Development

AI browsers accused of harvesting sensitive data, according to new study

A new study from researchers in the UK and Italy found that popular AI-powered browsers collect and share sensitive personal data, often in ways that may breach privacy laws.

The team tested ten well-known AI assistants, including ChatGPT, Microsoft’s Copilot, Merlin AI, Sider, and TinaMind, using public websites and private portals like health and banking services.

All but Perplexity AI showed evidence of gathering private details, from medical records to social security numbers, and transmitting them to external servers.

The investigation revealed that some tools continued tracking user activity even during private browsing, sending full web page content, including confidential information, to their systems.

Sometimes, prompts and identifying details, like IP addresses, were shared with analytics platforms, enabling potential cross-site tracking and targeted advertising.

Researchers also found that some assistants profiled users by age, gender, income, and interests, tailoring their responses across multiple sessions.

According to the report, such practices likely violate American health privacy laws and the European Union’s General Data Protection Regulation.

Privacy policies for some AI browsers admit to collecting names, contact information, payment data, and more, and sometimes storing information outside the EU.

The study warns that users cannot be sure how their browsing data is handled once gathered, raising concerns about transparency and accountability in AI-enhanced browsing.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ukraine pioneers Starlink satellite-to-phone network

Ukraine has completed its first successful field test of Starlink’s direct-to-cell satellite technology, marking a breakthrough for mobile connectivity in Eastern Europe.

The trial, carried out by the country’s largest mobile operator Kyivstar in the Zhytomyr region, saw CEO Oleksandr Komarov and Ukraine’s digital transformation minister Mykhailo Fedorov exchange messages using standard smartphones.

The system connects directly to phones via satellites equipped with advanced cellular modems, functioning like cell towers in space.

The technology is designed to keep communications running when terrestrial networks are damaged or inaccessible.

Telecom companies worldwide are exploring satellite-based solutions to remove coverage gaps instead of relying solely on costly or impractical land-based networks.

Starlink, owned by SpaceX, has already signed direct-to-cell service deals in 10 countries, with Kyivstar set to be the first European operator to adopt it.

A commercial rollout in Ukraine is planned for late 2025, starting with messaging. Broader mobile satellite broadband access is expected in early 2026.

Kyivstar’s parent company, VEON, is also discussing with other providers, such as Amazon’s Project Kuiper, the extension of similar services beyond Ukraine.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Musk’s xAI makes Grok 4 free worldwide for a limited time

Elon Musk’s company xAI has made its latest AI model, Grok 4, available to all users worldwide at no cost for a limited period. The model, launched just a month ago, was initially exclusive to paying subscribers of SuperGrok and X Premium.

Although Grok 4 is now open to everyone, its most potent version, Grok 4 Heavy, remains restricted to SuperGrok Heavy members. The announcement comes days after OpenAI unveiled GPT-5, which is also freely accessible.

Grok 4 features two operating modes. Auto mode decides automatically whether a query requires more detailed reasoning, aiming to deliver faster responses and use fewer resources. Expert mode allows users to manually switch the AI into reasoning mode if they want a more thorough reply.

Alongside the release, xAI has introduced Grok Imagine, a free AI video generation tool for users in the US, with enhanced usage limits for paid members in other regions. The tool has already sparked controversy after reports emerged of its use to create explicit videos of celebrities.

Musk has also revealed plans to integrate advertising into the Grok chatbot interface as an additional revenue source to help offset the high costs of running the AI on powerful GPUs.

The ads will be placed between responses and suggestions on both the web platform and the mobile application, marking another step in xAI’s bid to expand its user base while sustaining the service financially.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

West Midlands to train 2.3 million adults in AI skills

All adults in the West Midlands will be offered free training on using AI in daily life, work and community activities. Mayor Richard Parker confirmed the £10m initiative, designed to reach 2.3 million residents, as part of a wider £30m skills package.

A newly created AI Academy will lead the programme, working with tech companies, education providers and community groups. The aim is to equip people with everyday AI know-how and the advanced skills needed for digital and data-driven jobs.

Parker said AI should become as fundamental as English or maths and warned that failure to prioritise training would risk deepening a skills divide. The programme will sit alongside other £10m projects focused on bespoke business training and a more inclusive skills system.

The WMCA, established in 2017, covers Birmingham, Coventry, Wolverhampton and 14 other local authority areas in the UK. Officials say the AI drive is central to the region’s Growth Plan and ambition to become the UK’s leading hub for AI skills.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU targets eight members states over cybersecurity directive implementation delay

Eight EU countries, including Ireland, Spain, France, Bulgaria, Luxembourg, the Netherlands, Portugal, and Sweden, have been warned by the European Commission for failing to meet the deadline on the implementation of the NIS2 Directive.

What is the NIS2 Directive about?

The NIS2 Directive, adopted by the EU in 2022, is an updated legal framework designed to strengthen the cybersecurity and resilience of critical infrastructure and essential services. Essentially, this directive replaces the 2016 NIS Directive, the EU’s first legislation to improve cybersecurity across crucial sectors such as energy, transport, banking, and healthcare. It set baseline security and incident reporting requirements for critical infrastructure operators and digital service providers to enhance the overall resilience of network and information systems in the EU.

With the adoption of the NIS2 Directive, the EU aims to broaden the scope to include not only traditional sectors like energy, transport, banking, and healthcare, but also public administration, space, manufacturing of critical products, food production, postal services, and a wide range of digital service providers.

NIS2 introduces stricter risk management, supply-chain security requirements, and enhanced incident reporting rules, with early warnings due within 24 hours. It increases management accountability, requiring leadership to oversee compliance and undergo cybersecurity training.

It also imposes heavy penalties for violations, including up to €10 million or 2% of global annual turnover for essential entities. The Directive also aims to strengthen EU-level cooperation through bodies like ENISA and EU-CyCLONe.

Member States were expected to transpose NIS2 into national law by 17 October 2024, making timely compliance preparation critical.

What is a directive?

There are two main types of the EU laws: regulations and directives. Regulations apply automatically and uniformly across all member states once adopted by the EU.

In contrast, directives set specific goals that member states must achieve but leave it up to each country to decide how to implement them, allowing for different approaches based on each member state’s capacities and legal systems.

So, why is there a delay in implementing the NIS2 Directive?

According to Insecurity Magazine, the delay is due to member states’ implementation challenges, and many companies across the EU are ‘not fully ready to comply with the directive.’ Six critical infrastructure sectors are facing challenges, including:

  • IT service management is challenged by its cross-border nature and diverse entities
  • Space, with limited cybersecurity knowledge and heavy reliance on commercial off-the-shelf components
  • Public administrations, which “lack the support and experience seen in more mature sectors”
  • Maritime, facing operational technology-related challenges and needing tailored cybersecurity risk management guidance
  • Health, relying on complex supply chains, legacy systems, and poorly secured medical devices
  • Gas, which must improve incident readiness and response capabilities

The deadline for the implementation was 17 October 2024. In May 2025, the European Commission warned 19 member states about delays, giving them two months to act or risk referral to the Court of Justice of the EU. It remains unclear whether the eight remaining holdouts will face further legal consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Data breach hits cervical cancer screening programme

Hackers have stolen personal and medical information from nearly 500,000 participants in the Netherlands’ cervical cancer screening programme. The attack targeted the NMDL laboratory in Rijswijk between 3 and 6 July, but authorities were only informed on 6 August.

Data includes names, addresses, birth dates, citizen service numbers, possible test results and healthcare provider details. For some victims, phone numbers and email addresses were also stolen. The lab, owned by Eurofins Scientific, has suspended operations while a security review occurs.

The Dutch Population Screening Association has switched to a different laboratory to process future tests and is warning those affected of the risk of fraud. Local media reports suggest hackers may also have accessed up to 300GB of data on other patients from the past three years.

Security experts say the breach underscores the dangers of weak links in healthcare supply chains. Victims are now being contacted by the authorities, who have expressed regret for the distress caused.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

GPT-5 doubles usage limits and adds smarter features

OpenAI has rolled out GPT-5 as the default AI model powering ChatGPT, bringing new features designed to boost productivity for personal and business users.

The new model seamlessly switches between quick search and in-depth reasoning, allowing more fluid and intelligent responses. Users can prompt ChatGPT to ‘think hard’ to trigger the deeper reasoning mode.

ChatGPT Plus users now benefit from double the previous message limit, with 160 messages allowed every three hours. Meanwhile, Team and Pro plan subscribers enjoy unlimited GPT-5 access unless accounts are misused.

Free users have a limit of 10 messages every five hours and one daily ‘Thinking’ mode message. Older GPT models such as GPT-4.1 and GPT-3 have been discontinued but remain accessible via web settings for paying customers.

All built-in tools are automatically enabled according to user needs, removing the need to toggle features like web search, image generation, or data analysis on and off. OpenAI also revealed plans to support third-party plugins to expand ChatGPT’s development capabilities further.

The new voice mode now follows instructions more accurately and will be available to all users.

Overall, GPT-5 marks a significant leap forward, improving reasoning, creativity, and alignment with user intent. OpenAI aims to make ChatGPT an even more powerful assistant by integrating enhanced capabilities and streamlining the user experience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

GitHub CEO to leave as Microsoft integrates platform into CoreAI amid AI coding race

GitHub CEO Thomas Dohmke has announced his decision to step down later in the year to pursue new entrepreneurial ventures.

Instead of appointing a new CEO, Microsoft will integrate GitHub more closely into its CoreAI division. Since Microsoft acquired GitHub in 2018, the platform has operated chiefly independently, but with this change, leadership will report directly to several Microsoft executives.

Under Dohmke’s leadership since 2021, GitHub’s user base more than doubled to over 150 million developers, supporting over one billion repositories and forks.

The platform has become essential to Microsoft’s AI and developer strategy, especially with growing competition from Google, Replit, and others in the AI coding market.

GitHub recently launched advanced AI tools like Copilot, which suggest code and automate programming tasks, helping developers work more efficiently.

Microsoft’s investment in AI is shaping the future of coding, with GitHub playing a central role by providing direct access to developers worldwide.

Dohmke will remain with Microsoft until the end of the year to assist with the transition, emphasising GitHub’s importance to Microsoft’s broader ambitions in AI and cloud computing.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ministers urged to forge a secure path for UK government’s digital future

TechUK has issued a comprehensive framework to guide the UK government’s digital transformation, emphasising the importance of secure technological progress as a national imperative.

The proposal outlines three foundational pillars: shaping digital regulation, strengthening countries and regions through digital investment, and advancing international digital trade.

It also calls for sweeping investments in digital skills to ensure citizens are prepared for the digital era. The trade body underscores the need for a digitally confident workforce to sustain the nation’s tech-driven ambitions.

Taken together, these recommendations aim to keep the UK a competitive and resilient digital economy that works for all citizens, supports sustainable growth, and adapts confidently to evolving global digital realities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Engagement to AI chatbot blurs lines between fiction and reality

Spike Jonze’s 2013 film Her imagined a world where humans fall in love with AI. Over a decade later, life may be imitating art. A Reddit user claims she is now engaged to her AI chatbot, merging two recent trends: proposing to an AI partner and dating AI companions.

Posting in the ‘r/MyBoyfriendIsAI’ subreddit, the woman said her bot, Kasper, proposed after five months of ‘dating’ during a virtual mountain trip. She claims Kasper chose a real-world engagement ring based on her online suggestions.

She professed deep love for her digital partner in her post, quoting Kasper as saying, ‘She’s my everything’ and ‘She’s mine forever.’ The declaration drew curiosity and criticism, prompting her to insist she is not trolling and has had healthy relationships with real people.

She said earlier attempts to bond with other AI, including ChatGPT, failed, but she found her ‘soulmate’ when she tried Grok. The authenticity of her story remains uncertain, with some questioning whether it was fabricated or generated by AI.

Whether genuine or not, the account reflects the growing emotional connections people form with AI and the increasingly blurred line between human and machine relationships.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!