"The Los Angeles County Sheriff’s Dept has introduced a new interactive dashboard regarding the Racial and Identity Profiling Act, or RIPA. According to LASD, RIPA, also known as AB 953, requires all California law enforcement agencies to collect information on all detentions and searches and enter them in a database that allows the public to filter data by race, date, station area and type of stop."
Was BrightStar Care attacked by two different groups — or was there only one breach?
It would help if BrightStar Care responded to inquiries. They didn't, but I'm confident they would like us all to know that they take privacy and security very seriously, right?
Initiative #2 - 'Increasing transparency: sharing the outcome of complaints received' #Transparency is key to build trust in data protection. To mark the EDPS’ 20 Anniversary, we are reforming the way we share information on how we handle and resolve complaints. Our aim? To demystify the process, share success stories and lessons learned.
Read more: https://europa.eu/!3NC4QT #20Initiatives#EDPSXX
OK, it is about England, but we should pay attention in Scotland. Outside interests are working hard to undermine political and cultural ‘targets' in Scotland. And it has been working 🤬🤢
#AI#OpenAI#NonProfits#Transparency: "“It is not common for organizations to make their governing documents or internal policies public,” says Rick Cohen, chief operating and communications officer for National Council of Nonprofits, an advocacy group.
Yet for seven consecutive years, from its founding through 2022, OpenAI stated in its annual IRS filings that it made those submissions as well as other files available “upon request.” It’s unclear if anyone ever took OpenAI up on the invitation in the years through 2022—OpenAI won’t say.
Last month, after two days of waiting on OpenAI communications staff to fulfill an emailed request for its governing documents, conflict rules, and financial statements, WIRED rang the doorbell outside OpenAI’s San Francisco headquarters on December 14 asking to see all those documents. A receptionist said over an intercom that wouldn’t be possible, hung up, and didn’t reengage. OpenAI’s IRS filing for 2023 that would reflect it has changed its previous policy isn’t due until later this year."
In the process of researching breach reports submitted to HHS, DataBreaches came across a public notice for an incident affecting Primary Health & Wellness Center, LLC in Maryland. Kudos to them for the details and transparency in their notice, although I wish they had named the group or whoever signed any ransom demand.
DataBreaches.net has not found this incident claimed by any ransomware group as yet. The incident was reported to HHS on December 17 as affecting 4,792 patients.
Because these posts scroll away, I have posted something on DataBreaches.net about the discrepancies between what Raptor Technologies has told school districts and WIRED and what we know about the incident -- and what we don't know yet:
« #Trump is telling #Americans very clearly that he will be jailing and killing Americans. Anyone who votes for him is #complicit with these future #crimes because of this #transparency & these threats. Americans cannot say they did not know ahead of time »
More organizations providing data should learn from #Mastodon. You don't need an API key for public endpoints if you are using rate-limiting.
I'm looking at EU's Transparency Platform RESTful API and it requires me to send email to get API keys, it shouldn't be necessary, if the content is public, make it publicly available!
Interested in #contentmoderation? The EU is inviting researchers to develop tools to make use of #platform#transparency data under the #DSA: https://hackathon.peren.fr/ (can't link directly to the English version for some reason, switch to English in top right corner in desktop view)
Here’s a great way to destroy any trust your patients might have in you. Madeleine Damo reports:
"Staff at a western Sydney radiologist – recently hit with a cyber attack – were told to tell concerned patients the breach was “an operational IT issue”, while also fielding harassing phone calls from hackers themselves."
In other words: don’t tell patients that there was a ransomware attack in which their data was encrypted and their personal and protected health information acquired by the criminals?
This is yet another example of why we need firm laws requiring more honest and full disclosures and prohibiting deception or minimization in disclosures.
Fred Hutchinson Cancer Center failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
The US #Supremecourt has declined #Twitter's legal challenge to publicly disclose national security subpoenas. 👨⚖️
At Tuta, we pride ourselves on #privacy and #transparency. Our warrant #canary is live and regularly updated. This is one reason among many that keeping your data securely #encrypted within the EU has major privacy advantages over the US. 📣
I debated posting this pic. I decided not to. I decided to. I opened up my photo editing app to make my hips look slimmer, my stomach less plump, and my forehead less wrinkled. I got disgusted with myself, closed the photo editor, and decided not to post the pic.
Then, I thought, "Fuck it."
So here we are. The pic that has only been edited to darken the corners of the image and brighten the whites of my eyes. Shape-wise and size-wise, this is me.
...I'm seeing hints of a Courtney who went to ground decades ago. I'm trying to be patient with her and not scare her off as she creeps cautiously out of hiding.
In the meantime, there's a whisper of her in that pic up there. Maybe you see her, too.
"I think we’re seeing glimpses of interest because some members in the GOP are tired of the way a few big money donors play politics. But that doesn’t mean they actually have the courage to take the issue on."
If the purpose of a substitute notice under #HIPAA is to reach people the covered entity may not have sufficient or current contact information for, then burying the notice on the very bottom of the homepage and calling it a “privacy update” as if it is an update to the privacy policy is misleading at best.
Yesterday, I reported on a data breach disclosure by HMG Healthcare. You can read more here:
📢 Happy New Year, happy my birthday, and happy time for another #TekSavvyquarterly transparency report.
TekSavvy is the only ISP in #Canada (AFAIK) to publish a quarterly Transparency Report documenting the requests we got from law enforcement agencies, how we handled them, and what we disclosed to them.
Today, we’re reporting on Q2 of 2023, and I’m summarizing that report here. 🧵👇🏼