Consumer protection

Vodafone fined €45 million in Germany over data privacy violations

German data protection authorities have imposed a €45 million ($51.2 million) fine on Vodafone for what they described as serious data privacy breaches involving both third-party sales practices and weak digital security systems. The Federal Commissioner for Data Protection (BfDI) cited ‘malicious behaviour’ by partner agencies and security flaws that allowed unauthorised access to customer accounts.

Investigators found that some of Vodafone’s partner agencies engaged in fraudulent conduct, including altering or forging contracts to the detriment of customers. Vodafone was fined €15 million for failing to properly supervise these partners, as required by the European Union’s General Data Protection Regulation (GDPR).

Additionally, a €30 million fine was levied due to vulnerabilities in Vodafone’s customer authentication systems, which potentially allowed outsiders to access sensitive services like eSIM profiles. Vodafone has acknowledged the issues, attributing them to inadequate data protection checks at the time.

The company expressed regret for the impact on customers and emphasized that under new management, it has overhauled its data protection protocols to prevent future breaches.

Louisa Specht-Riemenschneider, Germany’s federal data protection commissioner, underscored the importance of data security, stating that user trust in digital services depends on strong safeguards. She added that proper compliance can even be a competitive advantage, as EU regulators continue to crack down on companies that violate GDPR standards.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Cyber attacks and ransomware rise globally in early 2025

Cyber attacks have surged by 47% globally in the first quarter of 2025, with organisations facing an average of 1,925 attacks each week.

Check Point Software, a cybersecurity firm, warns that attackers are growing more sophisticated and persistent, targeting critical sectors like healthcare, finance, and technology with increasing intensity.

Ransomware activity alone has soared by 126% compared to last year. Attackers are no longer just encrypting files but now also threaten to leak sensitive data unless paid — a tactic known as dual extortion.

Instead of operating as large, centralised gangs, modern ransomware groups are smaller and more agile, often coordinating through dark web forums, making them harder to trace.

The report also notes that cybercriminals are using AI to automate phishing attacks and scan systems for vulnerabilities, allowing them to strike with greater accuracy. Emerging markets remain particularly vulnerable, as they often lack advanced cybersecurity infrastructure.

Check Point urges companies to act decisively by adopting proactive security measures, investing in threat detection and employee training, and implementing real-time monitoring. Waiting for an attack instead of preparing in advance could leave organisations dangerously exposed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Bing rolls out Sora powered video maker

Microsoft has launched a new feature in its Bing app called Bing Video Creator, allowing users to generate videos using text prompts. That tool leverages OpenAI’s advanced Sora model, marking the first time Sora is available for free to the public, as it was previously restricted to paying OpenAI customers.

However, the feature is currently limited to the Bing mobile app and is not yet accessible on desktop. To use the service, users must be signed into a Microsoft account.

Initially, they can create up to 10 videos for free; after that, each video costs 100 Microsoft Rewards points, which can be earned by searching with Bing or shopping in the Microsoft Store. For instance, users get five points for each Bing search on a PC, up to 150 points daily.

Each video is limited to five seconds and must be generated in vertical 9:16 format, a layout ideal for social media platforms like TikTok and Instagram. Users can generate up to three clips at a time.

Although labelled ‘fast’ mode, the generation process may still take hours. Microsoft says support for horizontal formats is on the way.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Microsoft lets European users silence Edge prompts

Microsoft is extending its Digital Markets Act compliance measures by further loosening Windows’ grip on its in-house apps across the European Economic Area.

Users can now uninstall the Microsoft Store and will no longer face Edge pop-ups unless they launch the browser themselves.

Edge version 137.0.3296.52, released on 29 May, activates the changes immediately in the region. Choosing an alternative browser such as Chrome or Firefox now pins it to the taskbar by default and automatically handles a wider range of link and file types, including ftp and svg.

Wider deployment across Windows 10 and 11 is scheduled for July. Microsoft says Store-delivered apps will keep receiving updates even if the storefront is removed, and it can be restored at any time.

Bing, Widgets and the Lock Screen will also respect the new default browser once early June updates arrive.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Customer data stolen in cyber attacks on Cartier and North Face

Fashion brand The North Face and luxury jeweller Cartier have confirmed recent cyber attacks that exposed customer data, including names and email addresses.

Neither company reported breaches of financial or password information.

North Face identified the attack as a credential stuffing attempt, where previously stolen passwords are used to break into other accounts.

Affected customers are being advised to change their login details, while the company’s owner, VF Corporation, continues recovering from an earlier incident.

Cartier said the breach allowed brief access to limited client data but insisted that it quickly secured its systems.

Retailers such as Adidas, Victoria’s Secret, Harrods, and M&S have all been hit in recent months, prompting warnings that the industry remains an attractive target for cyber criminals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI to take over all Meta ads under new plan

Meta is preparing to transform digital advertising on its platforms, with reports indicating that by 2026, all adverts on Facebook and Instagram could be fully created and targeted using AI.

