Consumer protection

Stay True To The Act campaign defends music rights

More than 30 European musicians have launched a united video campaign urging the European Commission to preserve the integrity of the EU AI Act.

The Stay True To The Act campaign calls on policymakers to enforce transparency and uphold copyright protections.

Artists, including Spanish singer-songwriter Álex Ubago and Poland’s Eurovision 2025 entrant Justyna Steczkowska, have voiced concern over the unauthorised use of their work to train AI models. They demand the right to be informed and the power to refuse such usage.

The EU AI Act, passed in 2024, includes provisions requiring developers to disclose the content used in AI training. However, as implementation plans develop, artists fear the law may be diluted, weakening protections for creators.

The campaign appeals for vigorous enforcement of the Act’s original principles: transparency, copyright control and fair innovation. Artists say AI and music can coexist in Europe only if ethical boundaries are upheld.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Generative AI now powers 20% of new Steam games

Nearly 20 percent of video games released on Steam in 2025 include generative AI, according to a new report by Totally Human Media.

The report, based on data gathered from Steam, states that around 7,818 games currently disclose using generative AI. The figure represents roughly 7 percent of the platform’s entire catalogue. For games launched in 2025, nearly one in five incorporate AI tools or openly disclose doing so.

Compared to 2024, this marks a nearly 700 percent increase in generative AI adoption, reflecting a broader industry trend towards automation and machine-generated content.

Among the most prominent titles is My Summer Car, a vehicle simulation game with over 2.5 million copies sold. The developers disclosed that the game includes ‘some AI generated paintings found inside the main house’.

Valve, the company behind Steam, began requiring game developers to disclose AI use in January 2024. While the company did not comment on the findings, the policy has enabled public tracking of AI adoption across the platform.

Community reaction to the trend has been mixed. On Reddit, many users said they would automatically add AI-driven games to their ignore lists. One commenter wrote, ‘We need to tag them so they can be an ignored category.’ Others expressed disappointment in indie developers turning to generative tools over human artists.

Some users acknowledged the complexity of the issue. A typical comment noted that while AI usage in minor elements like UI assets might be acceptable, reliance on AI for core content raises questions about value and originality. One post read, ‘What am I paying for if it’s all AI? I agree with that sentiment.’

Steam’s Next Fest, which showcases upcoming releases, drew criticism from some players who said they lost interest in promising titles upon discovering their use of generative AI.

Despite user backlash, industry momentum continues to build. Many developers see AI as a means to streamline asset creation and reduce production costs, though concerns about quality, ethics, and employment remain central to the debate.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trojanised Telegram APKs target Android users with Janus exploit

A large Android malware campaign has been uncovered, distributing trojanised versions of Telegram Messenger via more than 600 malicious domains. The operation uses phishing infrastructure and evasion techniques to deceive users and deliver infected APK files.

Domains exploit typosquatting, with names like ‘teleqram’ and ‘apktelegram’, and mimic Telegram’s website using cloned visuals and QR code redirects. Users are sent to zifeiji[.]asia, which hosts a fake Telegram site offering APK downloads between 60MB and 70MB.

The malware targets Android versions 5.0 to 8.0, exploiting the Janus vulnerability and bypassing security via legacy signature schemes. After installation, it establishes persistent access using socket callbacks, enabling remote control.

It communicates via unencrypted HTTP and FTP, and uses Android’s MediaPlayer component to trigger background activity unnoticed. Once installed, it requests extensive permissions, including access to all locally stored data.

Domains involved include over 300 on .com, with many registered through Gname, suggesting a coordinated and resilient campaign structure.

Researchers also found a JavaScript tracker embedded at telegramt.net, which collects browser and device data and sends it to dszb77[.]com. The goal appears to be user profiling and behavioural analysis.

Experts warn that the campaign’s scale and technical sophistication pose a significant risk to users running outdated Android systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US banks plan stablecoins as crypto rules evolve

Several large US banks, including Bank of America, Citibank, Morgan Stanley, and JPMorgan Chase, are developing or considering stablecoins as crypto-friendly regulations take shape.

