News Posts matching #GDPR

Return to Keyword Browsing

Microsoft Office Tools Reportedly Collect Data for AI Training, Requiring Manual Opt-Out

Microsoft's Office suite is the staple in productivity tools, with millions of users entering sensitive personal and company data into Excel and Word. According to @nixCraft, an author from Cyberciti.biz, Microsoft left its "Connected Experiences" feature enabled by default, reportedly using user-generated content to train the company's AI models. This feature is enabled by default, meaning data from Word and Excel files may be used in AI development unless users manually opt-out. As a default option, this setting raises security concerns, especially from businesses and government workers relying on Microsoft Office for proprietary work. The feature allows documents such as articles, government data, and other confidential files to be included in AI training, creating ethical and legal challenges regarding consent and intellectual property.

Disabling the feature requires going to: File > Options > Trust Center > Trust Center Settings > Privacy Options > Privacy Settings > Optional Connected Experiences, and unchecking the box. Even with an unnecessary long opt-out steps, the European Union's GPDR agreement, which Microsoft complies with, requires all settings to be opt-in rather than opt-out by default. This directly contradicts EU GDPR laws, which could prompt an investigation from the EU. Microsoft has yet to confirm whether user content is actively being used to train its AI models. However, its Services Agreement includes a clause granting the company a "worldwide and royalty-free intellectual property license" to use user-generated content for purposes such as improving Microsoft products. The controversy raised from this is not new, especially where more companies leverage user data for AI development, often without explicit consent.

Sony Reverses Decision of Mandatory PSN Account for Helldivers 2 After Negative Feedback

On Friday, Sony announced that Helldivers 2, a 3rd person squad-based shooter from Arrowhead, will require a PlayStation Network (PSN) account for gamers to link, in addition to their Steam accounts. However, that caused quite a stir in the gaming community, especially in the form of negative reviews on Steam. Since the May 2 announcement of mandatory PSN account linking, the game received more than 200,000 negative reviews from gamers. Not only is the PSN account another layer of log-in details, but it also doesn't work in 177 countries, effectively preventing gamers from those 177 countries from purchasing and enjoying the game. Arrowhead Studios CEO and Helldivers 2 Creative Director Johan Pilestedt noted that over the weekend, there were talks with Sony about reversing the decision.

Today, we have the information that Sony has reviewed its course and that the update requiring a PSN account, planned for May 6, will not be moving forward. This means that the game is PSN-free, and gamers are able to enjoy it on their Steam accounts. It has also been reported on Reddit that some users received refunds from Steam, even when their purchase was over two months old, and they had played 120+ hours of the game. As per the GDPR, terms that are changed after the agreement is made require action from the seller. This has resulted in Steam stepping up for gamers and issuing a refund for Helldivers 2, as PSN account linking was optional upon release. Gamers have shown their collective power, and Sony has managed to reverse its decision so that no further harm is done.

TP-Link Said to be Sharing all Router Traffic with Third Party

These days, routers are quite complex devices that are doing much more than just routing data and are often the main security device on a home network. As such, we've seen a surge in third party services such as Asus' AIProtection that runs software from Trend Micro and Netgear Armor in cooperation with Bitdefender. Chinese TP-Link is likewise offering similar services, some in partnership with Trend Micro and some with Avira. It now appears that TP-Link's HomeCare service—that the company is offering in partnership with Avira—is sending data to Avira even when disabled in the UI, based on a thread over at Reddit.

The standard Avira features are meant to offer protection against malicious content, network intrusions and even against infected devices on the network that are said to be quarantined from other devices on the network. It also incorporates some basic parental control features, such as automatic content filtering and time controls. However, in this case, the issue isn't the functionality itself, but the fact that there apparently is no way to turn off the HomeCare feature, since even when seemingly disabled in the UI of the affected routers, it sends data to Avira. It seems to be a fairly large amount of data being sent as well, with the initial poster claiming over 80,000 requests in a 24 hour period. According to a review of a TP-Link product over on XDA-Developers from May last year, TP-Link said that they were working on a firmware update that would allow the Avira service to be turned off permanently.

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

Kingston Digital, Inc., the flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry's leading electronic information magazine: Data Loss Prevention Market Leader; Encryption Market Leader; Wireless, Mobile, or Portable Device Security—Most Innovative.

