All news with #data governance tag

🛈 OpenAI is rolling out a full-screen onboarding experience for ads in ChatGPT on Android, assuring users that sponsored content will be clearly labeled and separated from model answers. The company says ads will not change responses and that it will not sell personal data to advertisers, though current chats may influence which sponsored message appears. Users can hide or report ads, ask ChatGPT about an ad, and manage ad-related data via a new Ads controls setting; paid tiers are exempt.

🔍 Conversational Analytics in BigQuery (preview) brings an AI-powered reasoning agent into BigQuery Studio, enabling users to query, visualize, and forecast directly with natural language. The agent generates and executes SQL grounded in your schema, metadata, and verified queries, and it exposes the SQL and reasoning behind each answer to build trust. Security, governance, and audit logging are enforced by BigQuery’s compliance controls, and the feature also supports unstructured data and API integration for custom agents.

🔒 Gartner warns that the surge of AI-generated data threatens the reliability of large language models and predicts that 50% of organizations will adopt a zero-trust stance for data governance by 2028. A 2026 survey found 84% of CIOs expect increased generative AI funding, accelerating AI-produced outputs and raising the risk of model crash. Gartner advises authentication, verification, and proactive metadata tagging to identify AI-generated data and meet evolving regulatory demands.

🚀 AWS Glue is now available in the Asia Pacific (New Zealand) Region, enabling customers to build and run ETL workloads closer to their data sources. The AWS Glue serverless data integration service offers both visual and code-based interfaces to discover, prepare, and combine data for analytics, machine learning, and application development. This regional launch reduces latency, eases data residency compliance, and accelerates time-to-insight for New Zealand workloads.

🔒Gartner warns that the growing prevalence of AI-generated content could cause future LLMs to be trained on outputs from previous models, increasing risks of model degradation, hallucinations and bias. The analyst predicts up to half of organizations may adopt zero trust data governance amid rising regulatory scrutiny. Firms are urged to appoint AI governance leaders, strengthen metadata management and deploy authentication and verification controls to safeguard decision-making and financial outcomes.

🔒 This post outlines a practical technical approach to implementing data governance on AWS, focusing on monitoring, preventive controls, automated remediation, and advanced features such as data sovereignty and lifecycle management. It recommends an event-driven model using CloudTrail, EventBridge, Lambda, and AWS Config to validate and enforce tagging and security controls. The guidance covers organization-wide tag policies, ABAC with IAM conditions, multi-account strategies, and integration with on-premises governance via Service Catalog and compliant CloudFormation products.

🔒 This post outlines an automation-first approach to implementing data governance on AWS, aimed at teams starting new or improving existing frameworks. Part 1 focuses on strategy, a practical data classification framework, and tag governance as foundational elements. It details prerequisites (Organizations, CloudTrail, Config, IAM), organizational roles, KPIs, and recommended mandatory and optional tags to enable automated controls and continuous monitoring.

🔒Most people underestimate how much personal data is publicly available online. Exposed details — names, past addresses, phone numbers, family ties, and old usernames — make individuals easy targets for doxxing, scams, and stalking. The article advises removing data from people-search sites and directories, either manually or by using a data removal service such as Incogni, which automates searches and sends deletion requests. An Unlimited plan lets you submit custom removal links for broader coverage.

📉 ISACA's State of Privacy 2026 report reveals privacy teams are shrinking and underfunded despite mounting regulatory and technological pressures. The median privacy staff size fell to five from eight year-over-year, and technical privacy roles are notably understaffed while demand for those skills rises. Respondents report increased stress—35% say their role is 'significantly more stressful' and 30% 'slightly more stressful'—attributed to rapid tech evolution, compliance complexity and resource shortages. To close skill gaps, organizations are training interested non-privacy staff and increasing reliance on contractors, consultants and planned AI tools for privacy tasks.

⚖️California privacy regulators have taken enforcement action under the Delete Act, penalizing a marketing firm and a global analytics provider for trading in sensitive consumer profiles without proper registration. The agency fined Rickenbacher Data LLC (operating as Datamasters) $45,000 and ordered it to stop selling and delete California data. Separately, S&P Global was fined $62,600 for failing to register as a data broker. Officials highlighted risks from lists linked to medical conditions, race, age, political views and spending.

🛑 The California Privacy Protection Agency ordered Rickenbacher Data LLC, operating as Datamasters, to stop selling Californians' health and personal information and fined the firm $45,000 for failing to register as a data broker under the California Delete Act. Regulators found Datamasters bought and resold hundreds of millions of records—names, emails, addresses and phone numbers—targeting people by medical conditions, age, perceived race, political views and purchases. The agency ordered deletion of previously acquired California records by the end of December, requires any newly received Californian data to be purged within 24 hours, and imposed five years of compliance measures; CalPrivacy also fined S&P Global $62,600 for an administrative registration lapse.

