Publication
“AI and sustainability - cure or curse?”
While AI can help resolve data issues in sustainable investing, it can create problems such as information breaches and inherent bias in data.
Global | Publication | September 2015
As the line between work and home is becoming increasingly blurred, the federal, British Columbia and Alberta privacy commissioners recently issued joint guidelines to help organizations: (i) reduce the risks of privacy breaches with respect to employers’ data accessed from employee-owned devices (EODs); and (ii) secure employees’ right to privacy regarding any personal information stored on EODs.
These guidelines apply to all types of EODs – that is, all desktops and mobile devices, such as smartphones, tablets and laptops – used to access corporate data, emails, communications, applications and other processes and information, and intend to address issues pertaining to: (i) risk assessment; (ii) acceptable uses of EODs; (iii) corporate monitoring and app management; (iv) sharing EODs; (iv) connection to corporate servers; (v) responsibility for security features; (vi) software updates; and (vii) voice or data plans.
Also, the guidelines emphasize that organizations’ BYOD programs should provide restrictions on: (i) cloud services, (ii) devices and operating systems; and (iii) information that can (or cannot) be stored on EODs. Likewise, the guidelines stress that such BYOD programs should address a number of issues, including: (a) user responsibilities; (b) acceptable and unacceptable uses of EODs; (c) access and security requirements; and (d) sharing EODs with family and friends.
Finally, the guidelines indicate that although BYOD programs can be part of an organization’s cost-reduction strategy, using EODs to carry out both personal and business functions may introduce privacy and security risks that could affect both personal and corporate information.
Accordingly, in addition to the foregoing, the guidelines set out a series of measures to consider, such as: (i) implementing mobile device software to manage EODs that connect to the corporate network and effecting proper authentication measures; (ii) signing, with each EOD owner, an agreement providing for the administration activities that can performed on the EOD by the organization; (iii) partitioning EODs into two compartments; (iv) implementing encryption, storage and retention procedures; (iv) addressing vulnerabilities and malware protection; and (v) providing adequate training for all IT professionals and users.
Publication
While AI can help resolve data issues in sustainable investing, it can create problems such as information breaches and inherent bias in data.
Publication
In this edition of Regulation Around the World we review recent steps that financial services regulatory authorities have taken as regards investment research.
Publication
The proliferation of internet-enabled devices has allowed children to access the internet at an increasingly younger age, often sharing their personal data without fully appreciating the risks and consequences of doing so. Accordingly, organisations that collect children’s personal data online have a shared responsibility to ensure that such personal data is collected with the appropriate consent obtained and is adequately protected, and to allow children to safely participate in the online space.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023