Cybersecurity

US states weigh VPN restrictions to protect minors online

US legislators in Wisconsin and Michigan are weighing proposals that would restrict the use of VPNs to access sites deemed harmful to minors. The bills build on age-verification rules for websites hosting sexual content, which lawmakers say are too easy to bypass when users connect via VPNs.

In Wisconsin, a bill that has already passed the State Assembly would require adult sites to both verify age and block visitors using VPNs, potentially making the state the first in the US to outlaw VPN use for accessing such content if the Senate approves it.

In Michigan, similar legislation would go further by obliging internet providers to monitor and block VPN connections, though that proposal has yet to advance.

The Digital Rights Group and the Electronic Frontier Foundation argue that the approach would erode privacy for everyone, not just minors.

It warns that blanket restrictions would affect businesses, students, journalists and abuse survivors who rely on VPNs for security, calling the measures ‘surveillance dressed up as safety’ and urging lawmakers instead to improve education, parental tools and support for safer online environments.

The debate comes as several European countries, including France, Italy and the UK, have introduced age-verification rules for pornography sites, but none have proposed banning VPNs.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

New report warns retailers are unprepared for AI-powered attacks

Retailers are entering the peak shopping season amid warnings that AI-driven cyber threats will accelerate. LevelBlue’s latest Spotlight Report says nearly half of retail executives are already seeing significantly higher attack volumes, while one-third have suffered a breach in the past year.

The sector is under pressure to roll out AI-driven personalisation and new digital channels, yet only a quarter feel ready to defend against AI attacks. Readiness gaps also cover deepfakes and synthetic identity fraud, even though most expect these threats to arrive soon.

Supply chain visibility remains weak, with almost half of executives reporting limited insight into software suppliers. Few list supplier security as a near-term priority, fuelling concern that vulnerabilities could cascade across retail ecosystems.

High-profile breaches have pushed cybersecurity into the boardroom, and most retailers now integrate security teams with business operations. Leadership performance metrics and risk appetite frameworks are increasingly aligned with cyber resilience goals.

Planned investment is focused on application security, business-wide resilience processes, and AI-enabled defensive tools. LevelBlue argues that sustained spending and cultural change are required if retailers hope to secure consumer trust amid rapidly evolving threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Mass CCTV hack in India exposes maternity ward videos sold on Telegram

Police in Gujarat have uncovered an extensive cybercrime network selling hacked CCTV footage from hospitals, schools, offices and private homes across India.

The case surfaced after local media spotted YouTube videos showing women in a maternity ward during exams and injections, with links directing viewers to Telegram channels selling longer clips. The hospital involved said cameras were installed to protect staff from false allegations.

Investigators say hackers accessed footage from an estimated 50,000 CCTV systems nationwide and sold videos for 800–2,000 rupees, with some Telegram channels offering live feeds by subscription.

Arrests since February span Maharashtra, Uttar Pradesh, Gujarat, Delhi and Uttarakhand. Police have charged suspects under laws covering privacy violations, publication of obscene material, voyeurism and cyberterrorism.

Experts say weak security practices make Indian CCTV systems easy targets. Many devices run on default passwords such as Admin123. Hackers used brute-force tools to break into networks, according to investigators. Cybercrime specialists advise users to change their IP addresses and passwords, run periodic audits, and secure both home and office networks.

The case highlights the widespread use of CCTV in India, as cameras are prevalent in both public and private spaces, often installed without consent or proper safeguards. Rights advocates say women face added stigma when sensitive footage is leaked, which discourages complaints.

Police said no patients or hospitals filed a report in this case due to fear of exposure, so an officer submitted the complaint.

Last year, the government urged states to avoid suppliers linked to past data breaches and introduced new rules to raise security standards, but breaches remain common.

Investigators say this latest case demonstrates how easily insecure systems can be exploited and how sensitive footage can spread online, resulting in severe consequences for victims.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Hyundai launches record investment to boost South Korea’s tech future

Hyundai Motor Group has unveiled a record 85.8 billion dollar investment plan that will reshape South Korea’s industrial landscape over the next five years.

The company intends to channel a large share of the funds into fields such as AI, robotics, electrification, software-defined vehicles, and hydrogen technologies.

Hyundai presents the roadmap as evidence of an agile response to a global environment in which export strength and technological leadership matter more than ever.

A major part of the strategy centres on turning innovation into export gains. The group expects the investment to raise overseas shipments of South Korea-made vehicles by more than thirteen percent by 2030.

A plan that emerges shortly after Seoul concluded a new trade agreement with Washington that lowers tariffs on South Korean vehicles to fifteen percent instead of the previous twenty-five percent. The rate remains much higher than the earlier 2.5 percent applied before the renegotiation.

Hyundai’s announcement mirrors a wider industrial push across the country. Samsung Group recently committed 310 billion dollars for a similar period, largely focused on AI development.

Both companies aim to reinforce the nation’s position in advanced technologies and secure long-term competitiveness at a time when global supply chains and industrial alliances are rapidly shifting.

Hyundai, together with Kia, sold more than 7.2 million vehicles globally last year.

The company views its new investment programme as a foundation for future export growth and a signal that South Korea plans to anchor its economic future in next-generation technologies instead of relying on past models of industrial expansion.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

New blueprint ensures fair AI in democratic processes

A rights-centred AI blueprint highlights the growing use of AI in analysing citizen submissions during public participation, promising efficiency but raising questions about fairness, transparency and human rights. Experts caution that poorly designed AI could silence minority voices, deepen inequalities and weaken trust in democratic decision-making.

The European Centre for Not-for-Profit Law (ECNL) provides detailed guidance for governments, civil society organisations and technology developers on how to implement AI responsibly. Recommendations include conducting human rights impact assessments, involving marginalised communities from the design stage, testing AI accuracy across demographics, and ensuring meaningful human oversight at every stage.

