Consumer protection

More social media platforms could face under-16 ban in Australia

Australia is set to expand its under-16 social media ban, with platforms such as WhatsApp, Reddit, Twitch, Roblox, Pinterest, Steam, Kick, and Lego Play potentially joining the list. The eSafety Commissioner, Julie Inman Grant, has written to 16 companies asking them to self-assess whether they fall under the ban.

The current ban already includes Facebook, TikTok, YouTube, and Snapchat, making it a world-first policy. The focus will be on platforms with large youth user bases, where risks of harm are highest.

Despite the bold move, experts warn the legislation may be largely symbolic without concrete enforcement mechanisms. Age verification remains a significant hurdle, with Canberra acknowledging that companies will likely need to self-regulate. An independent study found that age checks can be done ‘privately, efficiently and effectively,’ but noted there is no one-size-fits-all solution.

Firms failing to comply could face fines of up to AU$49.5 million (US$32.6 million). Some companies have called the law ‘vague’ and ‘rushed.’ Meanwhile, new rules will soon take effect to limit access to harmful but legal content, including online pornography and AI chatbots capable of sexually explicit dialogue. Roblox has already agreed to strengthen safeguards.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

LinkedIn default AI data sharing faces Dutch privacy watchdog scrutiny

The Dutch privacy watchdog, Autoriteit Persoonsgegevens (AP), is warning LinkedIn users in the Netherlands to review their settings to prevent their data from being used for AI training.

LinkedIn plans to use names, job titles, education history, locations, skills, photos, and public posts from European users to train its systems. Private messages will not be included; however, the sharing option is enabled by default.

AP Deputy Chair Monique Verdier said the move poses significant risks. She warned that once personal data is used to train a model, it cannot be removed, and its future uses are unpredictable.

LinkedIn, headquartered in Dublin, falls under the jurisdiction of the Data Protection Commission in Ireland, which will determine whether the plan can proceed. The AP said it is working with Irish and EU counterparts and has already received complaints.

Users must opt out by 3 November if they do not wish to have their data used. They can disable the setting via the AP’s link or manually in LinkedIn under ‘settings & privacy’ → ‘data privacy’ → ‘data for improving generative AI’.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Karnataka High Court rules against X Corp in content case

The Indian Karnataka High Court has rejected a petition by Elon Musk’s X Corp that contested the Indian government’s authority to block content and the legality of its Sahyog portal.

Justice M Nagaprasanna ruled that social media regulation is necessary to curb unlawful material, particularly content harmful to women, and that communications have historically been subject to oversight regardless of technology.

X Corp argued that takedown powers exist only under Section 69A of the IT Act and described the Sahyog portal as a tool for censorship. The government countered that Section 79(3)(b) allows safe harbour protections to be withdrawn if platforms fail to comply.

The Indian court sided with the government, affirming the portal’s validity and the broader regulatory framework. The ruling marks a setback for X Corp, which had also sought protection from possible punitive action for not joining the portal.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Apple escalates fight against EU digital law

US tech giant Apple has called for the repeal of the EU’s Digital Markets Act, claiming the rules undermine user privacy, disrupt services, and erode product quality.

The company urged the Commission to replace the legislation with a ‘fit for purpose’ framework, or hand enforcement to an independent agency insulated from political influence.

Apple argued that the Act’s interoperability requirements had delayed the rollout of features in the EU, including Live Translation on AirPods and iPhone mirroring. Additionally, the firm accused the Commission of adopting extreme interpretations that created user vulnerabilities instead of protecting them.

Brussels has dismissed those claims. A Commission spokesperson stressed that DMA compliance is an obligation, not an option, and said the rules guarantee fair competition by forcing dominant platforms to open access to rivals.

A dispute that intensifies long-running friction between US tech firms and the EU regulators.

Apple has already appealed to the courts, with a public hearing scheduled in October, while Washington has criticised the bloc’s wider digital policy.

A clash has deepened transatlantic trade tensions, with the White House recently threatening tariffs after fresh fines against another American tech company.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

New EU biometric checks set to reshape UK travel from 2026

UK travellers to the EU face new biometric checks from 12 October, but full enforcement is not expected until April 2026. Officials say the phased introduction will help avoid severe disruption at ports and stations.

An entry-exit system that requires non-EU citizens to be fingerprinted and photographed, with the data stored in a central European database for three years. A further 90-day grace period will allow French border officials to ease checks if technical issues arise.

The Port of Dover has prepared off-site facilities to prevent traffic build-up, while border officials stressed the gradual rollout will give passengers time to adapt.

According to Border Force director general Phil Douglas, biometrics and data protection advances have made traditional paper passports increasingly redundant.

These changes come as UK holidaymakers prepare for the busiest winter travel season in years, with full compliance due in time for Easter 2026.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI-driven remote fetal monitoring launched by Lee Health

Lee Health has launched Florida’s first AI-powered birth care centre, introducing a remote fetal monitoring command hub to improve maternal and newborn outcomes across the Gulf Coast.

The system tracks temperature, heart rate, blood pressure, and pulse for mothers and babies, with AI alerting staff when vital signs deviate from normal ranges. Nurses remain in control but gain what Lee Health calls a ‘second set of eyes’.

‘Maybe mum’s blood pressure is high, maybe the baby’s heart rate is not looking great. We will be able to identify those things,’ said Jen Campbell, director of obstetrical services at Lee Health.

Once a mother checks in, the system immediately monitors across Lee Health’s network and sends data to the AI hub. AI cues trigger early alerts under certified clinician oversight and are aligned with Lee Health’s ethical AI policies, allowing staff to intervene before complications worsen.

Dr Cherrie Morris, vice president and chief physician executive for women’s services, said the hub strengthens patient safety by centralising monitoring and providing expert review from certified nurses across the network.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Secrets sprawl flagged as top software supply chain risk in Australia

Avocado Consulting urges Australian organisations to boost software supply chain security after a high-alert warning from the Australian Cyber Security Centre (ACSC). The alert flagged threats, including social engineering, stolen tokens, and manipulated software packages.

Dennis Baltazar of Avocado Consulting said attackers combine social engineering with living-off-the-land techniques, making attacks appear routine. He warned that secrets left across systems can turn small slips into major breaches.

Baltazar advised immediate audits to find unmanaged privileged accounts and non-human identities. He urged embedding security into workflows by using short-lived credentials, policy-as-code, and default secret detection to reduce incidents and increase development speed for users in Australia.

Avocado Consulting advises organisations to eliminate secrets from code and pipelines, rotate tokens frequently, and validate every software dependency by default using version pinning, integrity checks, and provenance verification. Monitoring CI/CD activity for anomalies can also help detect attacks early.

Failing to act could expose cryptographic keys, facilitate privilege escalation, and result in reputational and operational damage. Avocado Consulting states that secure development practices must become the default, with automated scanning and push protection integrated into the software development lifecycle.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Canadian probe finds TikTok failing to protect children’s privacy

A Canadian privacy investigation has found that TikTok has not taken sufficient measures to prevent children under 13 from accessing its platform or to protect their personal data.

Despite stating that the app is not intended for young users, the report states that hundreds of thousands of Canadian children use it yearly.

The investigation also found that TikTok collects vast amounts of data from users, including children, and uses it for targeted ads and content, potentially harming youth.

In response, TikTok agreed to strengthen safeguards and clarify data practices but disagreed with some findings.

The probe is part of growing global scrutiny over TikTok’s privacy and security practices, with similar actions taken in the USA and EU amid ongoing concerns about the Chinese-owned app’s data handling and national security implications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK government AI tool recovers £500m lost to fraud

A new AI system developed by the UK Cabinet Office has helped reclaim nearly £500m in fraudulent payments, marking the government’s most significant recovery of public funds in a single year.

The Fraud Risk Assessment Accelerator analyses data across government departments to identify weaknesses and prevent scams before they occur.

It uncovered unlawful council tax claims, social housing subletting, and pandemic-related fraud, including £186m linked to Covid support schemes. Ministers stated the savings would be redirected to fund nurses, teachers, and police officers.

Officials confirmed the tool will be licensed internationally, with the US, Canada, Australia, and New Zealand among the first partners expected to adopt it.

The UK announced the initiative at an anti-fraud summit with these countries, describing it as a step toward global cooperation in securing public finances through AI.

However, civil liberties groups have raised concerns about bias and oversight. Previous government AI systems used to detect welfare fraud were found to produce disparities based on age, disability, and nationality.

Campaigners warned that the expanded use of AI in fraud detection risks embedding unfair outcomes if left unchecked.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU demands answers from Apple, Google, Microsoft and Booking.com on scam risks

The European Commission has asked Apple, Booking.com, Google and Microsoft how they tackle financial scams under the Digital Services Act. The inquiry covers major platforms and search engines, including Apple App Store, Google Play, Booking.com, Bing and Google Search.

Officials want to know how these companies detect fraudulent content and what safeguards they use to prevent scams. For app stores, the focus is on fake financial applications imitating legitimate banking or trading services.

For Booking.com, attention is paid to fraudulent accommodation listings, while Bing and Google Search face scrutiny over links and ads, leading to scam websites.

The Commission asked platforms how they verify business identities under ‘Know Your Business Customer’ rules to prevent harm from suspicious actors. Companies must also share details of their ad repositories, enabling regulators and researchers to spot fraudulent ads and patterns.

By taking these steps, the Commission aims to ensure that actions under the DSA complement broader consumer protection measures already in force across the European Union.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot