Synthetic Data Is Here to Stay, but How Secure Is It?
Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.
Privacy concerns how laws and norms govern personal data, shaping cybersecurity duties for collection, storage, access, and disclosure.
Search across headline titles and summaries.
Background for this topic.
Privacy is the ability of people to control how information about them is collected, used, retained, and disclosed. In technical and legal contexts, it covers identifiable data and data that can support inferences about a person, not only information made public. Privacy rules and organizational policies commonly address purpose, transparency, access, correction, retention, and sharing.
For security practitioners, privacy depends on reducing unnecessary data and restricting legitimate access: data minimization, encryption, least-privilege controls, segregation of identifiers, retention limits, and audit logs all reduce exposure. Compromised credentials, misconfigured storage, excessive telemetry, or third-party access can reveal sensitive information; pseudonymized datasets may also be re-identified when combined with other data. During an incident, teams must establish what personal data was accessed or disclosed, contain further exposure, preserve evidence, and meet applicable notification and handling requirements.
Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.
Emerging artificial intelligence and machine learning technologies being applied in the health and wellness space that are not necessarily covered by HIPAA but instead fall under a variety of tough new state privacy laws that are being enacted, said attorney Lily Li of Metaverse Law.
It's only a matter of time before cybercriminals begin to use artificial intelligence-enabled tools, open-source software and other technologies to launch attacks to exploit sensitive genetic data, said Nicholas Morris, a practice manager at security firm Optiv.
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks
The German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company's German subsidiary, €45 million ($51.4 million) for privacy and security violations. [...]
Agentic AI systems could threaten security and data privacy, unless organizations test each model and component
Zuckercorp and Yandex used localhost loophole to tie browser data to app users, say boffins Security researchers say Meta and Yandex used native Android apps to listen on localhost ports, allowing them to link web browsing data to user identities and bypass typical privacy protections.…
Web-to-App Pipeline Uses Meta Pixel and Yandex MetricaAmerican social media giant Meta and Russian counterpart Yandex each found methods to break through privacy protections enabled by Android users, say academics in newly disclosed research. A Meta spokesperson in a prepared statement said it stopped the tracking "upon becoming aware of the concerns."
Nothing terribly valuable taken in data heist, though privacy a little tarnished Global jewelry giant Cartier is writing to customers to confirm their data was exposed to cybercriminals that broke into its systems.…
Edge computing and stricter regulations may usher in a new era of AI privacy.