WeTransfer accused of using its users' files to train an AI

➡️ Yet another example that illustrates why the governance of file sharing tools must remain in the hands of the IT department.

I have always insisted: data sharing outside the company should never be done via unvalidated tools.

This case is emblematic. Yes, WeTransfer claims that its AI is used solely for moderation… but the wording of their Terms of Service remains vague.

And this is not the first warning: in June 2019, a security incident allowed third parties to access files sent in error — impacting 232,000 users.

🎯 Key takeaways:

- Free services are not without cost — especially in terms of security and confidentiality.

- What you share makes your company responsible.

- "Off-the-radar" sharing tools (shadow IT) are a major risk.

- The IT department has a central role: defining the right tools, securing them and supporting teams in their proper use.

📢 Message to all organizations:

- Your data belongs to you. What you do with it is strategic.

- It is essential to educate employees on good digital security practices.

- A tool that is mastered is better than a "practical" but uncontrolled tool.

🙏 I'm curious to hear your feedback:

Have you already identified any non-compliant practices within your organization?

In your opinion, how can the IT department strengthen adherence to validated tools?

#Cybersecurity #CIO #ITGovernance #WeTransfer #ShadowIT #DataProtection #AI

🟡 GROUPEACTIVE 🟣 DSIACTIVE Orange Cyberdefense Cybermalveillance.gouv.fr