TPRM: When the Board Gets Involved

As promised, I am going to continue to write about third-party risk management (TPRM).

And as the abstract for a September 9 Gartner roundtable points out, TPRM isn’t just the concern of the Chief Information Security Officer (CISO) any more…

“Third-party networks are expanding, with startups and business model innovators increasingly joining them. The increasing high risk in these networks is prompting boards and senior leaders to enhance and better focus their oversight of TPRM programs.”

Yes…the Board. (Of Directors.)

Now the CISO is sweating bullets.

Graber Olive House…Re-opening?

From Debra Dorst-Porada’s Instagram:

“THE GRABER FAMILY CORDIALLY INVITES YOU TO A NEIGHBORHOOD MEETING ΤΟ LEARN ABOUT THE RE-OPENING & FUTURE PLANS FOR THE GRABER OLIVE HOUSE

“TUESDAY JUNE 10TH, 5:30PM TO 6:30PM GRABER OLIVE HOUSE “CASA DEL OLIVO” 315 E 4TH STREET, ONTARIO CA 91764 LIGHT REFRESHMENTS PROVIDED. NO RSVP REQUIRED.

“ANY QUESTIONS PLEASE EMAIL THE GRABER FAMILY AT: THEGRABEROLIVEHOUSE@GMAIL.COM”

The Most Shocking News of the Week: A Free ISO Standard!

I have observed that we are living in a time of uncertainty, in which surprises happen every day.

This week has been no exception. As I type this, Donald Trump and Elon Musk are feuding, with accusations of pedophilia leveled against Trump, threats to yank the government contracts of Musk, and who knows what all. Just a typical week in Washington.

But that’s nothing compared to the shocking news I learned Friday morning.

Sit down and don’t bother to bring out your CHF wallet

Biometric Update just published an article that discusses a particular International Organization for Standardization (with the zeds) standard, ISO/IEC-TEC TS 27560:2023, Privacy technologies — Consent record information structure.

  • It’s not shocking that ISO has published a standard. It does this all the time.
  • It’s also not shocking that ISO published a standard on consent. Consent is required by many privacy regulations, and therefore a standard information structure for consent requests is beneficial throughout the European Union, California, Illinois, and elsewhere.

“This document builds upon ISO/IEC 29184 by addressing the concept of giving the PII principal a record for their own recordkeeping, which includes information about the PII processing agreement and interaction. We call this record the “consent receipt”.

“This document specifies a structure that is used by both principals in consent management: namely a specification for data to be held by the organization to allow record-keeping with good integrity (subject to the defined controls), and an artefact (the “consent receipt”) that is given to the individual whose PII is being processed.”

  • No, none of this is the shocking part. I’ll let Chris Burt reveal the surprise, but please sit down before you read this. Emphasis mine.

“The International Standards Organization has published a standard for obtaining and recording consent, as is necessary to legally use people’s biometric data in a number of jurisdictions, and is making it available for free.”

Yes, you read that correctly. FREE. As in ZERO CHF.

ISO doesn’t normally give standards away, but there’s an exception for this one.

As a result, I have “purchased” this ISO standard—the first one that Bredemarket has ever owned.

But I can’t share it with you. Get your own.

LiveView Technologies and Agentic AI-powered Contextual Detection and Behavioral Deterrence

Government Technology shared an article entitled “Talking Agentic AI Cameras: Can They Prevent Crime?” In the article, Nikki Davidson spoke with Steve Lindsey of LiveView Technologies about the surveillance company’s newest capability:

“The technology analyzes footage to detect activity and determine a best course of action. This can include directly speaking to individuals with personalized, AI-generated voice warnings, without human intervention….

“Lindsey explained the newest update with the technology uses contextual detection as well as generative AI behavioral deterrence. He said the new tech doesn’t just automate tasks; it gives AI agents the ability to make smart decisions based on evolving situations — such how to react to different scenarios.”

But a video is worth 10,000 words, so watch the video.

Lindsey clarifies that the intent of the agentic technology is to handle low-priority situations (such as trespassing on private property), while leaving high-priority situations in the capabilities of human security personnel.

I wonder if LiveView Technologies’ object recognition capabilities are able to detect guns as other video analytic programs do.

Identity Verification for Nevada Sex Workers

(Part of the biometric product marketing expert series)

There is a lot of discussion about identity verification for people working in certain jobs: police officers, teachers, financial professionals, and the like.

With one exception.

One job that isn’t frequently discussed in the identity verification world is that of a sex worker. Primarily because sex workers usually don’t undergo identity verification for employment, but identity checks for criminal proceedings.

With a few exceptions. 

In portions of Nevada sex work is legal. But it is heavily regulated. So there are laws in places like Carlin, Nevada that govern prostitute registration and work cards. Among other things:

  • Applicants are fingerprinted and are also required to submit a recent photo.
  • Applicants must provide their birth name and all subsequent “names or aliases used.”
  • Three years of residence addresses and employment information.
  • The applicant criminal record “except minor traffic violations.”
  • “A waiver of release of medical information,” since the nature of the work involves the possibility of transmission of communicable diseases. And you thought being a nuclear power plant worker was dangerous!

Presumably the fingerprints are searched against law enforcement databases, just like the fingerprints of school teachers and the other newer professions.

Why?

“The chief of police shall investigate, through all available means, the accuracy of all information supplied by the prostitute on the registration form.”

Included in the investigation:

  • Controlled substance criminal convictions.
  • Felony convictions.
  • Embezzlement, theft, or shoplifting convictions.
  • Age verification; you have to be 21.

As you can see, the identity verification requirements for sex workers are adapted to meet the needs of that particular position.

But…it takes two to tango.

Brothel clients need to be at least 18 years old.

But I don’t know if Nevada requires client age verification, or if age estimation is acceptable.

From https://www.instagram.com/share/_mMj2BVRh.

Xona Space Systems and 3 Inch Geolocation Accuracy

Our existing GPS is good enough (when not jammed) for a person to drop a bomb, but not good enough for a non-person entity (NPE) to be behind the wheel of a large automobile. And you may ask yourself, “Where is that large automobile?”

“The satellite is the first of a planned constellation called Pulsar, which is being developed by California-based Xona Space Systems. The company ultimately plans to have a constellation of 258 satellites in low Earth orbit. Although these satellites will operate much like those used to create GPS, they will orbit about 12,000 miles closer to Earth’s surface, beaming down a much stronger signal that’s more accurate—and harder to jam. 

“Reid and Manning began to think about how to build a space-based PNT [positioning, navigation, and timing] system that would do what GPS does but better, with accuracy of three inches (10 centimeters) or less and ironclad reliability in all sorts of challenging conditions.”

Quote from https://www.technologyreview.com/2025/06/06/1117978/inside-the-race-to-find-gps-alternatives/

Xona Space Systems website: https://www.xonaspace.com/

Ontario: When Enforcement IS Enforcement

For those who missed my prior post on the topic, the city of Ontario announced mandatory weekly car removal from the street to allow street sweeping.

If your side of the street is scheduled for sweeping, and your car is still on the street, you would get a ticket.

After Ontario revealed the signs, it stated that the fines wouldn’t be enforced until the first full week of May.

So beginning in early May, I religiously ensured my car was off my side of the street by Wednesday noon.

Until Ontario restated that the fines wouldn’t be enforced until the first full week of JUNE.

Who does Ontario think it is? The Transportation Security Administration?

But I kept on moving my car through the end of May, every single week.

After a month of enforcement delay, Wednesday June 4 rolled around. And I reminded myself that I REALLY needed to move my car that morning before noon to avoid a ticket from the city.

You can guess what happened next.

I remembered to move my car…at 2:30 in the afternoon.

And found a $50 ticket that was left at 12:57 in the afternoon.

On the day that it REALLY counted.

I immediately tried to pay my fine online, but the (handwritten) ticket hadn’t been entered into the payment system yet.

I’ve been advised that it may take as long as a month to record the ticket in the payment system.

Sadly, I’m not counting on the system to forget about it.

Even though I have a REAL ID.

Don’t Learn to Code 2

(Imagen 4)

As a follow-up to my first post on this topic, look at the Guardian’s summary article, “Will AI wipe out the first rung of the career ladder?

The Guardian cites several sources:

  • Anthropic states (possibly in self-interest) that unemployment could hit 20% in five years.
  • One quarter of all programming jobs already vanished in the last two years.
  • A LinkedIn executive echoed the pessimism about the future (while LinkedIn hypes its own AI capabilities to secure the dwindling number of jobs remaining).
  • The Federal Reserve cited high college graduate rates of unemployment (5.8%) and underemployment (41.2%).

Read the entire article here.

How Expositor Syndrome Helps Your Firm

What is the opposite of impostor syndrome?

  • The Dunning-Kruger Effect?
  • A delusion of grandeur?

Etymologically, the opposite of impostor syndrome would be expositor syndrome. I asked my buddy Google Gemini to hallucinate a definition, and this is what I got:

“Expositor Syndrome is a hypothetical, non-clinical psychological pattern characterized by an overwhelming and often compulsive urge to explain, clarify, or elaborate upon concepts, ideas, or events, even when such detailed exposition is unsolicited, unnecessary, or redundant. Individuals exhibiting Expositor Syndrome experience a profound discomfort or anxiety if they perceive a potential for misunderstanding or an unstated implication, feeling an internal pressure to “lay bare” all facets of a topic.

“Note: This is a fictional construct, not a recognized medical or psychological condition.”

Gemini actually said a lot more, but I chose not to elaborate.

This, rather than a delusion of grandeur, is considered the opposite of impostor syndrome because an impostor HIDES their true talented self, whereas an expositor ELABORATES and goes on and on about their knowledge. Until their friends become former friends and stop speaking to them.

But can someone exhibit both expositor syndrome and a delusion of grandeur?

Perhaps such a person—if they exist—can still make positive contributions to society.

Such as the Bredemarket 2800 Medium Writing Service, approximately 2800 to 3200 words that (a) answers the WHY/HOW/WHAT questions about you, (b) advances your GOAL, (c) communicates your BENEFITS, and (d) speaks to your TARGET AUDIENCE.

If you need someone to write roughly 3000 words about your identity/biometric or technology firm, request information at https://bredemarket.com/bredemarket-2800-medium-writing-service/

Bredemarket 2800 Medium Writing Service