India’s data protection law: Reimagining a new era of innovation led digital markets
E-commerce platforms would have to make changes in their user interfaces of
websites and apps, with clearer communication with users for consent,
processing, erasing or grievance addressal. Moreover, the e-commerce platforms
will have to completely erase all personal data when the user refutes the
continuity of consent or when the purpose intended is served. The platforms will
also have to now carry out a verifiable parental consent mechanism to provide
services to children below 18 years of age but cannot track or carry out
behavioural monitoring of the child, unless exempted separately by the
government. This is a complex subject, as many e-commerce platforms already
follow due checks for ensuring parental control below a certain age. Moreover,
payments in e-commerce for principals below 18 years of age would anyway require
guardianship of a parent or legal guardian, as per mandated by RBI . E-commerce
players, however, will still need to adopt the additional obligations. For AI
systems, which are now becoming increasingly integral to the operations of
e-commerce platforms, this means a shift towards more transparent and ethical
data usage practices.
Key strategies for ISO 27001 compliance adoption
ISO 27001 fundamentally breaks down to: “What information security risks do we
face? How should we best manage them?”Just as the chicken may come before the
egg, note that what should happen in this case is that you identify the risks
first and then select the controls that help to manage those risks. You
definitely don’t have to apply all of the controls, and nearly all organisations
treat some, validly, as non-applicable in their Statement of Applicability. For
example, businesses where all employees work remotely simply don’t have the full
range of risks that can benefit from mitigation by the physical controls. When
it comes to performance evaluation, it’s largely a case of working through the
relevant clauses and controls and agreeing how good a job the organisation is
doing trying to meet the associated requirements. The ones that are selected for
monitoring, measurement and evaluation will depend on the type and size of the
organisation and its business objectives. These are basically key performance
indicators (KPIs) for information security and might include supplier
evaluations and documented events, incidents, and vulnerabilities.
Breach Roundup: US Bans AI Robocalls
Telecom regulators voted unanimously Thursday to make AI-generated robocalls
illegal under the 1991 Telephone Consumer Protection Act, which prohibits
robocalls from using "artificial" voices. The new rule allows the FCC to order
telephone carriers not to facilitate illegal robocalls and empowers individual
consumers or organizations to file lawsuits against violators. The decision
comes amid concerns that AI could be used to disseminate misinformation about
the election. A robocall featuring a deepfake of President Joe Biden urging
voters in New Hampshire to stay home on primary day caused controversy in
January. The New Hampshire attorney general on Tuesday said he had identified
the source of the calls as Texas-based Life Corporation and its owner, Walter
Monk. State Attorney General John M. Formella said the calls had been routed
through a provider called Lingo Telecom, also based in Texas. New Hampshire
issued a cease-and-desist order to Life Corporation, and the FCC sent a
cease-and-desist letter to Lingo Telecom. "Bad actors are using AI-generated
voices in unsolicited robocalls to extort vulnerable family members, imitate
celebrities and misinform voters," FCC Chairwoman Jessica Rosenworcel said in a
statement.
Stifling Creativity in the Name of Data
Pitt challenges the notion that data and creativity are mutually exclusive.
Builders should base decisions on both metrics and imaginative thinking. Focus
obsessively on either, and you lose sight of the problem you aim to solve. "Data
can contribute to developer improvement," Pitt concludes, "but developers should
not solely rely on it." By the same token, visionaries in the throes of
invention must temper flights of fancy with reality checks. Synthesis of human
and machine intelligence unlocks maximum potential. But for Pitt, the human mind
still reigns supreme when it comes to pushing boundaries and bringing new ideas
to life. Software development draws its lifeblood from creative problem solvers
who feel intrinsically rewarded by shipping inventive products. Data should
inform and empower that mission, not impose limits or demand validation at every
turn. The analytics will have their say, but imagination must lead the way. That
balance, elusive as it may be, unlocks sustainable innovation as technology’s
tides continue rising.
How Generative AI Will Change The Jobs Of Teachers
As generative AI reshapes the world of education, teachers will find their
role evolving further away from being providers of knowledge and towards
becoming learning facilitators. Perhaps the most significant shift in the role
of educators will be an increased focus on nurturing skills such as critical
thinking, creativity, and emotional intelligence. These skills will be
paramount in a future where our worth is increasingly measured by our ability
to perform tasks that machines cannot do or are not as proficient in. Beyond
academic teaching, educators play a critical role in safeguarding the welfare
of their students, a responsibility that extends far beyond the confines of
traditional teaching. This involves not only protecting students from physical
harm but also supporting their emotional and mental health, ensuring a safe
and inclusive learning environment that fosters resilience and respect. The
human touch provided by teachers becomes an indispensable pillar of education,
emphasizing the irreplaceable value of empathy and understanding in nurturing
well-rounded, emotionally secure individuals. Teachers will, of course, also
have a very important role to play in making sure their students are able to
use generative AI itself.
5 ways CIOs can help gen AI achieve its lightbulb moment
Being realistic means understanding the pros and cons and sharing this
information with customers, employees, and peers in the C-suite. They’ll
also appreciate your candor. Make an authoritative warts-and-all list so
they can be clearly explained and understood. As AI advisors have pointed
out, some downsides include the black box problem, AI’s vulnerability to
misguided human arguments, hallucinations, and the list goes on. ... a
corporate use policy and associated training can help educate employees on
some risks and pitfalls of the technology, and provide rules and
recommendations to get the most out of the tech, and, therefore, the most
business value without putting the organization at risk. In developing your
policy, be sure to include all relevant stakeholders, consider how gen AI is
used today within your organization and how it may be used in the future,
and share broadly across the organization. You’ll want to make the policy a
living document and update it on a suitable cadence as needed. Having this
policy in place can help to protect against a number of risks concerning
contracts, cybersecurity, data privacy, deceptive trade practice,
discrimination, disinformation, ethics, IP, and validation.
Why companies are leaving the cloud
The cloud had no way of delivering on the hype of 2010 to 2015 that gushed
about lower costs, better agility, and better innovation. Well, two out of
three is not bad, right? The cost of the cloud is where things usually go
off the rails. The cloud is still the most convenient platform for building
and deploying new systems, such as generative AI, and it also has the latest
and greatest of pretty much everything. However, when enterprises run
workloads and data sets using traditional infrastructure patterns, such as
business applications that process and store data the same way they did when
on-premises, there is a negative cost impact to using a public cloud. In
other words, those who attempted to use the cloud as a simple host for their
workloads and took no steps to optimize those workloads for their new
location had much larger bills than expected. Moreover, they didn’t gain any
real advantage by leveraging a public cloud for those specific workloads.
The cloud is a good fit for modern applications that leverage a group of
services, such as serverless, containers, or clustering. However, that
doesn’t describe most enterprise applications.
The EU’s Artificial Intelligence Act, explained
In terms of data governance and protection, the EU Artificial Intelligence
Act aligns with existing EU data protection laws, including the General Data
Protection Regulation (GDPR), to ensure the ethical handling of personal
data in AI systems. This includes provisions for data quality, security and
privacy, ensuring that AI systems process data in a manner that respects
user privacy and data protection rights. The act also provides specific
guidelines for biometric identification, stressing the importance of
safeguarding personal privacy and security, particularly in the handling of
sensitive biometric data. Additionally, it categorizes certain AI systems as
high-risk, necessitating stringent compliance and oversight to mitigate
potential harms and risks associated with their use. The act establishes
specific criteria for identifying and regulating high-risk AI systems. These
criteria focus on AI applications that have significant implications for
individuals’ rights and safety, like those used in critical infrastructure,
employment and essential public services. The regulation mandates strict
compliance standards and certification requirements for these systems,
ensuring they meet high levels of safety, transparency and
accountability.
US creates advisory group to consider AI regulation
The consortium “will ensure America is at the front of the pack” in setting
AI safety standards while encouraging innovation, US Secretary of Commerce
Gina Raimondo said in a statement. “Together we can confront these
challenges to develop the measurements and standards we need to maintain
America’s competitive edge and develop AI responsibly.” In addition to the
announcement of the new consortium, the Biden administration this week named
Elizabeth Kelly, a former economic policy adviser to the president, as
director of the newly formed US Artificial Intelligence Safety Institute
(USAISI), an organization within NIST that will house AISIC. It’s unclear
whether the coalition’s work will lead to regulations or new laws. While
President Joe Biden issued an Oct. 30 executive order on AI safety, the
timeline for the consortium’s work is up in the air. Furthermore, if Biden
loses the presidential election later this year, momentum for AI regulations
could stall. However, Biden’s recent executive order suggests some
regulation is needed. “Harnessing AI for good and realizing its myriad
benefits requires mitigating its substantial risks,” the executive order
says.
Chinese Hackers Preparing 'Destructive Attacks,' CISA Warns
The report says that Chinese hackers have exfiltrated diagrams and
documentation related to operational technology, including SCADA systems,
relays and switchgear - data "crucial for understanding and potentially
impacting critical infrastructure systems," CISA said. Volt Typhoon actors
in some cases had the capability to access camera surveillance systems at
critical infrastructure facilities, it also said. The U.S. government and
the Five Eyes intelligence-sharing alliance first publicly disclosed the
existence of Volt Typhoon in May after cyber defenders had detected activity
in Guam and the United States. The Pacific island is just hours away from
Taiwan via airplane and is the site of two major American military bases.
Microsoft, which also divulged the existence of Volt Typhoon in May, said
the group has been active since mid-2021. ... "The information that we are
releasing with this advisory is reflecting a strategic shift in PRC
malicious cyber activity," Goldstein said. CISA has observed Chinese hacking
groups moving away from espionage campaigns toward "prepositioning for
future disruptive or destructive attacks," he added.
Quote for the day:
"All you need is ignorance and
confidence and the success is sure." -- Mark Twain
No comments:
Post a Comment