The AI, Privacy and Security Agency

Author: admin

  • ISO-27001 (2013) Vs PCI 3-2-1

    This table provides a loose mapping for those interested in the inter-play between ISO-27001 Controls and PCI 3-2-1. Clearly the scope of controls for 27K (2013) greatly exceeds PCI and as such offers an excellent framework within which to deliver PCI compliance Control # Control DSS Req. # Coverage   A.10.1.1 Policy on the use…

  • EU AI Act: Landmark AI Legislation Agreed

    Executive Summary After a marathon discussion, the EU have finalised the terms of their EU AI Act; the world’s first legislation regulating AI development and deployment. An agreement on the terms of the EU AI Act was delayed because of issues with the original draft including the: Outcome To mitigate issues that delayed agreement, EU…

  • The AI Privacy and Information Security Agency Bulletin: November 2023

    Author Niamh Libonatti-Roche Date 07/12/23 Bulletin Hi,   It’s been a big month for AI, Privacy and Information Security – with so many important moments it felt like the perfect opportunity to start writing a bulletin, for specialists and non-specialists alike, to summarise the news of the month. Each month’s issue will include headline news…

  • Data Protection and Digital Information Bill

    Author Niamh Libonatti-Roche Date 1st December 2023 Executive Summary While the DPA 2018 retains the GDPR in UK law, the Data Protection and Digital Information Bill (DPDI), due to be introduced in Spring 2024, will introduce radical changes to the privacy and data protection regime in the UK. Despite this, it will keep: This Briefing…

  • Report Stage Summary DPDI Bill

    Author Niamh Libonatti-Roche Date 1st December 2023 Executive Summary On November 29th, 2023, Government sat to discuss the 240 proposed amendments to the Data Protection and Digital Information Bill. The sheer number of amendments have led the bill to be described as having “more baubles on it than the proverbial Christmas tree”. While many of…

  • Attacks & Acronyms – Puzzle #3

    Havve a little bit of fun on us for, or a distractions from, your commute or someone telling you all about privacy. If you’re interested in what any of these terms mean (or are really bored) then have a look at our glossary below Want to know more read our Glossary below or get in…

  • US Executive Order on Artificial Intelligence

    Author Niamh Libonatti-Roche Date 28th November 2023 Key Takeaways: US Executive Order on AI Executive Summary During the Bletchley Conference on Artificial Intelligence, Vice President Kamala Harris announced the US strategy to AI. The key business takeaways from the Executive Order fall under the headings of: This bulletin explains what the Executive Order proposes under…

  • Artificial Intelligence Regulation Bill (UK)

    Author Niamh Libonatti-Roche Date 28th November 2023 AIPrivSec Briefing Note Executive Summary Mere weeks after the Bletchley Summit, at which the UK announced it has no immediate plan to introduce legislation that regulates the development, deployment, and use of AI; The Artificial Intelligence [Regulation] Bill has begun the legislative approval which has started in the…

  • The Privacy Puzzle #2

    Havve a little bit of fun on us for, or a distractions from, your commute or someone telling you all about privacy. If you’re interested in what any of these terms mean (or are really bored) then have a look at our glossary below Want to know more read our Glossary below or get in…

  • Privacy Versus Infosec

    Briefing Note: GDPR-ISO-27001-PCI The table below maps GDPR Security requirements against ISO-27001. The infosec aspect of GDPR Art.32 fully satisfied where certification is obtained (GDPR Art.42). As shown in the table below, achieving ISO-27001 certification, leads to a comprehensive level of information security protection that covers all the areas required by GDPR (Art.32). The table…