August 1, 2025 • 16 mins
We explore how cybercriminals fell victim to their own security mistakes and examine major attacks targeting corporate SharePoint environments. Privacy legislation advances with new protections for children and groundbreaking AI accountability measures in Minnesota.
• Cybercrime forum exposes member data through database misconfiguration
• SharePoint under active attack with remote code execution vulnerabilities
• California passes enhanced children's privacy legislation requiring stricter parental consent
• Minnesota Consumer Privacy Act launches July 31st with human review rights for AI decisions
• Problem Lounge studio expansion announcement with new podcast launches
• Trust and anonymity requirements in criminal digital ecosystems
• Corporate IT challenges with ubiquitous software vulnerabilities
• Growing complexity of state-by-state privacy compliance requirements
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
All righty then, ladies and gentlemen, welcome
back to Privacy, please.
Cameron Ivey, here with GabeGumbs, as always, my sidekick,
my friend, my homie, mr.
Speaker 2 (00:10):
Gumbs.
Speaker 1 (00:11):
My home skillet, home slice, how you doing.
It's another Friday in theworld of digital nonsense, right
on Preparing for an aboveaverage weekend, are you
Probably?
Yeah, I mean, I'll have, we'llget on, we'll get some
adventures and maybe that'sabove average.
That's above average I'mexcited right uh, yeah, um a lot
(00:31):
going on in the world today,gay or in in busy in this cyber
and privacy world.
Speaker 2 (00:38):
There's a lot happening.
There are a lot of topics thatare worthy of coverage, but
there are a few things inparticular that came up over the
last week that we've been askedsome questions about, so we
wanted to make sure that wecovered those front and center.
Just bringing you the latestupdates from around the
community?
Speaker 1 (00:56):
Yes, we are.
Let's go ahead and dive rightin.
Hackers be getting hacked.
Speaker 2 (01:00):
It's a thing.
Being a hacker does not preventyou from getting hacked.
No.
One of the primary drivers ofdata breaches is
misconfigurations, and it wouldappear that hackers are no less
susceptible to such shenanigans.
Speaker 1 (01:16):
Well, I mean, you know that world more than me, so
let's dig into it real quick.
So the first topic iscybercrime forum exposes its own
members.
So a well-known cybercrimeforum forum place where stolen
data is bought and sold had itsown massive data breach this
week.
Speaker 2 (01:32):
If you haven't heard, so let's talk about how that
happened.
The bat.
My first thought is you've gotsome pretty bad opsec.
If you are a cyber criminal andyou're like reusing usernames
and other things that are tiedto your identity in any
meaningful way, it's just youknow why because they're still
(01:54):
human gabe uh, it's fair.
That's a fair point.
They are indeed human.
They are indeed human, sothey're gonna make human
mistakes.
They do, and they made a veryhuman mistake.
They accidentally misconfigureda database and left it wide
open for the world.
So this wasn't a hack so muchas it was a breach, and breach
(02:14):
was a literal byproduct of justpure misconfiguration.
We talk about this frequently.
We talk about this to folksdirectly in the security
community, we talk about it onthe show frequently, but just
the basic hygiene ofconfiguration, as you can see,
leads to even breaches for thebad guys, and so there's been a
(02:35):
whole lot of chaos in some ofthose forums because it breaks a
bit of the trust.
There's a strong requirement,even in the criminal world, for
there to be a trust elementbetween the administrators of
these sites and the users ofthese sites.
That element of trust isnecessary both in terms of okay,
is this guy a reputable vendor?
If you give this person someBitcoin, are you going to get an
(02:58):
exchange goods and servicesthat you find to be worthy of
exchanging monies for?
The only real differencebetween cybercrime and
sanctioned or otherwisenon-criminal business activities
really is just the law aspectof it.
So much else of it really justtranslates.
Trust is a necessity forsuccessful business operations
(03:19):
and that's really no differentfor these folks.
Anonymity is everything in thecybercrime world and anonymity
being compromised completelyruins, in this case, this
cybercrime forum in particular.
How many people return to thatforum?
If I'm a cybercriminal, I don'tgo back at all.
I don't even care if they tellme they fix things.
Maybe I make my way elsewhere,maybe I do, maybe I don't.
Speaker 1 (03:40):
Dare I say a digital friendly fire, Little digital
friendly fire.
Speaker 2 (03:45):
Little little digital friendly fire Indeed yeah.
Speaker 1 (03:49):
Did a robber accidentally shoot his own foot?
Speaker 2 (03:53):
I think so, I think so.
Speaker 1 (03:55):
I think that's what happened.
Speaker 2 (03:57):
I think it happened.
Speaker 1 (03:58):
Well, we'll keep.
We'll keep our eyes on that one, but that's that one's.
That one's funny to me, thatone's funny.
Speaker 2 (04:03):
Yeah, yeah.
Speaker 1 (04:06):
The second topic is a code red for corporate IT.
Sharepoint was under attackactive attack.
This past week we sawSharePoint getting attacked
quite broadly.
Speaker 2 (04:18):
And as most folks in the IT world know, sharepoint is
somewhat ubiquitous inside oforganizations.
You know, one of the biggestchallenges is, even if you don't
necessarily use SharePointdirectly, a number of other
Microsoft services are directlytied to SharePoint and so you
likely have it in yourenvironment, regardless of how
(04:38):
intimately your organization maybe using it.
But for what it's worth, lotsof organizations do use it quite
heavily.
They rely on it as a documentrepository, they rely on it as a
core part of their overall datamanagement strategy, and we've
seen SharePoint get attackedbefore.
Another reason why we see thatcontinued attack pattern is,
(04:59):
again, it is somewhat ubiquitous.
Microsoft has bundled it withso much that there's a lot of it
deployed, and so if I'm anattacker, it makes for a good
attack surface because I'mlikely to get my hands on more
environments and more data, notless, just by sheer volume of
users.
Speaker 1 (05:15):
Yeah, so this is, I mean, this is considered
enormous because it's not justpersonal information, this is
company stuff, this is likeorganizations, yeah yeah, we
don't see that very often, do we?
Yeah?
Speaker 2 (05:28):
No, we also don't see remote code execution flaws
that are present in softwarethat is.
This ubiquitous right Like theattack surface of SharePoint
can't be understated.
It's huge.
It's not a niche product, it'smassive.
And being able to exploit, runexploit code remotely means that
they can take full control overof that server from anywhere,
(05:52):
yeah, anywhere.
That's a problem, that's aproblem?
Speaker 1 (05:55):
Well, this is obviously ongoing, but what do
you?
I mean, this is so new, I meanthis coming out now.
Do you think this happened awhile back, or is this happening
, like just this past week?
This was like.
You know how we hear thingslater on.
Speaker 2 (06:08):
Yeah, I don't recall the specifics of when the
patterns were started to bedetected in the wild, but you
know, suffice to say that quitefrequently with these types of
attacks, by the time we noticethem, it has been going on for
some period of time, right, Likeeven if this were a quote zero
day attack.
The amount of damage that canbe done within a day, within a
(06:30):
week, is quite huge.
When, again, the attack serviceis this large, you can attack a
lot of SharePoint servers in ashort period of time just
because of that.
But you know, since this storyhas been breaking it's only been
about a week so far since thisstory has been breaking, yeah,
Well, we'll keep an eye on thatone as well.
Speaker 1 (06:47):
Just wanted to update you guys here.
We'll move on to the next topic.
So we got Children's PrivacyAct.
There was a major movement inCalifornia this week.
They passed a significant newregulation aimed at curbing how
companies collect and use datafrom children and teens.
So this is huge.
I mean, they've been talkingabout this for a while, but it
(07:10):
seems like it's not justCalifornia Gabe, this is a
national trend that's kind ofgoing through the wave here.
Yeah, it's always protectingthe children.
Speaker 2 (07:18):
I get it, I agree.
I always struggle, though, withlegislation that feels
difficult to enforce.
Yeah, I'm intrigued as to, inparticular.
So this regulation mandatesstricter requirements for
getting parental consent.
Cool, great.
How are you going to get thatparental consent and validate
that it was indeed a parent thatgave the consent?
It's another pop-up box whereyou simply check a box on a
(07:41):
website.
I don't think that type ofenforcement really achieves the
goal.
That being said, it is stillbetter to at least have the
rules in place that do govern.
Okay, you have that data.
Now you have to take specialcare of that data, regardless of
how that consent was granted,and that's kind of the side of
the fence I fall on is I'm notparticularly super anxious to
(08:05):
further regulate how the consentis granted.
I'm really more interested inwhat happens once the data is in
the corporate hands.
Speaker 1 (08:11):
Yeah, that's a good point.
I also think, like I feel, likeeven parents, there should be
no information from kids, likeyou, shouldn't have to give any
kind of information, even if andobviously, there should be
guidelines around things thatare used by kids, whether it be
apps or learning apps and thingslike that.
This is such a sensitivesubject because, you know, even
if our, you know, let's not getinto the even even the
(08:34):
government isn't the safestplace for kids.
Let's be honest, even if their,their goal is to protect
children's privacy.
I know that the CCPA is, youknow that's the goal, but I
think you get what I'm trying tosay.
I do, I do.
That's a.
That's a different show.
Speaker 2 (08:51):
And that's the challenge, right like there is
the spirit of what is trying tobe achieved with that new
legislation.
And then there is the realworld.
The messiness, yeah, is thereal digital world well, a
little shameless plug.
Speaker 1 (09:04):
Shameless plug on our new show.
I might as well.
I think it's a good time.
The problem lounge.
Speaker 2 (09:08):
You're talking about digital messiness yeah, a little
digital messiness so we'relaunching, launching a new show
launching, launching a whole newpodcast network.
So we've been now studiodelivering studio.
We've been delivering privacyplease now for five and a half
years or so, and we've longwanted to expand into some other
areas.
We've had a lot of requests tocover some other topics, but
(09:31):
they don't neatly fit into thisshow.
So we're launching the ProblemLounge studio, which will be the
overall umbrella org thatproduces and brings forth
Privacy Please.
So nothing's changing there.
You will still get access toyour Privacy Please, but we are
launching two new shows underthat banner, the first of which
I'm happy to announce today theProblem Lounge.
(09:53):
So those episodes I thinkthey're going to drop the week
of Black Hat, right, like we'regoing to start dropping.
We're going to drop the week ofBlack Hat, so that's August.
I think the week starts on likethe 5th.
We're going to be dropping onthe 6th and the 7th, so stay
tuned for that.
We have a new website launchingwith that as well too.
We'll announce that websitehere shortly.
Well, it is theproblemloungecom, but it is soft launched at the
(10:18):
moment.
So again, don't at me, don't atme.
Yeah, yeah, shameless plugindeed, and so why don't you
tell listeners what exactly isthe problem lounge and what are
we going to be covering on?
Speaker 1 (10:34):
Oh, that's a good question Gabe.
Speaker 2 (10:35):
Well, I mean the census of it is, or is that?
Speaker 1 (10:36):
the right word, the consensus, the entirety of that
podcast is to kind of highlightthe messiness of being human in
a digital world, being human ina digital world.
So we're going to be coveringtons of content on just like
life and it's still going tokind of mix in, you know,
privacy and security and butit's going to kind of hit on
more life situations andinterpersonal, personal, yeah,
(10:58):
yeah versus the, the businesstopics that we cover exactly
yeah, we're really excited about.
Speaker 2 (11:04):
We're going to get a little looser on that show.
That show is definitely.
It's PG-13 if the year is 1995.
The year is 2005.
You know, it's NC-17.
Yeah, yeah, yeah.
Speaker 1 (11:17):
Yeah, we're going to be showing some stuff.
Speaker 2 (11:18):
Yeah, yeah, we're saying some things.
Speaker 1 (11:20):
We're going to say some things.
Speaker 2 (11:21):
We're going to say some things.
We're going to say some things,we're going to say some things.
Speaker 1 (11:23):
We're going to keep it real and just continue to be
us.
So, if you want to keepsupporting us and tell your
friends and family.
Speaker 2 (11:30):
Come support the new show.
Come support the new show.
You'll be able to catch thatshow biweekly, same place.
You pick up your privacy,please.
So we're launching across allthe platforms Apple Podcasts,
spotify, you name it Everywhereyou go to get your podcast
YouTube the whole night.
You can come check out theProblem Lounge there, as well,
(11:50):
we might even be on TikTok.
Speaker 1 (11:52):
We'll see, we'll see.
But yeah, anyways.
Last topic, gabe.
Next week on Thursday, theMinnesota Consumer Privacy Act
goes live on the 31st of July,and this one's really cool.
There's a couple things that'svery different about this law
compared.
It's not just a copy and pasteof other state laws, so if
(12:13):
you're a Minnesotan, hold my hotdish, you know what I'm saying.
So they're joining a group ofother states, of course, with
this comprehensive privacy law.
So it gives citizens the rightsto access, delete, correct and,
crucially, opt out of theirdata being sold or used to
targeted ads and profiling.
For any business that operatesnationally, they now have to
(12:38):
navigate another, slightlydifferent set of rules,
definitions and obligations.
Compliance is becomingincredibly complex, obviously
because of all these differentstate laws.
It's like having differentallergies for each human.
We're getting real.
What's the word?
Speaker 2 (12:55):
Not compartmentalized , but specialized.
Speaker 1 (12:58):
I'm specialized, but like granular, Granular granular
.
Yeah, these state laws are allgetting so granular and just
they have little differentthings about them.
That notable feature forMinnesota is a right for
consumers to question and gethuman review of automated
decisions, a key protection inthe age of AI.
(13:19):
That is huge.
That's a pretty big one, yeah.
Speaker 2 (13:22):
That's awesome one.
Yeah, that's awesome If andwhen the implementation of AI
expands further into makingdecisions for us, whether those
be health insurance coverage,and that's probably one of the
biggest ones, really right, likean AI agent makes a decision to
deny or approve a procedure,for example, you should be able
(13:43):
to question that and get ananswer from a human why that is
a thing.
Speaker 1 (13:46):
I agree, 100%, absolutely.
Well, that's pretty much it forthis week, though I mean that's
a big one, so look for that togo live on the 1st and that's it
for Privacy.
Pleased this week.
We appreciate you guys.
Thanks, gabe.
Speaker 2 (14:00):
Always a pleasure, Cam Good to see you.
Speaker 1 (14:07):
Don't forget everyone .
Come check out problem lab,pull up a chair.
Yeah, you get an exclusiveearly look.
Problemloungecom, theproblemloungecom.
We'll see you guys soon, peace.
All righty then, ladies and gentlemen, welcome
back to Privacy, please.
Cameron Ivey, here with GabeGumbs, as always, my sidekick,
my friend, my homie, mr.
Speaker 2 (00:10):
Gumbs.
Speaker 1 (00:11):
My home skillet, home slice, how you doing.
It's another Friday in theworld of digital nonsense, right
on Preparing for an aboveaverage weekend, are you
Probably?
Yeah, I mean, I'll have, we'llget on, we'll get some
adventures and maybe that'sabove average.
That's above average I'mexcited right uh, yeah, um a lot
(00:31):
going on in the world today,gay or in in busy in this cyber
and privacy world.
Speaker 2 (00:38):
There's a lot happening.
There are a lot of topics thatare worthy of coverage, but
there are a few things inparticular that came up over the
last week that we've been askedsome questions about, so we
wanted to make sure that wecovered those front and center.
Just bringing you the latestupdates from around the
community?
Speaker 1 (00:56):
Yes, we are.
Let's go ahead and dive rightin.
Hackers be getting hacked.
Speaker 2 (01:00):
It's a thing.
Being a hacker does not preventyou from getting hacked.
No.
One of the primary drivers ofdata breaches is
misconfigurations, and it wouldappear that hackers are no less
susceptible to such shenanigans.
Speaker 1 (01:16):
Well, I mean, you know that world more than me, so
let's dig into it real quick.
So the first topic iscybercrime forum exposes its own
members.
So a well-known cybercrimeforum forum place where stolen
data is bought and sold had itsown massive data breach this
week.
Speaker 2 (01:32):
If you haven't heard, so let's talk about how that
happened.
The bat.
My first thought is you've gotsome pretty bad opsec.
If you are a cyber criminal andyou're like reusing usernames
and other things that are tiedto your identity in any
meaningful way, it's just youknow why because they're still
(01:54):
human gabe uh, it's fair.
That's a fair point.
They are indeed human.
They are indeed human, sothey're gonna make human
mistakes.
They do, and they made a veryhuman mistake.
They accidentally misconfigureda database and left it wide
open for the world.