🔒 The Illinois Department of Human Services (IDHS) said that misconfigured privacy settings on a public mapping website exposed personal and health-related information for nearly 700,000 residents. Maps intended for internal resource planning were publicly accessible for years, revealing addresses, case numbers, demographics, and plan names for many Medicaid and Medicare Savings Program recipients, and additional identifying details for some rehabilitation services customers. IDHS restricted access, reviewed exposed maps, blocked future uploads of identifiable customer data to public mapping platforms, and has notified affected individuals and regulators.

🩺 OpenAI announced ChatGPT Health, a sandboxed space that lets users discuss health topics and optionally connect medical records and popular wellness apps (Apple Health, Function, MyFitnessPal, Weight Watchers, AllTrails, Instacart, Peloton) for tailored responses, lab-test insights, nutrition advice, meal ideas and suggested workouts. The feature is rolling out to Free, Go, Plus and Pro users outside the EEA, Switzerland and the U.K., and OpenAI says it is designed to support medical care, not replace diagnosis or treatment. Health operates in a silo with purpose-built encryption and isolation; conversations are not used to train OpenAI's foundation models, and connected apps require explicit permission and additional security review.

🔒 OpenAI has introduced ChatGPT Health, a private space for health conversations, and says by default it will not use your health information to train its foundation models. An in-dashboard alert observed during early-access testing states health data is subject to a Health Privacy Notice and recommends enabling multi-factor authentication. OpenAI cautions that ChatGPT is not a substitute for professional medical advice and notes the feature is rolling out to most users but is not yet available in the EEA, Switzerland, or the UK.

🔎 The New York City Wegmans is reportedly collecting biometric information about customers through in-store cameras and analytics systems. Bruce Schneier highlights that this appears to amount to facial recognition or at least biometric profiling without clear customer notice or consent. The piece raises concerns about transparency, retention policies, and potential misuse of sensitive data. It calls attention to gaps in oversight and urges better disclosure and regulation.

🔒 Even well-defended environments can be undermined by 'shadow spreadsheets'—ad hoc Sheets or Excel files users share because official tools don't meet every need. These files proliferate, evade DLP and audit visibility, and create an unmanageable attack surface. Training or heavy-handed lockdowns often fail, while custom apps are costly and slow. The piece recommends Grist, a self-hostable, spreadsheet-like platform built on a relational back end with RBAC and audit logging to restore a single source of truth.

🔒 VMO2, with Google Cloud, implemented data contracts as machine-readable agreements to guarantee dataset quality, schema, semantics, and SLOs for individual assets like BigQuery tables and Cloud Storage buckets. Defined in YAML and managed via GitLab, contracts are validated and operationalized by Dataplex Universal Catalog, which provisions Data Quality Scan jobs and profiling. The platform uses Cloud Composer, Pub/Sub, and BigQuery to orchestrate scans, surface results, and provide dashboards for real-time observability.

🗺️ Spatial Data Management on AWS (SDMA) centralizes multimodal spatial assets — 3D, geospatial, behavioral, and temporal data — into a secure, highly available cloud repository. It automates metadata extraction for formats such as .LAZ, .E57, .GLB, and .GLTF, provides REST APIs and customizable connectors, and offers web and desktop interfaces with auto-generated previews to accelerate validation without large downloads. SDMA is designed to simplify integrations, governance, and discoverability to speed operational insights across AWS regions.

🔍 Amazon Connect Customer Profiles now offers Beta segmentation powered by Spark SQL, enabling analysts to build sophisticated customer segments from both custom and standard profile objects. You can join objects, apply statistical functions such as percentiles, and standardize date fields for complex temporal analysis, or use the Segment AI assistant to translate natural language into Spark SQL. AI-generated queries include plain-language explanations and automatic membership estimates so you can review and validate results before deployment. These capabilities work alongside existing segmentation features and integrate with segment membership calls, Flow blocks, and Outbound Campaigns, and are available in all AWS regions where Customer Profiles is offered.

🔍 Google Cloud has introduced data products in Dataplex Universal Catalog (preview), packaging curated data assets, documentation, and governance controls into purpose-built units aligned to business use cases. These data products let producers declare quality, freshness, ownership, and contractual guarantees while grouping assets to simplify access and reduce operational toil. Consumers can discover, request access, and rely on documented lineage and context to accelerate analytics. Google also positions data products as foundational inputs to more reliable AI and agent-driven workflows.