Filter
Exclude
Time range
-
Near
rophilogene
🟠 In regulated industries, no audit trail means HIPAA violations, GDPR fines, failed SOC 2 audits. When regulators ask "show me who accessed patient data via your AI agent on March 15th" and you can't answer, you're not just facing fines - you can lose your license to operate.
1
Tom Maiaroto retweeted
_winter_wonders
this is so profoundly wrong from like every possible angle: 1. for any code that has any security requirement: GDPR effectively requires that reasonable and accountable controls for security/privacy are embedded into delivery processes idk what the plan here is when auditors come knocking but i don't think u can point them to coderabbit summaries and go "see slopmachine said lgtm" if your app does basically anything at all of value tho, "nobody has read the code" is not a reasonable or risk-aligned SDLC process and u will get executed by German lawyers 2. for unshipped internal tooling and whatever: shadow IT is just the new IT now and internal security is dead. we have people in legal and in sales running apps that claude wrote for them locally that we don't even know exist and don't know what they do has a rogue dependency popped someone's claude.md and is now exfilling every line of prod code and all our creds to some north korean gigachad? probably. fuck if we know (PS Embroidery fixes this I think, u should buy it) 3. i cannot stress enough that this is the worst issue by miles: not knowing what your code does is chudded and lame
You should be reviewing a MUCH smaller % of your code today than you were 5 years ago. If your code is so important it needs every line verified, you better be writing a LOT of slop that verifies it too.
4
2
28
1,276
ForgetfulHatter
took 4 months of constantly bitching and moaning at tiktok to get my account deleted. but they finally did thanks... their use of ai generated bots is truely awful. I'm glad to put this to rest now. i don't like making GDPR threats and irish data protection legal threats🙄
Replying to @ForgetfulHatter
just to explain real quick. the login tiktok accounts through x/instagram was deleted. meaning people like myself who used that to login was removed. my account sits with no login or email or phone number and for 3 months I've been asking tiktok to delete my account.
38
young_prof_
This should be illegal af. Also these device identifiers have been around well over 10 years and are part of why Microsoft has NEVER been GDPR compliant. Ever. gdpr-info.eu
⚠️ UPDATE: New Court Files Reveal How Microsoft Helped the FBI Identify Peter Stokes "Bouquet" (Scattered Spider Member) The court files reveal that Microsoft helped the FBI track Peter Stokes down using GDID — a Global Device Identifier, which is assigned to every Windows installation and cannot be changed unless the OS is wiped. The GDID helped them track: • IP history • Full web activity • Video game activity and games played • Logged-in social accounts, including Snapchat, Facebook, and Apple According to the court documents, the critical mistake was using a VPN to create the ngrok account used in the May 2025 Tiffany & Co. hack from the same Windows device associated with his GDID. Although the account was created from a VPN IP address ending in .168, Microsoft records show that the same GDID (6755467234350028) accessed the ngrok signup page at the exact time the account was created, linking the hack to his personal social accounts.
8
TruthTalkingMav
She's fully GDPR compliant.
6
FDGO1984
Replying to @compliantvc
The article of the New York Post is a clear violation of GDPR and personal data protection. The EU Commission must force Belgium to concede the match against the US 0:5 as compensation.
17
richarddigard
You have a story there and @drandy_sloan has another to add to the list - are any GDPR benefits outweighed by the costs of implementation and is the legislation having its claimed/desired effects?
4
Ten_24
Replying to @Q8fzdvOHIep69NB
No I'm afraid not. Our dataset is highly controlled and curated with full informed consent with paid participation and based on modern day understanding of AI and ML. We can't accept anything that's older than a few years or doesn't meet our GDPR and data protections guidelines.
11
NataData_
sometimes you just gotta pay the gdpr infringement fine and move on
8
SafeAI4business
AUPs aren't optional. EU AI Act, GDPR, clients demand controls. Your 2026 AUP must include: approved tools, banned inputs, human review, incident reporting, training ack, vendor approval, review schedule. Save & share. #AIPolicy #AICompliance
2
Lucky™ Luca retweeted
getmuvy
🚨 Warning We've noticed that some users are selecting the TV Time GDPR ZIP during the import process. Please don't use it. The GDPR export is incomplete and may result in import errors or missing data. It doesn't include everything, such as: • Favorites • Movies • Some watch history and other metadata Instead, please export your data using one of these Chrome extensions for the best import experience muvyapp.com/import
4
13
179
16,756
mxnay_
Replying to @eurofounder
How about being GDPR compliant with the Arabic homework huh? You bigot
10
quactuary
Replying to @compliantvc
How would you know this? Are you relaying data you don’t have permission to hear. Can someone say, “GDPR violation”?
26
NPA1921
Does your pharmacy have a Data Protection Officer (DPO)? Each pharmacy needs to have a DPO appointed and their contact details shared with the ICO. The law requires the DPO to have expert knowledge of data protection law and practice, and an understanding of the pharmacy sector and the handling of health data. Any qualifications, training or experience should be proportionate to the nature, complexity and sensitivity of the personal data being processed. The ICO does not mandate specific DPO qualifications or to complete a particular training. We can help clarify the requirements for community pharmacies and provide practical, proportionate, and sustainable advice based on your individual circumstances. 👉 Read our guidance: portal.npa.co.uk/npaportal/s… #GDPR #PharmacyUpdates #NPA
27
outralontra
Replying to @EpisodTeam
é exatamente o arquivo zip do tv time gdpr, por que não está lendo?
1
27
compliantvc
Replying to @RobertMSterling
Sadly their private personal data isn't safe in America. Wish they could move to somewhere with GDPR.
1
4
180
InternetErasure
Remove Personal Information from Google Personal information can remain visible in Google search results for many years, even when it is outdated, inaccurate, or no longer relevant. The Right to be Forgotten under UK GDPR allows private individuals to request that search engines stop displaying newspaper articles and other personal information about them. Each request is considered individually, considering personal privacy rights against the wider public interest (the public's right to know or need to know something about you). Removing harmful or unwanted articles and images from Google can restore privacy and reputation, and help you to rebuild your life after difficult circumstances. interneterasure.co.uk/about-…
4
k66rky_official
@DandG_Support absolute disgraceful service from so called senior complaints handler Sally-Ann. Her attitude and manner in which she spoke to me is unacceptable and continues with the misinformation. Clearly tried to cover D&G's mistakes and potential GDPR breach.
5