ChatGPT’s ‘hallucination’ problem hit with another privacy complaint in EU
TechCrunch: OpenAI is dealing with a new privacy complaint in the EU, filed by the privacy rights nonprofit noyb on behalf of a public figure whose birth date was incorrectly generated by ChatGPT. This issue brings OpenAI into conflict with the GDPR, which requires personal data errors to be corrected upon request. OpenAI’s refusal to amend the data due to technical limitations and its offer to only block data instead could lead to significant legal challenges under GDPR. This regulation also demands transparency about data sources and storage. Previous actions by EU data authorities, including a temporary shutdown by Italy, highlight the ongoing tension between AI capabilities and regulatory compliance. This complaint has been filed with the Austrian data protection authority, and similar issues are being investigated in Poland and Italy, suggesting a broader challenge for OpenAI in adhering to GDPR requirements across Europe.
FCC takes $200 million bite out of wireless carriers for sharing location data
CyberScoop: The FCC imposed fines totaling nearly $200 million on four major telecommunications companies for selling customer location data without consent. T-Mobile, AT&T, Verizon, and Sprint were fined $80 million, $57 million, $46 million, and $12 million respectively. This action reflects ongoing concerns in Washington about the handling of sensitive personal data by data brokers and similar entities. According to FCC Chairwoman Jessica Rosenworcel, the carriers did not adequately protect sensitive customer data, specifically real-time location information. The investigation revealed that these companies had delegated the responsibility of obtaining customer consent to third-party companies they sold data to, which the FCC found inadequate to meet federal privacy requirements. Following the FCC’s fines, all companies criticized the decision, arguing the penalties were unjustified and confirming plans to appeal. They emphasized their commitment to customer data security and noted that the implicated data-sharing programs had been discontinued years ago.
How Will AI Change Cyber Operations?
War On The Rocks: The U.S. government has a nuanced perspective on the impact of AI in cyber operations, recognizing its potential to both enhance defensive capabilities and bolster offensive strategies. Officials note that AI could advantage cyber defenders by complicating attackers’ efforts, yet the White House’s AI Executive Order also highlights concerns about AI’s role in empowering offensive cyber operations. This duality underscores the broader uncertainty surrounding AI’s role in cybersecurity, as it rapidly transforms the landscape by providing new tools and methods for both attackers and defenders. This transformation extends beyond a simple balance between offense and defense; it involves complex shifts in the types of targets that are vulnerable and the ways cyber operations are conducted. Moreover, AI’s impact on cybersecurity is a critical policy issue, with its dual-use nature—useful for both offense and defense—relying heavily on specific geopolitical and economic contexts. The U.S. government is actively exploring how best to integrate AI into its cyber strategy, emphasizing the need to adapt to AI’s capabilities and threats in a nuanced and informed manner.
A recent survey shows that 87% of surveyed organizations intend to bolster vulnerability and exposure remediation within the upcoming year. (source)
61% of security leaders agree that AI has significantly reduced their operational overhead. (source)
(source)