A recent report from the US Federal Trade Commission (FTC) has criticised social media platforms for lacking transparency in how they manage user data. Companies such as Meta, TikTok, and Twitch have been highlighted for inadequate data retention policies, raising significant privacy concerns.
Social platforms collect large amounts of data using tracking technologies and by purchasing information from data brokers, often without users’ knowledge. Much of this data fuels the development of AI, with little control given to users. Data privacy for teenagers remains a pressing issue, leading to recent legislative moves in Congress.
Some companies, including X (formerly Twitter), responded by saying that they have improved their data practices since 2020. Others failed to comment. Advertising industry groups defended data collection, claiming it supports free access to online services.
FTC officials are concerned about the risks posed to individuals, especially those not even using the platforms, due to widespread data collection. Inadequate data management by social platforms may expose users to privacy breaches and identity theft.
Xiaomi has urged India’s competition authority to recall an antitrust report concerning Walmart’s Flipkart. The Chinese smartphone maker claims the document contains confidential business information, which should have been redacted. The move could slow the ongoing investigation that began in 2021.
The Competition Commission of India (CCI) has previously responded to similar concerns, such as with Apple, leading to the recall of an antitrust report. Xiaomi is concerned that sensitive data, like model-specific sales figures, was shared without proper redaction, potentially harming its business.
The CCI report also found that e-commerce platforms, such as Amazon and Flipkart, gave preferential treatment to certain sellers, launching exclusive products from companies like Xiaomi. The commission has asked involved parties to return the report, allowing it to be reviewed again for necessary redactions.
Xiaomi’s concern with the report focuses on Flipkart’s involvement, while its dealings with Amazon remain unaffected. The CCI’s broader investigation includes various smartphone companies, with Samsung, Vivo, and Motorola also named for participating in exclusive online product launches.
LinkedIn has paused the use of UK user data to train its AI models after concerns were raised by the Information Commissioner’s Office (ICO). The Microsoft-owned social network had quietly opted users worldwide into data collection for AI purposes but has now responded to the UK regulator’s scrutiny. LinkedIn acknowledged the concerns and expressed willingness to engage with the ICO further.
The decision to halt AI training with UK data follows growing privacy regulations in the UK and the European Union. These rules limit how tech companies, including LinkedIn, can use personal data to develop generative AI tools like chatbots and writing assistants. Like other platforms, LinkedIn had been leveraging user-generated content to enhance these AI models but has now introduced an opt-out mechanism for UK users to regain control over their data.
Regulatory bodies like the ICO continue to monitor big tech companies, emphasising the importance of privacy rights in the development of AI. As a result, LinkedIn and other platforms may face extended reviews before resuming AI-related activities that involve user data in the UK.
The US Commerce Department is set to introduce a new regulation to ban Chinese software and hardware in autonomous and connected vehicles in the country, citing national security concerns. The proposal, expected to be announced soon, reflects growing worries from the Biden administration about the potential risks posed by Chinese companies collecting sensitive data on US drivers and infrastructure. Additionally, there are fears that foreign actors could manipulate connected vehicles, potentially creating significant security threats.
The proposed restrictions would apply to Chinese-made vehicles with communication or autonomous driving systems, escalating trade tensions between the US and China. The proposal follows last week’s move by the Biden administration to impose steep tariffs on Chinese imports, including electric vehicles and key components like batteries. Commerce Secretary Gina Raimondo has been vocal about the potential dangers of Chinese technology in US vehicles, stressing the catastrophic risks if critical software were turned off in large numbers of cars.
President Joe Biden had already initiated a review of whether Chinese vehicle imports posed security threats due to their integration with connected-car technology. The new rules could come into effect gradually, with software restrictions starting as early as the 2027 model year and hardware prohibitions beginning in 2029 or 2030. These measures would cover vehicles equipped with specific Bluetooth, satellite, wireless features and fully autonomous cars capable of operating without drivers.
Why does this matter?
US lawmakers have raised concerns about Chinese companies gathering sensitive data, and the proposed restrictions would also extend to other foreign adversaries like Russia. However, automakers, including major companies like General Motors and Toyota, have expressed worries about the time and complexity required to replace existing systems, noting that vehicle components undergo extensive testing and cannot easily be swapped.
Although Chinese-made vehicles currently make up a small fraction of US imports, the new rule aims to ensure the long-term security of connected cars on US roads. The White House recently approved the final proposal, which would not apply to specialised vehicles like those used in agriculture or mining but will impact all other sectors. The move seems a clear effort to protect the US supply chain in an increasingly connected world where cars function as ‘smartphones on wheels.’
LinkedIn has come under scrutiny for using user data to train AI models without updating its privacy terms in advance. While LinkedIn has since revised its terms, United States users were not informed beforehand, which usually allows them time to make decisions about their accounts. LinkedIn offers an opt-out feature for data used in generative AI, but this was not initially reflected in their privacy policy.
LinkedIn clarified that its AI models, including content creation tools, use user data. Some models on its platform may also be trained by external providers like Microsoft. LinkedIn assures users that privacy-enhancing techniques, such as redacting personal information, are employed during the process.
The Open Rights Group has criticised LinkedIn for not seeking consent from users before collecting data, calling the opt-out method inadequate for protecting privacy rights. Regulatory bodies, including Ireland‘s Data Protection Commission, have been involved in monitoring the situation, especially within regions under GDPR protection, where user data is not used for AI training.
