Privacy

ISO/IEC 27565:2026 is a brand new ISO27k standard on Z ero- K nowledge P roofs. It explains how to go about collecting and verifying personal information for various legitimate purposes without 'over-collecting' i.e. requiring and gathering additional information beyond that strictly needed for the stated purpose - verifying whether a statement or claim is or is not true. Age verification is a common example. A new law in Australia, for instance, prohibits youngsters from

ISO/TC 215 has updated ISO 27799 to reflect ISO/IEC 27002:2022 , omitting the previous edition's content re ISO/IEC 27001 . The standard now concentrates on the implementation of organisational, people, physical and technological controls within the healthcare industry.

A new SC27 project has been approved, developing an ISO27k standard on privacy for the B rain- C omputer I nterface, part of meditech or healthtech you could say. Consider the privacy implications of these vaguely-conceivable futuristic or other-worldly BCI applications: Brain implants picking-up neurological signals to control prosthetic limbs or weapons, ideally providing 'force feedback' for proportional control, dexterity and accuracy. Remote control/direction of animal

Voting has commenced on the D raft I nternational S tandard ISO/IEC 27091 on AI privacy, with national standards bodies invited to vote and comment by Feb 25th 2026. I have updated the standard's page on this website , based on a brief skim-reading of the DIS, so far. I will update that page if I find the time to study the standard properly and reconsider my opinions. In summary, although I have concerns about the scope, focus and coverage of the standard, it does offer us