News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
FTC Bars Forever Living From Deceptive Earnings Claims
Summary: The FTC settled with Forever Living and its operators, permanently barring deceptive earnings claims and reinforcing that consumer-protection enforcement still reaches …Read brief - Brief
EDPB Annual Report 2025 Highlights the Board's Enforcement Priorities
Summary: EDPB’s 2025 annual report summarizes the board’s guidance, coordination, and enforcement priorities, giving privacy teams a better read on where European …Read brief - Brief
OpenAI Opens Applications for a Safety Fellowship Focused on Alignment Research
Summary: OpenAI announced the OpenAI Safety Fellowship on April 6, 2026, describing it as a pilot program for external researchers, engineers, and practitioners working on safety …Read brief - Brief
EDPB Publishes One-Stop-Shop Digest on Legitimate Interest
Summary: EDPB published a digest of one-stop-shop decisions on legitimate interest, giving privacy teams a clearer signal on how regulators are testing necessity, balancing, and …Read brief - Brief
EDPB conference on cross-regulatory cooperation: what we learned
Summary: EDPB used its March conference to press for deeper coordination between privacy regulators and adjacent EU authorities, signaling that cross-regulatory enforcement is …Read brief - Brief
NIST Releases CSF 2.0 Quick-Start Guides for ERM and Informative References
Summary: NIST announced two Cybersecurity Framework 2.0 quick-start guide updates on March 23, 2026. The agency released the final SP 1308 guide on connecting CSF 2.0 with …Read brief - Brief
NIST Finalizes Revision 3 of Its DNS Deployment Guide
Summary: NIST published the final version of SP 800-81 Revision 3, “Secure Domain Name System (DNS) Deployment Guide,” on March 19, 2026. The guide covers DNS as a …Read brief - Brief
EDPB and EDPS Back Stronger EU Cybersecurity Rules While Guarding Personal Data
Summary: EDPB and EDPS issued a joint opinion on the Commission’s CSA2 and NIS2 proposals, arguing the EU can streamline cybersecurity obligations without diluting core …Read brief - Brief
NIST Maps the Hard Parts of Monitoring Deployed AI Systems
Summary: NIST published AI 800-4, “Challenges to the Monitoring of Deployed AI Systems,” on March 9, 2026. The report groups monitoring into six categories: …Read brief - Brief
EDPB Sets a 2026-2027 Programme Focused on Compliance and Regulatory Coordination
Summary: The European Data Protection Board adopted its 2026-2027 work programme on February 12, 2026. The programme emphasizes making GDPR compliance easier in practice, …Read brief