Kingston is the market leader in encrypted USB drives featuring solutions that range from FIPS 197-certified encryption, all the way to the toughest FIPS 140-2 Level 3 IronKey S1000, that is armed with an on-device cryptochip to protect the most sensitive data. Kingston's encrypted drives are an important tool for the government and military, as well as organizations that adhere to strict regulations, including FIPS, HIPAA, Sarbanes-Oxley, GDPR and CCPA.

GCP, AWS Projected to Become Main Drivers of Global Server Demand with 25-30% YoY Increase in Server Procurement, Says TrendForce

Thanks to their flexible pricing schemes and diverse service offerings, CSPs have been a direct, major driver of enterprise demand for cloud services, according to TrendForce's latest investigations. As such, the rise of CSPs have in turn brought about a gradual shift in the prevailing business model of server supply chains from sales of traditional branded servers (that is, server OEMs) to ODM Direct sales instead. Incidentally, the global public cloud market operates as an oligopoly dominated by North American companies including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP), which collectively possess an above-50% share in this market. More specifically, GCP and AWS are the most aggressive in their data center build-outs. Each of these two companies is expected to increase its server procurement by 25-30% YoY this year, followed closely by Azure.

Apricorn's Aegis Secure Key 3NX USB 3.2 Flash Key Receives FIPS 140-2 Level 3 Validation

Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB data storage devices, today announced that FIPS 140-2 level 3 validation has been awarded to the Aegis Secure Key 3NX by the National Institute of Standards and Technology. This level of certification serves to authorize a device's use in industries and institutions -- healthcare, finance, defense, and legal; both nationally and globally -- in compliance with stringent data security regulations such as HIPAA, FERPA, Gramm-Leach-Bliley Act, and GDPR.

Originally released in late 2018, the Aegis Secure Key 3NX employs the latest Apricorn Secure Key encryption chipset while delivering cooler operating temperatures and a wider range of storage capacities than its predecessor, the Secure Key 3z.

QNAP Announces Strategic Partnership with ownCloud GmbH

QNAP Systems, Inc., a leading computing, networking and storage solution innovator, and ownCloud, a leading open-source Content Collaboration Solution provider, today announced they have entered a global strategic partnership, combining QNAP's Network-attached Storage (NAS) with ownCloud's Enterprise Content Collaboration Software.

This long-term partnership focuses on providing ownCloud's Content Collaboration Solution for file sync and share, on all QNAP's NAS from QTS v4.4 onwards. In the coming months, the fully certified ownCloud Content Collaboration Solution will be available for easy installation from the QTS App Center. The installation packages are updated with every new release and continuously maintained in the interim period. Users can choose between the free Community Edition and the paid Enterprise Edition which includes premium features and professional support. Enterprise subscriptions will be available from the QNAP Software Store and upgrading from the Community to the Enterprise Edition will be straightforward and require no reinstallation.

Kingston Adds 128GB Capacities to Encrypted USB Flash Drives

Kingston Digital, the flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, today announced the addition of 128 GB capacity options to three of its encrypted USB flash drives. The drives are part of a full line of encrypted solutions to suit customer needs of all levels.

Consumers and organisations have become more aware of data privacy and protection needs due to regulations such as GDPR and CCPA. Additional data security options have become a necessity as work-from-home increases. The simple inclusion of encrypted USB flash drives into a daily workflow is a simple step to ensuring data is safe. Whether it's personal, company or client information, finding the right encrypted drive can make all the difference between peace of mind and the worry of loss of data.

Blizzard's Account Deletion Mechanism Conveniently Breaks Down

In the wake of the Blitzchung ban controversy, clamors for "#BoycottBlizzard" are growing in gaming boards and social networks, with some angry gamers even deleting their Blizzard Battle.net accounts. Under GDPR, any EU consumer is entitled to delete their accounts with an online service, and have their data scrubbed. On Wednesday evening, however, users found themselves being unable to do so. The user authentication system (which authenticates that a request to delete the account is legitimate), has conveniently broken down, preventing people from deleting their accounts. Some see this as a deliberate attempt by Blizzard to cauterize its userbase while the controversy dies down. Blizzard's customer support for the Americas tweeted that this is "an issue" with the account deletion mechanism and that Blizzard's engineers are "looking into it," with no ETA mentioned.