Transparency and accountability are key pillars of the framework, providing guidance on publishing assessments, documenting AI decision-making processes, and mitigating bias. Experts stress that efficiency gains should never come at the expense of inclusiveness, and that AI tools must be monitored and updated continually to reflect community feedback and rights considerations.

The blueprint also emphasises collaboration and sustainability, urging multistakeholder governance, civil society co-design, and ongoing training for public servants and developers. By prioritising rights, transparency and community engagement, AI in public participation can enhance citizen voices rather than undermining them, but only if implemented deliberately and inclusively.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Eurofiber France reportedly hit by data breach

Eurofiber France has suffered a data breach affecting its internal ticket management system and ATE customer portal, reportedly discovered on 13 November. The incident allegedly involved unauthorised access via a software vulnerability, with the full extent still unclear.

Sources indicate that approximately 3,600 customers could be affected, including major French companies and public institutions. Reports suggest that some of the allegedly stolen data, ranging from documents to cloud configurations, may have appeared on the dark web for sale.

Eurofiber has emphasised that Dutch operations are not affected.

The company moved quickly to secure affected systems, increasing monitoring and collaborating with cybersecurity specialists to investigate the incident. The French privacy regulator, CNIL, has been informed, and Eurofiber states that it will continue to update customers as the investigation progresses.

Founded in 2000, Eurofiber provides fibre optic infrastructure across the Netherlands, Belgium, France, and Germany. Primarily owned by Antin Infrastructure Partners and partially by Dutch pension fund PGGM, the company remains operational while assessing the impact of the breach.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU moves to reinforce cooperation against VAT fraud

The European Commission has presented a plan to strengthen cooperation among the European Public Prosecutor’s Office, the European Anti-Fraud Office, and member states as part of a broader effort to combat VAT fraud.

The proposal establishes a legal framework for the sharing of information. It grants the EU bodies immediate access to VAT data, which is expected to enhance the detection of cross-border tax evasion schemes.

Real-time reporting of cross-border trade, delivered through the VAT in the Digital Age package, provides national authorities with the information needed to identify suspicious activity, rather than relying on delayed or incomplete records.

Carousel fraud alone costs EU taxpayers billions each year and remains a significant element of the broader VAT compliance gap, which stood at over €89 billion in 2022.

The Commission argues that faster access to VAT information will help investigators uncover fraudulent networks, halt their activities and pursue prosecutions more effectively.

EPPO, OLAF and the Eurofisc network would gain direct communication channels, enabling closer coordination and rapid intelligence sharing throughout the Union.

A proposal that will now move to the Council for agreement and to the European Parliament and the Economic and Social Committee for consultation.

Once adopted and published, the changes will take effect and initiate the implementation phase across the EU.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Teenagers still face harmful content despite new protections

In the UK and other countries, teenagers continue to encounter harmful social media content, including posts about bullying, suicide and weapons, despite the Online Safety Act coming into effect in July.

A BBC investigation using test profiles revealed that some platforms continue to expose young users to concerning material, particularly on TikTok and YouTube.

The experiment, conducted with six fictional accounts aged 13 to 15, revealed differences in exposure between boys and girls.

While Instagram showed marked improvement, with no harmful content displayed during the latest test, TikTok users were repeatedly served posts about self-harm and abuse, and one YouTube profile encountered videos featuring weapons and animal harm.

Experts warned that changes will take time and urged parents to monitor their children’s online activity actively. They also recommended open conversations about content, the use of parental controls, and vigilance rather than relying solely on the new regulatory codes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New funding round by Meta strengthens local STEAM education

Meta is inviting applications for its 2026 Data Centre Community Action Grants, which support schools, nonprofits and local groups in regions that host the company’s data centres.

The programme has been a core part of Meta’s community investment strategy since 2011, and the latest round expands support to seven additional areas linked to new facilities. The company views the grants as a means of strengthening long-term community vitality, rather than focusing solely on infrastructure growth.

Funding is aimed at projects that use technology for public benefit and improve opportunities in science, technology, engineering, arts and mathematics. More than $ 74 million has been awarded to communities worldwide, with $ 24 million distributed through the grant programme alone.

Recipients can reapply each year, which enables organisations to sustain programmes and increase their impact over time.

Several regions have already demonstrated how the funding can reshape local learning opportunities. Northern Illinois University used grants to expand engineering camps for younger students and to open a STEAM studio that supports after-school programmes and workforce development.

In New Mexico, a middle school used funding to build a STEM centre with advanced tools such as drones, coding kits and 3D printing equipment. In Texas, an enrichment organisation created a digital media and STEM camp for at-risk youth, offering skills that can encourage empowerment instead of disengagement.

Meta presents the programme as part of a broader pledge to deepen education and community involvement around emerging technologies.

The company argues that long-term support for digital learning will strengthen local resilience and create opportunities for young people who want to pursue future careers in technology.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Digital records gain official status in Uzbekistan

Uzbekistan has granted full legal validity to online personal data stored on the my.gov.uz Unified Interactive Public Services Portal, placing it on equal footing with traditional documents.

The measure, in force from 1 November, supports the country’s digital transformation by simplifying how citizens interact with state bodies.

Personal information can now be accessed, shared and managed entirely through the portal instead of relying on printed certificates.

State institutions are no longer permitted to request paper versions of records that are already available online, which is expected to reduce queues and alleviate the administrative burden faced by the public.

Officials in Uzbekistan anticipate that centralising personal data on one platform will save time and resources for both citizens and government agencies. The reform aims to streamline public services, remove redundant steps and improve overall efficiency across state procedures.

Government bodies have encouraged citizens to use the portal’s functions more actively and follow official channels for updates on new features and improvements.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!