount of office space they occupy?
Recent headlines suggest some companies have already decided to downsize their
offices. Companies have a big incentive to cut their office use. Bills for
rent, service charges, and utilities are all meaningful costs. Staff also
benefit by spending less on commuting and having more time at home. The
average one way commute in both the UK and US takes half an hour. Furthermore,
even a small fall in the number of cars can lead to a significant improvement
in traffic flow, and fewer cars means cleaner air. Yet, if remote working is
such an obvious win-win for both businesses and their staff, why were
companies so slow to adopt it before the coronavirus? The pressure on
companies to economise is nothing new. Email and video conferencing have
existed for 25 years, albeit the technology could be unreliable in its early
years. Part of the answer may have been to do with control, and concerns that
less conscientious staff would take advantage of remote working. Being seen in
the office can also help employees.
A Changing World Requires a Changing View of Security
Moving security hygiene further up the to do list has to be paramount or all
the effort to innovate and progress will be wasted. It really won’t take much
to be breached. A DDoS attack can create large volumes of ‘garbage’ traffic to
saturate the pipe and attack the intricacies of the VPN protocol. A flow as
little as 1Mbps can knock a VPN service offline. No business will want to risk
a breach that interferes with trading, nor can they afford any data
exposure. It’s therefore really important to look back at what has been
achieved and fine tune the processes and solutions in play and adapt the
associated risk models. Some companies won’t be able to think about this right
now such is the urgency to keep the business operating. But they must return
to it, or employ the skills to do an audit, before moving on to the more
strategic implementations they’ve proven they are capable of delivering. It
would be foolish to roll out anymore transformation with emphasis on access
and usability yet neglect security. The companies that ride this storm will be
the ones that have the right technology, implementations, and skills in place.
They will be the ones that deliver new operational models and innovate in ways
their competition can’t.
The Secret of Simple Code
You can write code that is more reusable and less likely to break when new
requirements are introduced and things change in the surrounding code. The
secret to being 10x more productive is to gain a mastery of abstraction. A lot
of developers treat “abstraction” like it’s a dirty word. You’ll hear
(otherwise good) advice like, “don’t abstract too early” or Zen of Python’s
famous “explicit is better than implicit,” implying that concrete is better
than abstract. And all of that is good advice — depending on context. But
modern apps use a huge amount of code. If you printed out the source code of
modern top 10 applications, those stacks of paper would compete with the
height of skyscrapers, and software costs a lot of money to maintain. ...
Imagine being the coder who popularized the use of the map operation in
programming languages like JavaScript. Map abstracts away details such as the
type of data you’re mapping over, the type of data structure containing the
data, and the iteration logic required to enumerate each data node in the data
structure. It’s improved the efficiency of every app I’ve built in the past
decade.
Attackers Target Vulnerable Exchange Servers
"As these attacks show, Exchange servers are high-value targets. These
attacks also tend to be advanced threats with highly evasive, fileless
techniques," Hardik Suri, a researcher with the Microsoft Defender ATP Research
Team, writes in the blog. "The security update that fixes this vulnerability has
been available for several months, but, notably, to this day, attackers find
vulnerable servers to target." After gaining access to a vulnerable Exchange
server, attackers deploy web shells - malicious code written in common
programming languages - into one of the many web accessible paths on the server,
Microsoft reports. This enables hackers to steal data or perform malicious
actions for further compromise. Microsoft found that common access paths for web
shell deployment were ClientAccess and FrontEnd directories, which provide
services such as Outlook on the web, the Exchange Admin Center and AutoDiscover.
A common web shell being used in the attacks is the credential-stealer China
Chopper, which is hidden in the system using common file names, the blog notes.
Spring Boot 2.3.0 Focuses on the Cloud
Spring Boot has released version 2.3.0 which adds support for Docker with buildpacks, layered images, graceful shutdown support, liveness, and readiness probes. Another noteworthy change is the support for Java 14 while maintaining support for LTS versions 8 and 11. Buildpacks are an alternative to Dockerfiles. Buildpacks automatically detect the software needed to run the application in a Docker container. For example, it detects the version of Java used in the application. Based on that version, the buildpack will select the JRE specified in the buildpack and build a Docker image. ... Developers usually store the application artifact as a JAR file. The disadvantage is that the JAR file contains elements that often change, such as the code. But the JAR file also contains elements that change less frequently such as the dependencies. Changes between versions in Docker images are stored as diffs. When JAR files are stored for each version of the application, then the diff is quite big and consume a lot of disk space. Buildpacks reduce the space required by splitting the application into multiple layers based on what changes more frequently.
Quote for the day:
No comments:
Post a Comment