So this wasn't a hack so muchas it was a breach, and breach
(02:14):
was a literal byproduct of justpure misconfiguration.
We talk about this frequently.
We talk about this to folksdirectly in the security
community, we talk about it onthe show frequently, but just
the basic hygiene ofconfiguration, as you can see,
leads to even breaches for thebad guys, and so there's been a
(02:35):
whole lot of chaos in some ofthose forums because it breaks a
bit of the trust.
There's a strong requirement,even in the criminal world, for
there to be a trust elementbetween the administrators of
these sites and the users ofthese sites.
That element of trust isnecessary both in terms of okay,
is this guy a reputable vendor?
If you give this person someBitcoin, are you going to get an
(02:58):
exchange goods and servicesthat you find to be worthy of
exchanging monies for?
The only real differencebetween cybercrime and
sanctioned or otherwisenon-criminal business activities
really is just the law aspectof it.
So much else of it really justtranslates.
Trust is a necessity forsuccessful business operations
(03:19):
and that's really no differentfor these folks.
Anonymity is everything in thecybercrime world and anonymity
being compromised completelyruins, in this case, this
cybercrime forum in particular.
How many people return to thatforum?
If I'm a cybercriminal, I don'tgo back at all.
I don't even care if they tellme they fix things.
Maybe I make my way elsewhere,maybe I do, maybe I don't.
Speaker 1 (03:40):
Dare I say a digital friendly fire, Little digital
friendly fire.
Speaker 2 (03:45):
Little little digital friendly fire Indeed yeah.
Speaker 1 (03:49):
Did a robber accidentally shoot his own foot?
Speaker 2 (03:53):
I think so, I think so.
Speaker 1 (03:55):
I think that's what happened.
Speaker 2 (03:57):
I think it happened.
Speaker 1 (03:58):
Well, we'll keep.
We'll keep our eyes on that one, but that's that one's.
That one's funny to me, thatone's funny.
Speaker 2 (04:03):
Yeah, yeah.
Speaker 1 (04:06):
The second topic is a code red for corporate IT.
Sharepoint was under attackactive attack.
This past week we sawSharePoint getting attacked
quite broadly.
Speaker 2 (04:18):
And as most folks in the IT world know, sharepoint is
somewhat ubiquitous inside oforganizations.
You know, one of the biggestchallenges is, even if you don't
necessarily use SharePointdirectly, a number of other
Microsoft services are directlytied to SharePoint and so you
likely have it in yourenvironment, regardless of how
(04:38):
intimately your organization maybe using it.
But for what it's worth, lotsof organizations do use it quite
heavily.
They rely on it as a documentrepository, they rely on it as a
core part of their overall datamanagement strategy, and we've
seen SharePoint get attackedbefore.
Another reason why we see thatcontinued attack pattern is,
(04:59):
again, it is somewhat ubiquitous.
Microsoft has bundled it withso much that there's a lot of it
deployed, and so if I'm anattacker, it makes for a good
attack surface because I'mlikely to get my hands on more
environments and more data, notless, just by sheer volume of
users.
Speaker 1 (05:15):
Yeah, so this is, I mean, this is considered
enormous because it's not justpersonal information, this is
company stuff, this is likeorganizations, yeah yeah, we
don't see that very often, do we?
Yeah?
Speaker 2 (05:28):
No, we also don't see remote code execution flaws
that are present in softwarethat is.
This ubiquitous right Like theattack surface of SharePoint
can't be understated.
It's huge.
It's not a niche product, it'smassive.
And being able to exploit, runexploit code remotely means that
they can take full control overof that server from anywhere,
(05:52):
yeah, anywhere.
That's a problem, that's aproblem?
Speaker 1 (05:55):
Well, this is obviously ongoing, but what do
you?
I mean, this is so new, I meanthis coming out now.
Do you think this happened awhile back, or is this happening
, like just this past week?
This was like.
You know how we hear thingslater on.
Speaker 2 (06:08):
Yeah, I don't recall the specifics of when the
patterns were started to bedetected in the wild, but you
know, suffice to say that quitefrequently with these types of
attacks, by the time we noticethem, it has been going on for
some period of time, right, Likeeven if this were a quote zero
day attack.
The amount of damage that canbe done within a day, within a
(06:30):
week, is quite huge.
