3 Interesting Articles

Data Privacy Rights Expand as Colorado, Connecticut Laws Go Live
Bloomberg: On July 1, new consumer data privacy laws in Colorado and Connecticut will go into effect, joining similar regulations in California and Virginia. These laws aim to give consumers more control over how companies collect and use their data, including the ability to limit the use of personal information or request its deletion. Both laws apply to entities doing business in these states if they meet certain data sale or processing thresholds, with Colorado’s law uniquely covering nonprofit organizations. Colorado introduces new aspects like regulations for loyalty programs and data protection impact assessments, while Connecticut may soon extend protections to health data and data of minors. Importantly, both laws provide a temporary period until the end of 2024 for companies to correct violations before facing penalties

US State Privacy Legislation Tracker
IAPP: Given the developments in privacy regulations this year, this is an invaluable resource if you’re curious about what’s going on on a state by state basis. The US State Privacy Legislation Tracker by IAPP offers a comprehensive survey of privacy laws across the U.S., updated regularly to reflect new developments. It provides a detailed chart of key provisions, links to enacted laws, and a geographically-oriented map. The resource simplifies complex legal jargon into consumer rights and business obligations, making it an essential tool for staying informed about the ever-evolving privacy law landscape

Security Implications of ChatGPT
Cloud Security Alliance: While this white paper is a few months old, it’s still worth a read. The white paper aims to offer a comprehensive overview of the current state and potential future impacts of ChatGPT on the cybersecurity industry, despite the unpredictable evolution of AI technologies. The paper acknowledges the potential of AI tools like ChatGPT in enhancing productivity and innovating practices in fields like vulnerability identification and software development. However, it also highlights the challenges in discerning ethical from malicious use of these technologies, such as differentiating between legitimate and phishing emails or using AI for identifying vulnerabilities for patching rather than hacking.

2 Stats You Should Know

A typical large language model has at least 1 billion or more parameters. GPT-4 has a trillion. (source)

Entities or individuals that violate the CTDPA may face civil penalties up to $5,000 per violation. For the Colorado Consumer Protection Act, fines per violation can range from $2,000 to $20,000.

1 More Thing

Our founder and CEO, Jordan MacAvoy, will be speaking on a panel about privacy at the Enterprise Leadership Network’s next conference, July 10-11 at the Monterey Plaza Hotel & Spa in Monterey, CA. The event will be full of engaging and relevant topics and attended by ambitious, high-performing leaders in the security space. If you’re interested in learning more, please visit ELN’s website or email events@enterprisemindset.com for more information.