Resources
Studies and Academic Papers Cited in Book
Alder, S. “More than 1/3 of Data Breaches Due to Third Party Supplier Compromise”
Balonis, Frank. “When AI Learned to Pick Digital Locks: Why Your Compliance Framework Just Became Obsolete.”
Catalan, M. “Geopolitics and Fragmentation Emerge as Serious Financial Stability Threats” (IMF Blog)
Columbia Journal of Transnational Law. “The Promise and Perils of China’s Regulation of AI”
Duane Morris. “DMCAR Trend #7 – Data Breaches Give Rise to an Unprecedented Number of Class Action Filings”
EY. “Responsible AI Pulse Survey”
Gartner. “Gartner Says Worldwide AI Spending Will Total $1.5T in 2025”
IAPP. “Privacy and Consumer Trust Report”
IBM. “Cost of a Data Breach Report 2025”
IBM. “Trends that Will Shape AI in Tech in 2026”
Khan, Shaharyar et al. “A Systematic Analysis of the Capital One Data Breach: Critical Lessons Learned”
McKinsey. “Why Digital Trust Truly Matters”
Pew Research Center. “How Americans View AI and Its Impact on People and Society”
SecurityScorecard. “2025 Third-Party Breach Report”
SoftServe. “Bad Data Makes Bad Decisions”
Solove, Daniel J. “Privacy and Power: Computer Databases and Metaphors for Information Privacy”
Stanford University. “AI Index Report 2025”
“Understanding the Modern Russian Police”
University of Melbourne & KPMG. “Trust, Attitudes and Use of AI: A Global Study”
Usercentrics. “The State of Digital Trust in 2025”
White & Case & KPMG. “2023 Global Compliance Risk Benchmarking Survey: Third-Party Management”
World Economic Forum. “Global Cybersecurity Outlook 2025”
Balonis, Frank. “When AI Learned to Pick Digital Locks: Why Your Compliance Framework Just Became Obsolete.”
Catalan, M. “Geopolitics and Fragmentation Emerge as Serious Financial Stability Threats” (IMF Blog)
Columbia Journal of Transnational Law. “The Promise and Perils of China’s Regulation of AI”
Duane Morris. “DMCAR Trend #7 – Data Breaches Give Rise to an Unprecedented Number of Class Action Filings”
EY. “Responsible AI Pulse Survey”
Gartner. “Gartner Says Worldwide AI Spending Will Total $1.5T in 2025”
IAPP. “Privacy and Consumer Trust Report”
IBM. “Cost of a Data Breach Report 2025”
IBM. “Trends that Will Shape AI in Tech in 2026”
Khan, Shaharyar et al. “A Systematic Analysis of the Capital One Data Breach: Critical Lessons Learned”
McKinsey. “Why Digital Trust Truly Matters”
Pew Research Center. “How Americans View AI and Its Impact on People and Society”
SecurityScorecard. “2025 Third-Party Breach Report”
SoftServe. “Bad Data Makes Bad Decisions”
Solove, Daniel J. “Privacy and Power: Computer Databases and Metaphors for Information Privacy”
Stanford University. “AI Index Report 2025”
“Understanding the Modern Russian Police”
University of Melbourne & KPMG. “Trust, Attitudes and Use of AI: A Global Study”
Usercentrics. “The State of Digital Trust in 2025”
White & Case & KPMG. “2023 Global Compliance Risk Benchmarking Survey: Third-Party Management”
World Economic Forum. “Global Cybersecurity Outlook 2025”
Statutory and Legislative Resources Referenced in the Book
Australian Privacy Act (as amended)
California AI AB 2885
California Consumer Privacy Protection Act (as amended)
California Transparency in Frontier Artificial Intelligence Act
Canadian Personal Information Protection and Electronic Documents Act (PIPEDA)
China’s Proposed Draft of its AI Law (EN)
Colorado AI Act
EU AI Act (EN)
EU Charter of Fundamental Rights
EU Cyber Resilience Act (EN)
EU Data Act (EN)
EU Data Governance Act (EU DGA) (EN)
EU Digital Markets Act (EU DMA) (EN)
EU Digital Operations Resilience Act (DORA) (EN)
EU Directive on Measures for a Common Level of Cybersecurity (NIS 2 Directive)
EU General Data Protection Regulation (GDPR)
Gramm-Leach-Bliley Act Privacy Rule
HIPAA
Japanese Act on the Protection of Personal Information (EN)
National Conference of State Legislatures – Data Security
National Conference of State Legislatures – Digital Privacy
South Korea AI Basic Act (Summary EN)
Summary of Canadian Privacy Laws (Including Provincial Laws)
Summary of Chinese Privacy and Security Laws
UN Universal Declaration of Human Rights
United Nations Trade & Development – Global Cyberlaw Tracker
US Federal Trade Commission Act