When, again, the attack serviceis this large, you can attack a
lot of SharePoint servers in ashort period of time just
because of that.
But you know, since this storyhas been breaking it's only been
about a week so far since thisstory has been breaking, yeah,
Well, we'll keep an eye on thatone as well.
Speaker 1 (06:47):
Just wanted to update you guys here.
We'll move on to the next topic.
So we got Children's PrivacyAct.
There was a major movement inCalifornia this week.
They passed a significant newregulation aimed at curbing how
companies collect and use datafrom children and teens.
So this is huge.
I mean, they've been talkingabout this for a while, but it
(07:10):
seems like it's not justCalifornia Gabe, this is a
national trend that's kind ofgoing through the wave here.
Yeah, it's always protectingthe children.
Speaker 2 (07:18):
I get it, I agree.
I always struggle, though, withlegislation that feels
difficult to enforce.
Yeah, I'm intrigued as to, inparticular.
So this regulation mandatesstricter requirements for
getting parental consent.
Cool, great.
How are you going to get thatparental consent and validate
that it was indeed a parent thatgave the consent?
It's another pop-up box whereyou simply check a box on a
(07:41):
website.
I don't think that type ofenforcement really achieves the
goal.
That being said, it is stillbetter to at least have the
rules in place that do govern.
Okay, you have that data.
Now you have to take specialcare of that data, regardless of
how that consent was granted,and that's kind of the side of
the fence I fall on is I'm notparticularly super anxious to
(08:05):
further regulate how the consentis granted.
I'm really more interested inwhat happens once the data is in
the corporate hands.
Speaker 1 (08:11):
Yeah, that's a good point.
I also think, like I feel, likeeven parents, there should be
no information from kids, likeyou, shouldn't have to give any
kind of information, even if andobviously, there should be
guidelines around things thatare used by kids, whether it be
apps or learning apps and thingslike that.
This is such a sensitivesubject because, you know, even
if our, you know, let's not getinto the even even the
(08:34):
government isn't the safestplace for kids.
Let's be honest, even if their,their goal is to protect
children's privacy.
I know that the CCPA is, youknow that's the goal, but I
think you get what I'm trying tosay.
I do, I do.
That's a.
That's a different show.
Speaker 2 (08:51):
And that's the challenge, right like there is
the spirit of what is trying tobe achieved with that new
legislation.
And then there is the realworld.
The messiness, yeah, is thereal digital world well, a
little shameless plug.
Speaker 1 (09:04):
Shameless plug on our new show.
I might as well.
I think it's a good time.
The problem lounge.
Speaker 2 (09:08):
You're talking about digital messiness yeah, a little
digital messiness so we'relaunching, launching a new show
launching, launching a whole newpodcast network.
So we've been now studiodelivering studio.
We've been delivering privacyplease now for five and a half
years or so, and we've longwanted to expand into some other
areas.
We've had a lot of requests tocover some other topics, but
(09:31):
they don't neatly fit into thisshow.
So we're launching the ProblemLounge studio, which will be the
overall umbrella org thatproduces and brings forth
Privacy Please.
So nothing's changing there.
You will still get access toyour Privacy Please, but we are
launching two new shows underthat banner, the first of which
I'm happy to announce today theProblem Lounge.
(09:53):
So those episodes I thinkthey're going to drop the week
of Black Hat, right, like we'regoing to start dropping.
We're going to drop the week ofBlack Hat, so that's August.
I think the week starts on likethe 5th.
We're going to be dropping onthe 6th and the 7th, so stay
tuned for that.
We have a new website launchingwith that as well too.
We'll announce that websitehere shortly.
Well, it is theproblemloungecom, but it is soft launched at the
(10:18):
moment.
So again, don't at me, don't atme.
Yeah, yeah, shameless plugindeed, and so why don't you
tell listeners what exactly isthe problem lounge and what are
we going to be covering on?
Speaker 1 (10:34):
Oh, that's a good question Gabe.
Speaker 2 (10:35):
Well, I mean the census of it is, or is that?
Speaker 1 (10:36):
the right word, the consensus, the entirety of that
podcast is to kind of highlightthe messiness of being human in
a digital world, being human ina digital world.