The company’s vision would see AI tools take over the entire process—from ad generation to audience selection—requiring advertisers to provide only a product image and budget.

Since introducing generative AI features for advertisers in May 2023, Meta has continued to expand its automation capabilities. Currently, AI plays a major role in targeting ads across Meta’s platforms.

Under the new system, Meta’s AI will go several steps further by generating text, visuals, and video, as well as optimising ad delivery for the most suitable audience.

The initiative is aligned with CEO Mark Zuckerberg’s broader vision of AI-led automation, especially within advertising—Meta’s financial backbone, which accounted for over 97% of the company’s revenue last year.

Speaking at Meta’s annual shareholder meeting, Zuckerberg outlined a future where businesses simply define their marketing goal and budget, link a payment method, and allow Meta’s AI to handle the rest.

The company is also developing real-time personalisation tools. These will allow the same ad to appear differently depending on a user’s location or context—for example, showing a car in snowy terrain to one user, while another might see it in an urban setting.

Meta is also exploring integration with third-party AI models such as DALL·E and Midjourney to further enhance creative capabilities.

This move follows similar developments by rivals like Google, which recently launched its Veo video generation model. With AI continuing to reshape the advertising landscape, Meta is betting on full automation as the next frontier in digital marketing.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto adoption rises in Latin America as financial pressure grows

Latin Americans are turning to crypto not for speculation, but to escape inflation, transfer funds abroad, and bypass strict financial systems. Decades of economic instability have eroded trust in traditional banks, pushing people towards digital alternatives.

Major firms such as Binance and Mercado Pago are expanding services to meet this demand.

Binance Pay now integrates with Brazil’s Pix payment system, allowing seamless crypto-to-fiat transactions. Mercado Pago has applied for a digital banking licence in Argentina to offer more financial services, including crypto, within a regulated framework.

In countries like Argentina and Mexico, stablecoins support everyday transactions and remittances. Bitcoin use is growing across the region, especially where banking access is limited.

Banks are under pressure to evolve. Some, like Brazil’s BTG Pactual, are launching their own blockchain tools. As demand surges, crypto continues reshaping Latin America’s financial future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

France cracks down on organised kidnapping ring targeting crypto leaders

Twenty-five people, including six minors, have been charged in Paris for kidnappings and attempted abductions of France’s crypto leaders. Eighteen are in pre-trial detention, others await court or are under supervision. Ages range from 16 to 23.

The investigation began with a 13 May daylight kidnapping attempt in eastern Paris, aimed at the daughter and grandson of Paymium’s CEO, Pierre Noizat. Prior failed attempts and a separate foiled abduction near Nantes earlier in the week are also linked to the case.

Video footage showed masked attackers assaulting Noizat’s family, who were hospitalised with minor injuries. Noizat praised those who defended his family during the attack.

Most suspects are French-born, with some from Senegal, Angola, and Russia. Authorities say the accused include both those who carried out the abductions and those responsible for logistics.

Defence lawyers highlighted the youth of some defendants and their vulnerability to criminal influence. The wave of kidnappings has raised national security concerns, prompting government efforts to protect wealthy crypto entrepreneurs.

Last January, Ledger co-founder David Balland was kidnapped, tortured, and ransomed before being freed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Australia tightens rules for crypto ATMs

Australia has imposed stricter rules on crypto ATM operators to curb scams and ensure compliance with anti-money laundering laws. A $5,000 AUD limit now applies to cash deposits and withdrawals, with scam warnings required on all machines.

Operators must also step up customer verification and improve transaction monitoring. These measures follow an AUSTRAC-led investigation that revealed older Australians, particularly those aged 60 to 70, account for a large share of crypto ATM activity.

Authorities noted that some victims were tricked into handing over life savings via these machines.

AUSTRAC has already denied registration renewal to one provider, Harro’s Empires, due to ongoing misuse risks.

The agency warned that other non-compliant operators could face similar penalties. It also urged broader adoption of cash limits across exchanges to reduce financial crime exposure.

To strengthen awareness, AUSTRAC and the federal police have released educational materials to be displayed near ATMs. The move comes amid rising scam reports, with 150 confirmed cases and over $3.1 million AUD in losses reported within a year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Singapore orders crypto firms to stop overseas activity by June

Singapore’s central bank, the Monetary Authority of Singapore (MAS), has mandated all local crypto service providers to halt digital token operations targeting overseas markets by 30 June 2025. Firms failing to comply risk fines of up to S$250,000 (£145,000) and imprisonment for up to three years.

The directive applies to any Singapore-based company, individual, or partnership offering digital token services abroad, regardless of their main business. MAS confirmed no transitional arrangements will be made.

Only firms licensed under current financial laws may continue without breaching the rules.

Licences for overseas digital token services will be rare due to strict AML and CFT concerns. Industry experts advise companies to restructure operations quickly to remove Singapore connections and reduce compliance risks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!