Two Georgia Tech students are in the development stages for…
Two Georgia Tech students are in the development stages for Steps of Knowledge – a U.S.-based company that uses artificial intelligence to analyze the walking gaits of individuals to determine the identity of these individuals. The videos used for this analysis are acquired from video cameras on urban streets. Although the company has yet to earn any annual gross revenues, Steps of Knowledge expects its primary clients will be major sporting events, such as Major League Baseball games, where the company will be contracted to identify known terrorists attempting to enter the venues. Each of these stadiums will have a seating capacity of at least 25,000 people. Due to legal concerns related to newly enacted state comprehensive privacy laws, Steps of Knowledge decides not to originally roll out the company in these states. Steps of Knowledge’s two founders have expressed concern over the possibility of a nation-state attack, where a foreign government would be seeking to steal the company’s patented technology. The company’s Chief Privacy Officer is concerned about whether the company will need to comply with state data breach notification laws if a nation-state attack occurs. In determining whether Steps of Knowledge’s data is subject to most state data breach notification laws, which potentially conflicting issues will the Chief Privacy Officer likely need to examine?