A new study by Ivanti illustrates that one out of three workers secretly use artificial intelligence (AI) tools in the workplace. They do so for varying reasons, including “I like a secret advantage,” “My job might be reduced/cut,” “My employer
Data Privacy + Cybersecurity Insider
Leveraging Knowledge to Manage Your Data Risks
Latest from Data Privacy + Cybersecurity Insider
The VPPA: The NBA and NFL Ask SCOTUS to Referee
By Roma Patel
On April 22, 2025, the National Football League (NFL) filed an amicus brief asking the United States Supreme Court to take on a Video Privacy Protection Act (VPPA) class action case against the National Basketball Association (NBA). In my last…
California Privacy Protection Agency Releases Updated Regulations: What’s Next?
This month, the California Privacy Protection Agency (CPPA) Board discussed updates to the California Consumer Privacy Act (CCPA) draft regulations related to cybersecurity audits, risk assessments, automatic decision-making technology (ADMT), and insurance.
The CPPA received comments on the first draft…
Todd Snyder Fined for Technical CCPA Violations
The California Consumer Privacy Protection Agency (CPPA) Board issued a stipulated final order against Todd Snyder, Inc., a clothing retailer based in New York, requiring the company to pay a $345,178 fine and update its privacy program to settle allegations that…
Ascension Notifies 430,000 Patients of Data Breach
Healthcare system Ascension has notified 437,329 patients of a data breach exposing “demographic information, such as name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers, as well as clinical information related to an inpatient…
Generative AI Training may not Qualify for the Fair Use Defense
By Daniel Lass
Last week, the Copyright Office released the third and final part of its report exploring copyright-related issues posed by artificial intelligence (AI). Unlike the first two parts, the third was released as a “pre-publication” version. It was published less than…
Privacy Tip #443 – Fake AI Tools Used to Install Noodlophile
Threat actors are leveraging the publicity around AI tools to trick users into downloading the malware known as Noodlophile through social media sites.
Researchers from Morphisec have observed threat actors, believed to originate from Vietnam, posting on Facebook groups and…
SAP NetWeaver Visual Composer Requires Urgent Patch
SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise through unauthenticated file uploads. Although SAP has issued an…
PIH Health Settles HIPAA Violations for $600,000
PIH Health, a health care entity located in California, suffered a data breach in June 2019 when 45 employee email accounts were compromised in a targeted phishing campaign. The accounts contained the protected health information (PHI) of 189,763 individuals, including…
The VPPA: An Old Law with New Streams
By Roma Patel
Enacted in 1988, the Video Privacy Protection Act (VPPA) was intended to regulate the then-booming videotape industry by limiting how video rental and sales data is disclosed. The law was enacted in direct response to the publication of a Supreme…