InfoQ Homepage Data Privacy Content on InfoQ
-
MyTerms: a New IEEE Standard Enabling Online Privacy and Aiming to Replace Cookies
Nicknamed MyTerms, the new 7012-2025 IEEE standard defines mechanisms for exchanging personal information between individuals and online service providers, and specifies how individuals can enforce their privacy requirements during transactions.
-
AWS Launches European Sovereign Cloud amid Questions about U.S. Legal Jurisdiction
AWS has launched its European Sovereign Cloud with a €7.8 billion investment, designed to meet EU regulatory demands and address data privacy concerns amid geopolitical tensions. Despite its operational separation from global regions, questions linger about legal protections against U.S. data access. Competitors like Microsoft and local providers may present stronger sovereignty options.
-
Tracking and Controlling Data Flows at Scale in GenAI: Meta’s Privacy-Aware Infrastructure
Meta has revealed how it scales its Privacy-Aware Infrastructure (PAI) to support generative AI development while enforcing privacy across complex data flows. Using large-scale lineage tracking, PrivacyLib instrumentation, and runtime policy controls, the system enables consistent privacy enforcement for AI workloads like Meta AI glasses without introducing manual bottlenecks.
-
Microsoft Research Develops Novel Approaches to Enforce Privacy in AI Models
A team of AI researchers at Microsoft introduces two novel approaches for enforcing contextual integrity in large language models: PrivacyChecker, an open-source lightweight module that acts as a privacy shield during inference, and CI-CoT + CI-RL, an advanced training method designed to teach models to reason about privacy.
-
Five AI Security Myths Debunked at InfoQ Dev Summit Munich
Katharine Jarmul challenged five common AI security and privacy myths in her InfoQ Dev Summit Munich 2025 keynote: that guardrails will protect us, better model performance improves security, risk taxonomies solve problems, one-time red teaming suffices, and the next model version will fix current issues. She said that current approaches to AI safety rely too heavily on technical solutions.
-
EU's Cloud Sovereignty SEAL Ranking Forces Governance and Resilience Trade-offs
The EU's new Cloud Sovereignty Framework establishes a standardized assessment for cloud services, enhancing digital autonomy and reducing dependence on non-EU giants. It introduces a scorecard system based on eight Sovereignty Objectives that influences public sector procurement decisions.
-
Google Introduces VaultGemma: An Experimental Differentially Private LLM
VaultGemma is a 1B-parameter Gemma 2-based LLM that Google trained from scratch using differential privacy (DP) with the aim of preventing the model from memorizing and later regurgitating training data. While still a research model, VaultGemma could enable applications cases in healthcare, finance, legal, and other regulated sectors.
-
The European Cloud Dilemma: Innovation Versus Digital Sovereignty
European tech companies are facing a tricky situation, using popular American cloud services like AWS and Google Cloud, but worrying about keeping control of their data in Europe. With rising geopolitical tensions, more practitioners are asking: should we be less dependent on American tech giants? It's got some European developers and businesses rethinking how they handle their data.
-
Guardian's Secure Messaging: Open Source Messaging Uses Millions of App Users as Traffic Cover
The Guardian has recently released Secure Messaging, a highly secure and user-friendly tool designed to protect journalistic sources by concealing the very fact that messaging is occurring. The open source project achieves strong plausible deniability by generating bait traffic through the routine activity of existing users of The Guardian's mobile app.
-
AWS Unveils Independent European Governance and Operations for European Sovereign Cloud
AWS unveils its European Sovereign Cloud, launching in Brandenburg, Germany, by 2025, with strict EU governance and a focus on digital sovereignty. This initiative features an EU-controlled parent company, dedicated Security Operations Center, and customer data residing exclusively in the EU, ensuring compliance and operational autonomy while leveraging AWS's innovative cloud services.
-
DeepMind Researchers Propose Defense against LLM Prompt Injection
To prevent prompt injection attacks when working with untrusted sources, Google DeepMind researchers have proposed CaMeL, a defense layer around LLMs that blocks malicious inputs by extracting the control and data flows from the query. According to their results, CaMeL can neutralize 67% of attacks in the AgentDojo security benchmark.
-
European Cloud Providers: What Are the Options Today?
Current geopolitical tensions have raised attention to existing cloud providers in Europe, with many European companies increasingly concerned about reliance on US-controlled services. According to various articles by specialists and practitioners, local cloud providers still offer few viable alternatives for organizations focused on European digital sovereignty.
-
Google Enhances Data Privacy with Confidential Federated Analytics
Google has announced Confidential Federated Analytics (CFA), a technique designed to increase transparency in data processing while maintaining privacy. Building on federated analytics, CFA leverages confidential computing to ensure that only predefined and inspectable computations are performed on user data without exposing raw data to servers or engineers.
-
Rachael Greaves at QCon London: Ethical AI Can Decrease the Impact of Data Breaches
At QCon London, Rachael Greaves, chief executive officer at Castlepoint Systems, presented both the obligations and benefits of data minimisation as a mechanism to decrease the impact of data breaches. AI autoclassification and automatic decision-making tools help with the ever-increasing data volumes as long as ethical principles are considered, allowing decisions to be challenged.
-
AWS Announces European Sovereign Cloud for Government Agencies and Regulated Industries
AWS has recently announced that it is working on a European Sovereign Cloud, a new European region that will be operationally independent of all existing AWS regions. No availability date has been provided for the new option that targets government agencies and regulated industries that store sensitive data and run critical workloads in the European Union (EU).