The US government has finalised a deal with OpenAI to integrate ChatGPT Enterprise across all federal agencies. Each agency will access ChatGPT for $1 to support AI adoption and modernise operations.
According to the General Services Administration, the move aligns with the White House’s AI Action Plan, which aims to make the US a global leader in AI development. The plan promotes AI integration, innovation, and regulation across public institutions.
However, privacy advocates and cybersecurity experts have raised concerns over the risks of centralised AI in government. Critics cite the potential for mass surveillance, narrative control, and sensitive data exposure.
Sam Altman, CEO of OpenAI, has cautioned users that AI conversations are not protected under privacy laws and could be used in legal proceedings. Storing data on centralised servers via large language models raises concerns over civil liberties and government overreach.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
China’s Ministry of State Security has warned of foreign attempts to collect sensitive biometric data via crypto schemes. The ministry warned that foreign agents are illegally harvesting iris scans and facial data, risking personal privacy and national security.
The advisory noted recent cases in which foreign intelligence services exploited biometric technologies to spy on individuals within China. Cryptocurrencies incentivised people worldwide to submit iris scans, which were sent overseas.
Although no specific companies were named, the description resembled the approach of the crypto firm World, formerly known as Worldcoin.
Biometric identification methods have proliferated across many sectors due to their accuracy and convenience. However, the ministry stressed the vulnerability of such systems to data breaches and misuse.
Iris patterns, unique and challenging to replicate, are prized by malicious actors.
Citizens are urged to remain cautious, carefully review privacy policies, and question how their biometric information is handled.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The European Union’s ‘Chat Control’ proposal is gaining traction, with 19 member states now supporting a plan to scan all private messages on encrypted apps. From October, apps like WhatsApp, Signal, and Telegram must scan all messages, photos, and videos on users’ devices before encryption.
France, Denmark, Belgium, Hungary, Sweden, Italy, and Spain back the measure, while Germany has yet to decide. The proposal could pass by mid-October under the EU’s qualified majority voting system if Germany joins.
The initiative aims to prevent child sexual abuse material (CSAM) but has sparked concerns over mass surveillance and the erosion of digital privacy.
In addition to scanning, the proposal would introduce mandatory age verification, which could remove anonymity on messaging platforms. Critics argue the plan amounts to real-time surveillance of private conversations and threatens fundamental freedoms.
Telegram founder Pavel Durov recently warned of societal collapse in France due to censorship and regulatory pressure. He disclosed attempts by French officials to censor political content on his platform, which he refused to comply with.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Thanks to a new feature that shows verified brand logos, Gmail users will now find it easier to spot phishing emails. The update uses BIMI, a standard that allows trusted companies to display official logos next to their messages.
To qualify, brands must secure their domain with DMARC and have their logos verified by authorities such as Entrust or DigiCert. Once approved, they receive a Verified Mark Certificate, linking their logo to their domain.
The feature helps users quickly distinguish between genuine emails and fraudulent ones. Early adopters include Bank of America in the US, whose logo now appears directly in inboxes.
Google’s move is expected to drive broader adoption, with services like MailChimp and Verizon Media already supporting the system. The change could significantly reduce phishing risks for Gmail’s vast user base.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The crackdown follows the discovery that organised criminal groups are operating scam centres across Southeast Asia, hacking WhatsApp accounts or adding users to group chats to lure victims into fake investment schemes and other types of fraud.
In one case, WhatsApp, Meta, and OpenAI collaborated to disrupt a Cambodian cybercrime group that used ChatGPT to generate fake instructions for a rent-a-scooter pyramid scheme.
Victims were enticed with offers of cash for social media engagement before being moved to private chats and pressured to make upfront payments via cryptocurrency platforms.
Meta warned that these scams often stem from well-organised networks in Southeast Asia, some exploiting forced labour. Authorities continue to urge the public to remain vigilant, enable features such as WhatsApp’s two-step verification, and be wary of suspicious or unsolicited messages.
It should be mentioned that these scams have also drawn political attention in the USA. Namely, US Senator Maggie Hassan has urged SpaceX CEO Elon Musk to act against transnational criminal groups in Southeast Asia that use Starlink satellite internet to run massive online fraud schemes targeting Americans.
