Artificial intelligence (AI) notetakers are increasingly integrated into workplace meetings, offering automated transcription, summaries, and improved documentation. Tools like Otter.ai, Fireflies.ai, and Microsoft Copilot promise to enhance efficiency, but their use raises significant concerns regarding privacy, data security, and regulatory compliance. For organizations handling sensitive data—such as student records protected under FERPA, personally identifiable information (PII) subject to GDPR and CCPA, or proprietary business strategies—AI notetakers introduce potential risks that must be carefully managed. At Fordham University, IT security policies provide a structured approach to mitigating these risks while maintaining the benefits of AI-assisted transcription. Key Privacy and Risk Concerns…
Author: Josephine Law, FIP, CIPP/US, CIPM
Senior IT Risk Analyst, Information Security and Assurance | Fordham University Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Manager (CIPM) with a strong background in IT risk, privacy, and security. A versatile writer with experience in technical, policy, marketing, and social media content, blending expertise in business writing with communications and academics. Creative, resourceful, and adaptable, with a strong work ethic, a positive attitude, and a sense of humor.
The internet is continually evolving. From the static pages of Web 1.0 to the dynamic, user-driven platforms of Web 2.0, we’ve witnessed significant transformations. Now, a new phase is emerging: Web 3. But what exactly is Web 3, and more importantly, are you prepared for it? What Is Web 3? Web 3, often referred to as the “decentralized web,” represents a potential next generation of the internet. Unlike Web 2.0, which relies heavily on centralized servers and corporate-owned platforms, Web 3 is built on blockchain technology, emphasizing decentralization, data ownership, privacy, and user empowerment. In basic terms, Web 3 aims…
In January 2025, LinkedIn, the professional networking platform owned by Microsoft, faced a class-action lawsuit in California alleging that it used private messages from Premium subscribers to train generative AI models without proper user consent. This development raises serious concerns about data privacy and the ethical use of user-generated content in artificial intelligence (AI) training. Allegations Against LinkedIn The lawsuit claims LinkedIn violated the Stored Communications Act and breached its contract with users by utilizing private messages for AI training without explicit permission. It further accuses the platform of violating California’s Unfair Competition Law. Users allege that in August 2024,…
Today, January 28, is Data Privacy Day, an important opportunity to reflect on the significance of safeguarding personal information in an increasingly digital world. What began as a single day of awareness has grown into a week-long initiative, highlighting the growing importance of data protection and privacy worldwide. Let’s delve into the origins of Data Privacy Day, its evolution, and why it remains critical in our interconnected age. A Brief History of Data Privacy Day The origins of Data Privacy Day can be traced back to Europe in 1981 when the Council of Europe adopted Convention 108, the first legally…
The Federal Trade Commission’s proposed settlement with GoDaddy has implications for businesses and higher education institutions. With increasing reliance on web hosting providers for student portals, learning management systems, and alumni engagement platforms, colleges and universities must prioritize security when selecting and managing these services. Here are four lessons from the GoDaddy case that higher education institutions should consider: Evaluate Your Hosting Provider’s Security Practices In the context of higher education, sensitive data—such as student records, financial information, and research data—must be protected. Institutions should ensure their hosting providers: As stewards of student and faculty data, higher education institutions must…
As biometric technology continues to play a more prominent role in our daily lives, from unlocking phones with facial recognition to workplace security systems relying on fingerprint scans, concerns about the privacy of such sensitive information are growing. New York’s proposed Biometric Privacy Act is designed to address these concerns, and its implications could significantly affect individuals and organizations alike. Here’s what members of the Fordham University community should know about this groundbreaking legislation. Key Milestones in the Biometric Privacy Act’s Journey March 2023: The bill was introduced in the New York State Senate, kicking off its legislative process. June…
The Office of Information Technology is tackling AI head-on and exploring all the ways AI can enrich the lives of students, employees, and faculty at Fordham University. As part of our commitment to emerging tech, IT staff are encouraged to pursue AI projects and explore new avenues. Josephine Law, Senior IT Risk Management, is at the forefront of an AI-driven shift in IT risk management. Having a master’s degree in computer science and years of experience in IT, Josephine has applied her expertise in IT’s new AI Think Tank, which brings together leaders across IT to explore new technology frontiers. Full…
The Office of Information Technology is celebrating Marc Herzog, IT Security Engineer. Marc works in the Information Security and Assurance team and has been with Fordham for 1.5 years. Throughout his time at Fordham, he has worked on many interesting projects and developed both professionally and personally. To honor the contributions of Marc Herzog, we are sharing a little about his story. Full Story Article written by Victoria Sirito on November 1, 2024
The Office of Information Technology is celebrating Shannon Ortiz, Senior Director of IT Security & Assurance, who has been with Fordham for 31 years full-time (or 39 years if you count his high school, college, and student worker years!). Throughout his time at Fordham, he has worked on many interesting projects and developed both professionally and personally. To honor Shannon’s contributions, we are sharing a little about his story. Full Story Article written by Natalie Devlin on October 1, 2024
The Senate has passed a law that reauthorizes part of the Foreign Intelligence Surveillance Act, which allows the US government to collect and monitor electronic communications of foreign targets. The passing of this law happened on Friday, just minutes after the deadline, despite opposition from privacy advocates and former President Donald Trump. Section 702, which has been in place since 2008, allows US intelligence officers to bypass the warrant process and compel companies such as AT&T and Google to share communications of foreigners who live outside of the US. While doing so, officials may also track messages from Americans who…