US Protecting Americans’ Data from Foreign Adversaries Act (PADFAA)
Washington My Health My Data Act
California AI AB 2885
California Consumer Privacy Protection Act (as amended)
California Transparency in Frontier Artificial Intelligence Act
Canadian Personal Information Protection and Electronic Documents Act (PIPEDA)
China’s Proposed Draft of its AI Law (EN)
Colorado AI Act
EU AI Act (EN)
EU Charter of Fundamental Rights
EU Cyber Resilience Act (EN)
EU Data Act (EN)
EU Data Governance Act (EU DGA) (EN)
EU Digital Markets Act (EU DMA) (EN)
EU Digital Operations Resilience Act (DORA) (EN)
EU Directive on Measures for a Common Level of Cybersecurity (NIS 2 Directive)
EU General Data Protection Regulation (GDPR)
Gramm-Leach-Bliley Act Privacy Rule
HIPAA
Japanese Act on the Protection of Personal Information (EN)
National Conference of State Legislatures – Data Security
National Conference of State Legislatures – Digital Privacy
South Korea AI Basic Act (Summary EN)
Summary of Canadian Privacy Laws (Including Provincial Laws)
Summary of Chinese Privacy and Security Laws
UN Universal Declaration of Human Rights
United Nations Trade & Development – Global Cyberlaw Tracker
US Federal Trade Commission Act
US Protecting Americans’ Data from Foreign Adversaries Act (PADFAA)
Washington My Health My Data Act
Regulatory and Administrative Resources Cited in the Book
ENISA Cybersecurity Certification Framework
EU General Purpose AI Code of Practice
EU HUDERIA Methodology
EU prEN – Quality Standard for AI
European Data Protection Board – Guidance on Calculating Administrative Fines
European Data Protection Board – Data Protection by Design and by Default
FTC Privacy and Security Enforcement
GDPR Enforcement Tracker
New York State Department of Financial Services Cybersecurity Regulations
US CISA – Security by Design and Default
US EO 14177 Compliance Guidance
US EO 14117 – Bulk Transfer Rule
US Executive Order on Artificial Intelligence Policy
US FFIEC Cybersecurity Guidance for Financial Institutions
US HIPAA Data Breach Notification Rule
US HIPAA Privacy Rule
US HIPAA Security Rule
US NIST AI Risk Management Framework
US NIST Cybersecurity Framework 2.0
US NIST Privacy Framework
EU General Purpose AI Code of Practice
EU HUDERIA Methodology
EU prEN – Quality Standard for AI
European Data Protection Board – Guidance on Calculating Administrative Fines
European Data Protection Board – Data Protection by Design and by Default
FTC Privacy and Security Enforcement
GDPR Enforcement Tracker
New York State Department of Financial Services Cybersecurity Regulations
US CISA – Security by Design and Default
US EO 14177 Compliance Guidance
US EO 14117 – Bulk Transfer Rule
US Executive Order on Artificial Intelligence Policy
US FFIEC Cybersecurity Guidance for Financial Institutions
US HIPAA Data Breach Notification Rule
US HIPAA Privacy Rule
US HIPAA Security Rule
US NIST AI Risk Management Framework
US NIST Cybersecurity Framework 2.0
US NIST Privacy Framework
Publicly Reported Case Studies and Enforcement Decisions Cited in the Book
23andMe Data Breach
Forrester – Apple Aims to Make Transparency the Core of Its Trust Strategy
FTC Adobe Case
FTC Cerebral Case
FTC Drizly Case
FTC InMarket Media Case
FTC Ring Case
FTC Uber Case
Weisbaum, NBC News. “Trust in Facebook Has Dropped by 66%”
New South Wales ChatGPT Data Leak
Norway Meta Case
NOYB Clearview AI Austrian Criminal Case
Optum Impact Pro Case Study
Portiz, Isaiah. “Google Hit with $425 Million Jury Verdict in Privacy Trial”
Forrester – Apple Aims to Make Transparency the Core of Its Trust Strategy
FTC Adobe Case
FTC Cerebral Case
FTC Drizly Case
FTC InMarket Media Case
FTC Ring Case
FTC Uber Case
Weisbaum, NBC News. “Trust in Facebook Has Dropped by 66%”
New South Wales ChatGPT Data Leak
Norway Meta Case
NOYB Clearview AI Austrian Criminal Case
Optum Impact Pro Case Study
Portiz, Isaiah. “Google Hit with $425 Million Jury Verdict in Privacy Trial”
Write me anything
We would like to hear back from you. Let us know your thoughts about The Confidence Advantage. If you have any questions about its methodologies or would like to discuss arranging a private client briefing with your executive team, please contact us.
© 2026. All rights reserved by BRG