LinkedIn is one of several platforms reusing user-generated content for AI training. Others, like Meta and Stack Overflow, have also begun similar practices, with some users protesting the reuse of their data without explicit consent.
European antitrust regulators will not take action against Microsoft’s acquisition of staff from AI startup Inflection, including its co-founders, following the withdrawal of requests from seven European Union countries. These countries dropped their requests for the European Commission to investigate, due to a recent court ruling that limits the regulator’s ability to examine mergers below the EU’s revenue threshold.
The court ruling has been viewed by some as a correction against regulatory overreach. The European Commission, in response, stated it would not pursue the case further. Despite this, the Commission acknowledged the Microsoft-Inflection deal as a merger due to its restructuring of Inflection’s business focus towards AI development.
The agreement between Microsoft and Inflection represents a significant market shift. Under the EU’s merger rules, it is considered a concentration, reflecting the ongoing transformations in the AI industry.
The Telecom Regulatory Authority of India (TRAI) has taken crucial steps to enhance service quality in the telecommunications sector by mandating compliance reports from telecom companies, effective 1 October. That directive faces opposition from industry players, who contend that the new regulations will increase operational costs and compliance burdens.
Nonetheless, TRAI’s enforcement of these regulations aims to guarantee that consumers receive reliable and high-quality telecommunications services. Introducing stricter quality standards explicitly targets the performance of fixed, wireless, and broadband services, addressing persistent issues such as frequent call drops and service interruptions.
Furthermore, TRAI has significantly raised financial penalties for non-compliance, implementing a graded penalty system that escalates from ₹1 lakh to ₹10 lakh based on the severity of the violation. This adjustment creates a robust incentive for telecom companies to comply with the new quality norms. Additionally, operators must compensate users through rent rebates and validity extensions for service outages exceeding 24 hours, underscoring TRAI’s commitment to consumer protection.
Philippines has introduced Joint Administrative Order No. 24-03, Series of 2024, which outlines the Implementing Rules and Regulations (IRR) for the Internet Transactions Act (ITA) of 2023. The new regulatory framework is designed to govern all business-to-business (B2B) and business-to-consumer (B2C) internet transactions under the jurisdiction of the Department of Trade and Industry (DTI).
Specifically, it applies to transactions involving parties within the Philippines or businesses targeting the Philippine market. To clarify the scope of the ITA, the IRR defines key terms such as ‘availment of the Philippine market,’ which includes activities like advertising, soliciting orders, and providing support within the country. Additionally, ‘minimum contacts’ refers to any interaction with customers in the Philippines, including allowing access to digital platforms and facilitating the exchange of goods or services.
Philippines has also specified specific exclusions from the ITA’s coverage through the IRR. For instance, it does not apply to Consumer-to-Consumer (C2C) transactions, purely offline transactions, or foreign entities not targeting the Philippine market. Furthermore, while most online media content is excluded, live selling is considered a form of advertising.
Consequently, the IRR outlines different obligations for various online entities, such as digital platforms that do not oversee transactions, e-marketplaces that retain oversight, and e-retailers or online merchants who must adhere to specific compliance requirements.
Philippines has made the IRR effective immediately; however, it allows for an 18-month transition period for businesses to comply. During this time, companies must submit detailed information to the E-Commerce Bureau and ensure that online merchants provide their registration details. Additionally, digital platforms must disclose information about product origins. Furthermore, the IRR includes Codes of Conduct for businesses and consumers to ensure fair and ethical e-commerce practices.
The US Securities and Exchange Commission (SEC) has reached a settlement with decentralised finance platform Rari Capital and its founders following accusations of misleading investors and operating as unregistered brokers. The settlement addresses serious concerns raised by the SEC over the platform’s compliance with financial regulations.
Rari Capital, which once managed over $1 billion in crypto assets at its peak, was co-founded by Jai Bhavnani, Jack Lipstone, and David Lucid. The SEC highlighted that the platform and its founders failed to properly disclose key information to investors, contributing to potential risks for those involved.
The following case underscores regulatory bodies’ increasing scrutiny of decentralised finance platforms, as they aim to ensure transparency and protect investors in the fast-evolving crypto space.
Prager Metis, the former auditor for collapsed cryptocurrency exchange FTX, has agreed to pay $1.95 million to settle two cases brought by the US Securities and Exchange Commission (SEC). The settlement resolves allegations of negligence in auditing the exchange under the leadership of Sam Bankman-Fried, who has since been convicted of fraud. The SEC accused the New York-based firm of providing inaccurate audit reports for FTX in 2021 and 2022, failing to meet accepted auditing standards.
The audit firm was found to have misunderstood FTX’s operations, particularly its relationship with Alameda Research, a hedge fund tied to Bankman-Fried. Alameda suffered significant financial losses, prompting Bankman-Fried to misappropriate $8 billion from FTX customers to cover them. FTX’s sudden collapse in November 2022 led to its bankruptcy filing, leaving many investors defrauded and billions in losses.
As part of the settlement, Prager Metis will pay $1.75 million in civil fines alongside disgorged profits and interest, though the firm did not admit any wrongdoing. Additionally, the SEC settlement included charges related to auditor independence violations between 2017 and 2020. Prager Metis’ legal representative stated that the firm was also a victim of FTX’s internal fraud.
Meanwhile, Bankman-Fried is appealing his conviction and 25-year prison sentence. Caroline Ellison, former chief executive of Alameda and Bankman-Fried’s former girlfriend, pleaded guilty and testified against him. Her sentencing is set for later this month, and she is requesting leniency from the court.