So we're going to be coveringtons of content on just like
life and it's still going tokind of mix in, you know,
privacy and security and butit's going to kind of hit on
more life situations andinterpersonal, personal, yeah,
(10:58):
yeah versus the, the businesstopics that we cover exactly
yeah, we're really excited about.
Speaker 2 (11:04):
We're going to get a little looser on that show.
That show is definitely.
It's PG-13 if the year is 1995.
The year is 2005.
You know, it's NC-17.
Yeah, yeah, yeah.
Speaker 1 (11:17):
Yeah, we're going to be showing some stuff.
Speaker 2 (11:18):
Yeah, yeah, we're saying some things.
Speaker 1 (11:20):
We're going to say some things.
Speaker 2 (11:21):
We're going to say some things.
We're going to say some things,we're going to say some things.
Speaker 1 (11:23):
We're going to keep it real and just continue to be
us.
So, if you want to keepsupporting us and tell your
friends and family.
Speaker 2 (11:30):
Come support the new show.
Come support the new show.
You'll be able to catch thatshow biweekly, same place.
You pick up your privacy,please.
So we're launching across allthe platforms Apple Podcasts,
spotify, you name it Everywhereyou go to get your podcast
YouTube the whole night.
You can come check out theProblem Lounge there, as well,
(11:50):
we might even be on TikTok.
Speaker 1 (11:52):
We'll see, we'll see.
But yeah, anyways.
Last topic, gabe.
Next week on Thursday, theMinnesota Consumer Privacy Act
goes live on the 31st of July,and this one's really cool.
There's a couple things that'svery different about this law
compared.
It's not just a copy and pasteof other state laws, so if
(12:13):
you're a Minnesotan, hold my hotdish, you know what I'm saying.
So they're joining a group ofother states, of course, with
this comprehensive privacy law.
So it gives citizens the rightsto access, delete, correct and,
crucially, opt out of theirdata being sold or used to
targeted ads and profiling.
For any business that operatesnationally, they now have to
(12:38):
navigate another, slightlydifferent set of rules,
definitions and obligations.
Compliance is becomingincredibly complex, obviously
because of all these differentstate laws.
It's like having differentallergies for each human.
We're getting real.
What's the word?
Speaker 2 (12:55):
Not compartmentalized , but specialized.
Speaker 1 (12:58):
I'm specialized, but like granular, Granular granular
.
Yeah, these state laws are allgetting so granular and just
they have little differentthings about them.
That notable feature forMinnesota is a right for
consumers to question and gethuman review of automated
decisions, a key protection inthe age of AI.
(13:19):
That is huge.
That's a pretty big one, yeah.
Speaker 2 (13:22):
That's awesome one.
Yeah, that's awesome If andwhen the implementation of AI
expands further into makingdecisions for us, whether those
be health insurance coverage,and that's probably one of the
biggest ones, really right, likean AI agent makes a decision to
deny or approve a procedure,for example, you should be able
(13:43):
to question that and get ananswer from a human why that is
a thing.
Speaker 1 (13:46):
I agree, 100%, absolutely.
Well, that's pretty much it forthis week, though I mean that's
a big one, so look for that togo live on the 1st and that's it
for Privacy.
Pleased this week.
We appreciate you guys.
Thanks, gabe.
Speaker 2 (14:00):
Always a pleasure, Cam Good to see you.
Speaker 1 (14:07):
Don't forget everyone .
Come check out problem lab,pull up a chair.
Yeah, you get an exclusiveearly look.
Problemloungecom, theproblemloungecom.
We'll see you guys soon, peace.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
New Heights with Jason & Travis Kelce
Football’s funniest family duo — Jason Kelce of the Philadelphia Eagles and Travis Kelce of the Kansas City Chiefs — team up to provide next-level access to life in the league as it unfolds. The two brothers and Super Bowl champions drop weekly insights about the weekly slate of games and share their INSIDE perspectives on trending NFL news and sports headlines. They also endlessly rag on each other as brothers do, chat the latest in pop culture and welcome some very popular and well-known friends to chat with them. Check out new episodes every Wednesday. Follow New Heights on the Wondery App, YouTube or wherever you get your podcasts. You can listen to new episodes early and ad-free, and get exclusive content on Wondery+. Join Wondery+ in the Wondery App, Apple Podcasts or Spotify. And join our new membership for a unique fan experience by going to the New Heights YouTube channel now!