Microsoft Advocates for Tighter Governmental Regulation of the Tech Sector With "Strong Enforcement Provisions"

Microsoft's Corporate Vice President and Deputy General Counsel Julie Brill in a blog post this Monday shared her - and Microsoft's - thoughts on regulation and its relationship to the tech sector. Julie Brill commented on the GDPR implementation originating in Europe, and how that could and should serve as a de facto standard of regulation that forces companies to steer away from the self-accountability on which they have remained for so long - and on which, paraphrasing Apple's own Tim Cook, "There are now too many examples where the no rails have resulted in great damage to society."

Microsoft feels that if left to self-regulation, companies won't do as mucha s they could in the pursuit of privacy and their consumers' rights as they would with a strong enforcement regime being planned and implemented at the governmental level. Of course, I think most of us agree with this at a fundamental level. However, there should also exist some defensive measures around the design and implementation of such governmental measures, such as, for one, no interference from corporations in the regulatory process. These should only serve as consultants, to prevent any ideas of bending the regulations in their behalf, and a pervasive strategy that accounts for both small businesses and huge corporation should also be key. We should remember that while the likes of Microsoft Apple, for example, should have relative ease in updating their practices and implementing regulation-required systems, other, smaller players could either live or die in their capability to quickly adapt to the new requirements. Snuffing out competition to the big companies by enforcing heavy penalties might not be the best road. What do you think? More regulation or self-regulation?

Kingston Releases Managed Model of IronKey D300 Serialized Encrypted USB

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, announced today the Managed model of IronKey D300 Serialized (D300SM) encrypted USB Flash drive is now available. A fully-encrypted managed USB drive is an essential component in following industry standards and the strong data encryption of the D300 series is what makes this drive compliant for data storage under GDPR and the NY financial regulations.

IronKey D300SM requires IronKey EMS or SafeConsole by DataLocker allowing central management of drive access and usage across thousands of drives. Either cloud-based or on-premises, it enforces drive-specific policies, such as password strength and retry limits, lets administrators remotely disable lost or stolen drives, reset passwords when forgotten and more. This is the first IronKey drive that is supported on SafeConsole, allowing it to be used by customers who already have SafeConsole installed.

Kingston Partners with Ontrack for Advanced Data Erasure Solutions

Kingston Technology Company, Inc., a world leader in memory products and technology solutions, is now partnering with Ontrack, a leading provider of data recovery and erasure services. Kingston customers will now be able to use Ontrack's data erasure services at advantageous rates. Ontrack offers an award-winning software-suite and provides technology services to help legal, corporate and government customers as well as consumers to remove data efficiently and cost-effectively. Through this powerful alliance between two security vendors, Ontrack supports Kingston customers in solving complex data GDPR challenges through cutting-edge erasure solutions.

The lack of secure deletion, be it through human or technical error or faulty erasure procedures, can lead to drastic impacts on businesses and organisations. This is felt now more than ever before with the stringent requirements of data protection demanded by the recently enforced GDPR. Permanently deleting data takes time and resources, and data that is not completely expunged is vulnerable to exposure. To increase the security of anyone's data, a secure, verified data destruction process is required.

Cambridge Analytica Files for Bankruptcy, or The Permanency of the Status-Quo

So, here's the thing: everyone that has some sort of window to the world around them has been made aware of the Facebook data scandal that's connected to Cambridge Analytica. Rivers of ink have already poured from journalists' metaphorical fountain pens. However, let's be honest: what real impact has this had on peoples' minds and overall level of comfort with debatable practices and data maintenance or access? What real impact is this having in the grand scheme of things, period?

Facebook exited its 1Q 2018 with record-setting numbers, for one. It just goes to show the entrenched fortress that Facebook has become, the efficiency of its advertising machine, the gargantuan state of dependency and the strength of network effects, of traction, as she put it - everyone (well, not this editor) has one, and thus no-one wants to be left out. Even things as simple as how easy it is to login and register for different services by connecting a Facebook account leads people to stay - and thus the status quo is maintained. The $11.97 billion in revenue with $1.69 EPS that Facebook achieved in its Q1 report, alongside the increase in 48M daily active users should give everyone pause. Is this becoming a case of being too big to fail? What would be required for such a scenario to manifest itself? What sort of betrayal of customers' trust?
Return to Keyword Browsing
Dec 22nd, 2024 00:23 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts