Last month I discussed Google’s advances in health and artificial intelligence, specifically the ability to MedGemma and MedSigLIP to analyze medical images. But writing about health is more problematic. Either that, or Google AI is growing body parts such as the “basilar ganglia.”
“In their May 2024 research paper introducing a healthcare AI model, dubbed Med-Gemini, Google researchers showed off the AI analyzing brain scans from the radiology lab for various conditions.
“It identified an “old left basilar ganglia infarct,” referring to a purported part of the brain — “basilar ganglia” — that simply doesn’t exist in the human body. Board-certified neurologist Bryan Moore flagged the issue to The Verge, highlighting that Google fixed its blog post about the AI — but failed to revise the research paper itself.”
A little scary…especially the fact that it took a year to discover the error, a conflation of the basal ganglia (in the brain) and the basilar artery (at the brainstem). There’s no “basilar ganglia” per se.
And the MedGemma engine that I discussed last month has its own problems.
“Google’s more advanced healthcare model, dubbed MedGemma, also led to varying answers depending on the way questions were phrased, leading to errors some of the time.”
One could argue that the same thing could happen with humans. After all, if a patient words a problem in one way to one doctor, and in a different way to a different doctor, you could also have divergent diagnoses.
But this reminds us that we need to fact-check EVERYTHING we read.
Some of you may remember the Pink Floyd song “Us and Them.” The band had a history of examining things from different perspectives, to the point where Roger Waters and the band subsequently conceived a very long playing record (actually two records) derived from a single incident of Waters spitting on a member of the audience.
Is it OK to spit on the audience…or does this raise the threat of the audience spitting on you? Things appear different when you’re the recipient.
And yes, this has everything to do with generative artificial intelligence and pornographic deepfakes. Bear with me here.
Non-Consensual Activity in AI Apps
My former IDEMIA colleague Peter Kirkwood recently shared an observation on the pace of innovation and the accompanying risks.
“I’m a strong believer in the transformative potential of emerging technologies. The pace of innovation brings enormous benefits, but it also introduces risks we often can’t fully anticipate or regulate until the damage is already visible.”
Marr begins by explaining what “nudification apps” can do, and notes the significant financial profits that criminals can realize by employing them, Marr then outlines what various countries are doing to battle nudification apps and their derived content, including the United States, the United Kingdom, China, and Australia.
But then Marr notes why some people don’t take nudification all that seriously.
“One frustration for those campaigning for a solution is that authorities haven’t always seemed willing to treat AI-generated image abuse as seriously as they would photographic image abuse, due to a perception that it isn’t real’.”
First they created the deepfakes of the hot women
After his experiences under the Nazi regime, in which he transitioned from sympathizer to prisoner, Martin Niemoller frequently discussed how those who first “came for the Socialists” would eventually come for the trade unionists, then the Jews…then ourselves.
And I’m sure that some of you believe I’m trivializing Niemoller’s statement by equating deepfake creation with persecution of socialists. After all, deepfakes aren’t real.
“Being targeted by deepfake nudes is profoundly distressing, especially for adolescents and young adults. Deepfake nudes violate an individual’s right to bodily autonomy—the control over one’s own body without interference. Victims experience a severe invasion of privacy and may feel a loss of control over their bodies, as their likeness is manipulated without consent. This often leads to shame, anxiety, and a decreased sense of self-worth. Fear of social ostracism can also contribute to anxiety, depression, and, in extreme cases, suicidal thoughts.”
And again I raise the question. If it’s OK to create realistic-looking pornographic deepfakes of hot women you don’t know, or of children you don’t know, then is it also OK to create realistic-looking pornographic deepfakes of your own family…or of you?
Guardrails
Imagen 4.
The difficulty, of course, is enforcing guardrails to stop this activity. Even if most of the governments are in agreement, and most of the businesses (such as Meta and Alphabet) are in agreement, “most” does not equal “all.” And as long as there is a market for pornographic deepfakes, someone will satisfy the demand.
It seems that some so-called “businesses” are using an EIN as a facade for illegal activity…and insufficient identity assurance is preventing the fraudsters from being caught.
Obtaining Employer Identification Numbers to commit tax fraud
What is an EIN? In the same way that U.S. citizens have Social Security Numbers, U.S. businesses have Employer Identification Numbers. It’s not a rigorous process to get an EIN; heck, Bredemarket has one.
But maybe it needs to be a little more rigorous, according to TIGTA.
“EINs are targeted and used by unscrupulous individuals to commit fraud. In July 2021, we reported that there were hundreds of potentially fraudulent claims for employer tax credits….Further, in April 2024, our Office of Investigations announced that it helped prevent $3.5 billion from potentially being paid to fraudsters. Our special agents identified a scheme where individuals obtained an EIN for the sole purpose of filing business tax returns to improperly claim pandemic-related tax credits.”
Yes, that’s $3.5 billion with a B. That’s a lot of fraud.
Perhaps the pandemic has come and gone, but the temptation to file fraudulent business tax returns with an improperly-obtained EIN continues.
Facade.
Enter the Identity Assurance Level
So how does the Internal Revenue Service (IRS) gatekeep the assignment of EINs?
By specifying an Identity Assurance Level (IAL) before assigning an EIN.
Specifically, Identity Assurance Level 1.
“In December 2024, the IRS completed the annual reassessment of the Mod IEIN system. The IRS rated the identity proofing and authentication requirements at Level 1 (the same level as the initial assessment in January 2020).”
IAL1 doesn’t “assure” anything…except continued tax fraud
If you’ve read the Bredemarket blog or other biometric publications, you know that IAL1 is, if I may use a technical term, a “nothingburger.” The National Institute of Standards and Technology (NIST) says this about IAL1:
“There is no requirement to link the applicant to a specific real-life identity. Any attributes provided in conjunction with the subject’s activities are self-asserted or should be treated as self-asserted (including attributes a CSP asserts to an RP). Self-asserted attributes are neither validated nor verified.”
If that isn’t a shady way to identity a business, I don’t know what is.
But I agree with TIGTA’s assertion that Identity Assurance Level 2, with actual evidence of the real-world identity, should be the minimum.
Does your firm offer an IAL2/IAL3 product?
And if your identity/biometric firm offers a product that conforms to IAL2 or IAL3, and you need assistance creating product marketing content, talk to Bredemarket.
Bredemarket provides several services, but one service I don’t provide is custom software development.
Even though I’ve launched mobile apps.
Well, not really.
During my final years at MorphoTrak, I handled speaker and session coordination for the company’s annual Users Conference. Among my duties were managing the loading of speaker and session biographies into the CVENT-powered conference website.
CVENT had a sister mobile app known as CrowdCompass that allowed presentation of the information in mobile form. I briefly mentioned the app before. You would load your information into the existing framework, and then CVENT would facilitate the approval of your custom app in the App Store and Google Play.
From a Google search.
I found an online reference to one of my old apps, but the app itself does not appear to be on the CNET website.
And you know that picture of me at a podium, waving my arm around? I was evangelizing my app to the Users Conference crowd.
Evangelizing my so-called custom software development.
The song, incidentally, is “LoFi Chill Beat.” The Spotify link for the full song is here, although so far I’ve only used the first 36 seconds of the song.
There are laws, and there are regulations. In California, we are modifying the latter.
Before launching into these regulatory changes, remember that the CCPA is the California Consumer Privacy Act, while the CPPA is the California Privacy Protection Agency. (There’s also a CPRA, the California Privacy Rights Act.)
Imagen 4.
I have attached the May 2025 version of the “Modified Text of Proposed Regulations,” specifically regarding changes to the California Consumer Privacy Act regulations. They affect automated decision-making, conducting risk assessments, and performing cybersecurity audits.
The regulations will now head to the California Office of Administrative Law for final review before they can be formally enacted.
In the meantime, we have this thingie, in which
The initial proposal (noticed on November 22, 2024) is illustrated by blue underline for proposed additions and red strikethrough for proposed deletions, unless otherwise indicated, as in Articles 9, 10, and 11. Changes made after the 45-day comment period are illustrated by purple double underline for proposed additions and orange double strikethrough for proposed deletions.
When you get to the purple double underline and orange double strikethrough stage, you know things are getting serious.
When engineers engineer products, they naturally pack in as many features as possible. Why? Because engineers, um, calculate that prospects desire a wide array of features.
Proposal managers and product marketers know the truth. Some prospects find too many features to be undesirable.
But first, a quote
From Biometric Update.
This quote from my Biometric Update guest post is pertinent. These are three of my recommendations to biometric vendors (and other identity vendors) to ensure responsible data use.
“Collect only the minimum necessary personal information. If you don’t need certain data, don’t collect it. If it’s never collected, fraudster hackers can never steal it.
“Store only the minimum necessary personal information. If you don’t need to keep certain data, don’t store it. I’m sure our decentralized identity friends will agree with this.
“Comply with all privacy laws and regulations. This should be a given, but sometimes vendors are lax in this area. If your firm violates the law, and you are caught, you will literally pay the price.”
Two of these three recommendations came into play shortly after I wrote those words.
When “feature-rich” is undesirable
I recently fulfilled two roles for a Bredemarket client: first a proposal manager, and rhen a requirements manager. And as my role shifted, my focus shifted also.
Bredemarket the proposal manager
Hundreds of proposals. Imagen 4.
Some time ago I helped a Bredemarket client manage and write a proposal for a prospect. I can’t identify the client or the prospect, but I will just say that the proposal was for a product that collected personally identifiable information (PII).
The proposal not only presented the features of my client’s product, but also the benefits. And it presented several alternative configurations to the prospect, including an array of value-added options.
Bredemarket the requirements manager
Fast forward after proposal submission, and after my Biometric Update guest post was published.
The prospect wanted to hold further discussions with Bredemarket’s client, and Bredemarket shifted from consulting proposal manager to consulting requirements manager.
The prospect’s first request?
Remove ALL the proposal’s value-added options from the final deliverable.
Not because of cost, but because these value-added features would make the prospect’s life MORE difficult.
While the prospect had no issue with the data that the supercharged value-added configured product collected, it had other concerns:
Some of the storage features of the value-added product ended up storing things the prospect didn’t need or want to store.
In addition, the value-added product caused privacy issues with the prospect’s own end customers.
An added benefit to removing these features: the slimmed-down product would be easier for the prospect to manage.
Reduce. Imagen 4.
Sometimes less is more, as a sculpture artist will tell you. A huge hunk of marble is less desirable than a sculpture in which much of the marble was taken away.
If you need Bredemarket to help shape your proposals, requirements, or other content or analysis, let’s talk.
Do your technology company’s prospects know about you?
How can your technology company increase product benefit awareness right now?
(“Right Now” is a song. Keep tuned for another song reference.)
Before showing you how to do this, let’s take a closer look at three words in the title: product, benefit, and awareness.
Then we’ll get into the how: have, know, write, and publish.
And one more “how” if blogging is hard.
Three words break the code of indifference
No apologies for the section heading, but since her dad died, Kelly Osbourne’s best song (albeit with a curious history) has been on my mind.
While Osbourne’s one word breaks the code of silence, the three words that I chose for my post title break the code of indifference. And I chose each of them—product, benefit, and awareness—carefully.
Word One: Product
Companies talk about a lot of things. Their “why” story. Their great place to work award. Their social/moral/ethical conscience.
Right now I don’t care about any of that. I care about the company’s products or services: the way they make money.
Product firms need products. Imagen 4.
Because if prospects don’t buy these products and become customers, then their why story and awards and conscience count for zilch. There’s a time to share those stories, but for now let’s focus on the product story.
Word Two: Benefit
Now once you look at those products, they have a bunch of features. The ability to capture fingerprints at 1,000 pixels per inch. The ability to complete a third-party risk management analysis in hours, not months. The ability to deliver a completely vetted blog post in days, not weeks.
Right now I don’t care about any of that. I care about the benefits the product brings to the prospect: the things that will make them become a customer.
Revenue is definitely beneficial. Imagen 4.
Because prospects don’t care about you; they only care about themselves. And if your product doesn’t provide tangible benefits to them, they’ll ignore it.
Word Three: Awareness
The third word differs from the other two, because there are multiple answers that are equally valid. I’ve just chosen to focus on one. If you subscribe to the notion of an ordered funnel (some marketers instead believe in a messy middle), then all prospects enter at the beginning of the funnel, and a subset of those prospects exit as buying customers at the end of the funnel. Using a simple three-stage funnel model, you can define those three stages as awareness, consideration, and conversion.
Right now I don’t care about consideration or conversion, although they’re obviously important. (If you have no conversions, you have no revenue, and you have no company.) For my purposes I’m focusing on awareness, or the stage in which a prospect discovers that your company has a product or service that benefits them.
Awareness. Imagen 4.
So how can you raise awareness of the benefits of your product to your prospects? There are multiple methods: text, images, videos, quizzes, contests, webinars, and podcasts. Bredemarket uses many of these methods via its social media channels. But today I’m going to focus on one particular method: blog posts. But we’ll cover some of the other ones also.
One blog breaks the lack of knowledge
The reason that I’m so gung-ho about blog posts is that they can be created and distributed very quickly. Press releases can take a long time. Videos, even longer. Webinars, even longer still.
Compare that to a blog post. A sole proprietor can generate a blog post in an hour. A company can get an emergency blog post out in the same time, provided the right people are in the room.
But before you can wow the world with your product’s benefits to your prospects, you have to go through several steps. The four steps listed here (have, know, write, and publish) are somewhat, but they paint the broad brush strokes.
Step One: Have a blog site (or equivalent)
This sounds obvious, but if you don’t have a blog site, you can’t post a blog.
Using myself as an example, my Bredemarket website is hosted by WordPress. And the website has an area where I’ve filed over a thousand blog posts, including this one.
Step Two: Know what you’re going to say, and why you’re saying it (I ask…)
I could spend ten blog posts talking about this step alone. It’s a loaded step encompassing both strategic and tactical elements. Vision. Mission. Positioning and messaging. And finally, the topic that you want to address in this single blog post.
For now I’ll just say that you should take a deep breath before putting pen to paper (or keyboard to file).
Step Three: Write and rewrite what you want to say (…then I act)
I ask, then I act.
But I act iteratively.
In most cases, I don’t just write and post.
I often create what I call a “draft 0.5,” where I get my ideas down, sleep on them, and then take a fresh second look. Often during that second look I cut out half the text.
When working on a project for a Bredemarket client, the text bounces between me and the client. I’ll write the first draft, then the client will review it and offer suggestions, and then I’ll rewrite it. For shorter text I’ll usually have two review cycles, with three review cycles for longer text.
The important thing is to get the piece written, reviewed, and approved. While I’ve drafted pieces and sat on them for months, the true benefits of blogging occur when you publish the piece as soon as possible.
Step four: Publish and publicize
When you’re ready, publish the blog post.
Perhaps you want to schedule the post to appear at an optimum time. For example, I am typing these words (or draft 0.5 of them anyway) on Sunday afternoon, knowing full well I won’t post this on Sunday afternoon. I’m thinking Tuesday morning.
And maybe there’s a reason why you want to publish a post at a particular time. If a trade show begins on Monday September 15, you may want to publish the promotional blog post on Friday September 12.
Once you’ve posted, publicize it.
If your company has an array of social media channels, you have two choices. Either you can post a link to the blog post on the social channel, or you can encapsulate the message from the blog post and repurpose it for the social channel without linking externally. Whatever gets the message out.
Taking an example from myself, I created a video entitled “Landscape (Biometric Product Marketing Expert)” on Sunday morning. I shared this video in a blog post. I also shared it in social media posts on Bluesky, Facebook, Instagram, LinkedIn, Substack, Threads, TikTok, WhatsApp, and YouTube. The only current social channels where I didn’t share it were Flip (because it’s…landscape). If I wanted to, I could have assembled a video or created a podcast or hosted a webinar. Oh, and I’m sharing it again. (Right now.)
Landscape (Biometric Product Marketing Expert).
Depending upon your thinking time, your drafting time, and your review cycles, you can get your message out to your prospects within a week…or even within a day.
Not too bad.
But I can’t do all that!
For some people, the idea of writing a blog post can be overwhelming.
That’s why Bredemarket is here to help you increase your tech company’s product benefit awareness. (Right now.)
If you have a blog site (or a LinkedIn, Facebook, or other equivalent) and are ready to get your message out, let’s talk about next steps.
If your company employs biometrics to identify people rather than to monitor their health readings, then you don’t care about the Orlando where visitors wear hats with mouse ears.
Bredemarket 