Despite SpaceX’s policies allowing service termination for fraud, Starlink remains active in regions where these scams, often linked to forced labour and human trafficking, operate.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A new commission will begin work next month to explore creating a standalone Cyber Force as a military service. The Centre for Strategic and International Studies leads the effort in collaboration with the Cyber Solarium Commission 2.0.
The study responds to ongoing weaknesses in how the US military organises, trains and equips personnel for cyber operations. These shortcomings have prompted calls for a dedicated force with a focused mission.
The Cyber Force would aim to improve readiness and capability in the digital domain, mirroring the structure of other service branches. Cyber operations are seen as increasingly central to national security.
Details of the commission’s work will emerge in the coming months as discussions shape what such a force might look like.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Venice Film Festival has confirmed that a cyberattack compromised the personal data of accredited attendees, including journalists and industry members. The breach affected names, contact details, and tax information.
The cybersecurity attackers accessed the festival’s servers on 7 July and copied and stored documents. Festival organisers responded by isolating systems and informing authorities.
Those affected received a formal notification and are encouraged to contact the event’s data protection officer for support or updates.
Despite the breach, the 82nd edition of the festival will proceed as scheduled from 27 August to 9 September in Italy.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Millions of Dell laptops faced a serious security risk due to a flaw in a Broadcom chip used for storing sensitive data. Cisco Talos researchers uncovered the vulnerability, which could have allowed attackers to steal passwords and monitor activity.
Dell confirmed over 100 laptop models were impacted, especially those with its ‘ControlVault’ security software used in sensitive industries. A fix has been issued through security patches since March.
No evidence suggests the flaw was exploited, but experts warn users to install updates promptly to avoid exposure. The issue highlights the risks of storing biometrics and credentials directly on devices.
Users are advised to keep security patches current and use reliable antivirus software to help reduce threats from similar vulnerabilities in future.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Researchers have discovered a critical security flaw in Microsoft’s new NLWeb protocol, designed to bring ChatGPT-style search to websites and apps. The vulnerability, a simple path traversal bug, allowed remote access to sensitive files, including system configurations and API keys.
Although Microsoft has patched it, the incident raises concerns about security oversight, particularly as NLWeb is being adopted by major partners such as Shopify, Snowflake, and TripAdvisor.
According to The Verge, security researchers Aonan Guan and Lei Wang identified the flaw shortly after NLWeb’s launch, warning that traditional vulnerabilities now have the potential to compromise the ‘brains’ of AI systems themselves.
Microsoft issued a fix on 1 July, but has yet to assign the flaw a CVE, the industry standard for tracking security vulnerabilities, despite pressure from the researchers. Assigning a CVE would raise awareness and allow better monitoring of the issue, even though NLWeb is not yet widely used.
Microsoft is also continuing to roll out native support for the Model Context Protocol (MCP) in Windows, despite recent warnings from security researchers about its potential risks.
The NLWeb vulnerability highlights the need for Microsoft to balance the rapid rollout of new AI carefully features with maintaining security as its top priority.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Two Chinese nationals have been charged in the US with illegally exporting millions of dollars’ worth of advanced Nvidia AI chips to China, violating the export controls.
The Department of Justice (DOJ) said Chuan Geng and Shiwei Yang operated California-based ALX Solutions, which allegedly shipped restricted hardware without the required licences over the past three years.
The DOJ claims that the company exported Nvidia’s H100 and GeForce RTX 4090 graphics processing units to China via transit hubs in Singapore and Malaysia, concealing their ultimate destination.
Payments for the shipments allegedly came from firms in Hong Kong and mainland China, including a $1 million transfer in January 2024.
Court documents state that ALX falsely declared shipments to Singapore-based customers, but US export control officers could not confirm the deliveries.
One 2023 invoice for over $28 million reportedly misrepresented the buyer’s identity. Neither Geng nor Yang had sought export licences from the US Commerce Department.
Yang was arrested on Saturday, and Geng surrendered soon after. Both appeared in a Los Angeles federal court on Monday and could face up to 20 years in prison if convicted.
Nvidia and Super Micro, a supplier, said they comply with all export regulations and will cooperate with authorities.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