Bank of America’s CEO Brian Moynihan confirmed ongoing work on a stablecoin but highlighted the need to understand client demand before full rollout. Similarly, Citibank and Morgan Stanley are assessing the landscape and potential use cases for their clients.

JPMorgan Chase has also expressed interest, despite its CEO’s previous scepticism towards Bitcoin.

The US Congress is advancing legislation to establish a clear regulatory framework for stablecoins. This progress reflects growing acceptance of digital assets and may encourage further integration with traditional finance.

Banks remain cautious but see stablecoins as a significant opportunity once legal clarity is achieved.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Concerns rise over crypto in UK political funding

UK lawmakers are urging a ban on cryptocurrency donations in political campaigns over fears that such contributions are hard to trace and vulnerable to foreign interference. Minister Pat McFadden said UK political funding must stay transparent and trusted by public.

While crypto donations have gained traction in the US—with figures like President Donald Trump embracing digital assets—the UK’s stance reflects growing caution.

The Reform UK party recently became the first in Britain to accept Bitcoin donations, sparking concerns from anti-corruption groups about the risk of criminal or foreign funds influencing elections.

Ireland and several US states have already banned crypto donations to political campaigns, citing transparency and election integrity issues.

As crypto donations increase globally, governments continue to debate how to regulate digital assets to protect democratic processes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Experts link Qantas data breach to AI voice impersonation

Cybersecurity experts believe criminals may have used AI-generated voice deepfakes to breach Qantas systems, potentially deceiving contact centre staff in Manila. The breach affected nearly six million customers, with links to a group known as Scattered Spider.

Qantas confirmed the breach after detecting suspicious activity on a third-party platform. Stolen data included names, phone numbers, and addresses—but no financial details. The airline has not confirmed whether voice impersonation was involved.

Experts point to Scattered Spiders’ history of using synthetic voices to trick help desk staff into handing over credentials. Former FBI agent Adam Marré said the technique, known as vishing, matches the group’s typical methods and links them to The Com, a cybercrime collective.

Other members of The Com have targeted companies like Salesforce through similar tactics. Qantas reportedly warned contact centre staff shortly before the breach, citing a threat advisory connected to Scattered Spider.

Google and CrowdStrike reported that the group frequently impersonates employees over the phone to bypass multi-factor authentication and reset passwords. The FBI has warned that Scattered Spider is now targeting airlines.

Qantas says its core systems remain secure and has not confirmed receiving a ransom demand. The airline is cooperating with authorities and urging affected customers to watch for scams using their leaked information.

Cybersecurity firm Trend Micro notes that voice deepfakes are now easy to produce, with convincing audio clips available for as little as $5. The deepfakes can mimic language, tone, and emotion, making them powerful tools for deception.

Experts recommend biometric verification, synthetic signal detection, and real-time security challenges to counter deepfakes. Employee training and multi-factor authentication remain essential defences.

Recent global cases illustrate the risk. In one instance, a deepfake mimicking US Senator Marco Rubio attempted to access sensitive systems. Other attacks involved cloned voices of US political figures Joe Biden and Susie Wiles.

As voice content becomes more publicly available, experts warn that anyone sharing audio online could become a target for AI-driven impersonation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI and Shopify explore product sales via ChatGPT

OpenAI is preparing to take a commission from product sales made directly through ChatGPT, signalling a significant shift in its business model. The move aims to monetise free users by embedding e-commerce checkout within the chatbot.

Currently, ChatGPT provides product links that redirect users to external sites. In April, OpenAI partnered with Shopify to support this feature. Sources say the next step is enabling purchases without leaving the platform, with merchants paying OpenAI a fee per transaction.

Until now, OpenAI has earned revenue mainly from ChatGPT Plus subscriptions and enterprise deals. Despite a $300 billion valuation, the company remains loss-making and seeks new commercial avenues tied to its conversational AI tools.

E-commerce integration would also challenge Google’s grip on product discovery and paid search, as more users turn to chatbots for recommendations.

Early prototypes have been shown to brands, and financial terms are under discussion. Shopify, which powers checkout on platforms like TikTok, may also provide the backend infrastructure for ChatGPT.

Product suggestions in ChatGPT are generated based on query relevance and user-specific context, including budgets and saved preferences. With memory upgrades, the chatbot can personalise results more effectively over time.

Currently, clicking on a product shows a list of sellers based on third-party data. Rankings rely mainly on metadata rather than price or delivery speed, though this is expected to evolve.

Marketers are already experimenting with ‘AIO’ — AI optimisation — to boost visibility in AI-generated product listings, similar to SEO for search engines.

An advertising agency executive said this shift could disrupt paid search and traditional ad models. Concerns are growing around how AI handles preferences and the fairness of its recommendations.

OpenAI has previously said it had ‘no active plans to pursue advertising’. However, CFO Sarah Friar recently confirmed that the company is open to ads in the future, using a selective approach.

CEO Sam Altman said OpenAI would not accept payments for preferential placement, but may charge small affiliate fees on purchases made through ChatGPT.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta faces fresh EU backlash over Digital Markets Act non-compliance

Meta is again under EU scrutiny after failing to fully comply with the bloc’s Digital Markets Act (DMA), despite a €200 million fine earlier this year.

The European Commission says Meta’s current ‘pay or consent’ model still falls short and could trigger further penalties. A formal warning is expected, with recurring fines likely if the company does not adjust its approach.

The DMA imposes strict rules on major tech platforms to reduce market dominance and protect digital fairness. While Meta claims its model meets legal standards, the Commission says progress has been minimal.

Over the past year, Meta has faced nearly €1 billion in EU fines, including €798 million for linking Facebook Marketplace to its central platform. The new case adds to years of tension over data practices and user consent.

The ‘pay or consent’ model offers users a choice between paying for privacy or accepting targeted ads. Regulators argue this does not meet the threshold for genuine consent and mirrors Meta’s past GDPR tactics.

Privacy advocates have long criticised Meta’s approach, saying users are left with no meaningful alternatives. Internal documents show Meta lobbied against privacy reforms and warned governments about reduced investment.

The Commission now holds greater power under the DMA than it did with GDPR, allowing for faster, centralised enforcement and fines of up to 10% of global turnover.

Apple has already been fined €500 million, and Google is also under investigation. The EU’s rapid action signals a stricter stance on platform accountability. The message for Meta and other tech giants is clear: partial compliance is no longer enough to avoid serious regulatory consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI tool uses walking patterns to detect early signs of dementia

Fujitsu and Acer Medical are trialling an AI-powered tool to help identify early signs of dementia and Parkinson’s disease by analysing patients’ walking patterns. The system, called aiGait and powered by Fujitsu’s Uvance skeleton recognition technology, converts routine movements into health data.

Initial tests are taking place at a daycare centre linked to Taipei Veterans Hospital, using tablets and smartphones to record basic patient movements. The AI compares this footage with known movement patterns associated with neurodegenerative conditions, helping caregivers detect subtle abnormalities.

The tool is designed to support early intervention, with abnormal results prompting follow-up by healthcare professionals. Acer Medical plans to expand the service to elderly care centres across Taiwan by the end of the year.

Fujitsu’s AI was originally developed for gymnastics scoring and adapted to analyse real-world gait data with high accuracy using everyday mobile devices. Both companies hope to extend the technology’s use to paediatrics, sports science, and rehabilitation in future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China deploys new malware tool for border phone searches

Chinese authorities reportedly use a powerful new malware tool called Massistant to extract data from seized Android phones. Developed by Xiamen Meiya Pico, the tool enables police to access messages, photos, locations, and app data once they have physical access to a device.

Cybersecurity firm Lookout revealed that Massistant operates via a desktop-connected tower, requiring unlocked devices but no advanced hacking techniques. Researchers said affected users include Chinese citizens and international travellers whose phones may be searched at borders.

The malware leaves traces on compromised phones, allowing for post-infection removal, but authorities already have the data by then. Forums in China have shown increasing user complaints about malware following police interactions.

Massistant is seen as the successor to an older tool, MSSocket, with Meiya Pico now controlling 40% of China’s digital forensics market. They previously sanctioned the firm for its surveillance tech links to the Chinese government’s use.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!