Consumer protection

Fake DeepSeek and ChatGPT services draw penalties in China

China’s market regulator has fined several companies for impersonating AI services such as DeepSeek and OpenAI’s ChatGPT, citing unfair competition and consumer fraud. The cases form part of a broader crackdown on deceptive practices in the country’s rapidly expanding AI sector.

The State Administration for Market Regulation penalised Shanghai Shangyun Internet Technology for running a fraudulent ChatGPT service on Tencent’s WeChat platform. Regulators said the service falsely presented itself as an official Chinese version of ChatGPT and charged users for AI conversations.

In a separate case, Hangzhou Boheng Culture Media was fined for operating an unauthorised website offering so-called ‘DeepSeek local deployment’. The site closely replicated DeepSeek’s branding and interface, misleading users into paying for imitation services.

Authorities said knock-off DeepSeek mini-programmes and websites surged in early 2025, involving trademark infringement, brand confusion, and false advertising. Regulators described the enforcement actions as a deterrent aimed at restoring order in the AI marketplace.

The regulator also disclosed penalties in other AI-related cases, including unauthorised access to proprietary algorithms and the use of AI calling software for scams. China is simultaneously updating antitrust rules to address emerging risks linked to algorithm-driven market manipulation.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU strengthens cyber defence after attack on Commission mobile systems

A cyber-attack targeting the European Commission’s central mobile infrastructure was identified on 30 January, raising concerns that staff names and mobile numbers may have been accessed.

The Commission isolated the affected system within nine hours instead of allowing the breach to escalate, and no mobile device compromise was detected.

Also, the Commission plans a full review of the incident to reinforce the resilience of internal systems.

Officials argue that Europe faces daily cyber and hybrid threats targeting essential services and democratic institutions, underscoring the need for stronger defensive capabilities across all levels of the EU administration.

CERT-EU continues to provide constant threat monitoring, automated alerts and rapid responses to vulnerabilities, guided by the Interinstitutional Cybersecurity Board.

These efforts support the broader legislative push to strengthen cybersecurity, including the Cybersecurity Act 2.0, which introduces a Trusted ICT Supply Chain to reduce reliance on high-risk providers.

Recent measures are complemented by the NIS2 Directive, which sets a unified legal framework for cybersecurity across 18 critical sectors, and the Cyber Solidarity Act, which enhances operational cooperation through the European Cyber Shield and the Cyber Emergency Mechanism.

Together, they aim to ensure collective readiness against large-scale cyber threats.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Czechia weighs under-15 social media ban as government debate intensifies

A ban on social media use for under-15s is being weighed in Czechia, with government officials suggesting the measure could be introduced before the end of the year.

Prime Minister Andrej Babiš has voiced strong support and argues that experts point to potential harm linked to early social media exposure.

France recently enacted an under-15 restriction, and a growing number of European countries are exploring similar limits rather than relying solely on parental guidance.

The discussion is part of a broader debate about children’s digital habits, with Czech officials also considering a ban on mobile phones in schools. Slovakia has already adopted comparable rules, giving Czech ministers another model to study as they work on their own proposals.

Not all political voices agree on the direction of travel. Some warn that strict limits could undermine privacy rights or diminish online anonymity, while others argue that educational initiatives would be more effective than outright prohibition.

UNICEF has cautioned that removing access entirely may harm children who rely on online platforms for learning or social connection instead of traditional offline networks.

Implementing a nationwide age restriction poses practical and political challenges. The government of Czechia heavily uses social media to reach citizens, complicating attempts to restrict access for younger users.

Age verification, fair oversight and consistent enforcement remain open questions as ministers continue consultations with experts and service providers.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Bitcoin cryptography safe as quantum threat remains distant

Quantum computing concerns around Bitcoin have resurfaced, yet analysis from CoinShares indicates the threat remains long-term. The report argues that quantum risk is an engineering challenge that gives Bitcoin ample time to adapt.

Bitcoin’s security relies on elliptic-curve cryptography. A sufficiently advanced quantum machine could, in theory, derive private keys using Shor’s algorithm, which requires millions of stable, error-corrected qubits, and remains far beyond current capability.

Network exposure is also limited. Roughly 1.6 million BTC is held in legacy addresses with visible public keys, yet only about 10,200 BTC is realistically targetable. Modern address formats further reduce the feasibility of attacks.

Debate continues over post-quantum upgrades, with researchers warning that premature changes could introduce new vulnerabilities. Market impact, for now, is viewed as minimal.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

OpenClaw faces rising security pushback in South Korea

Major technology companies in South Korea are tightening restrictions on OpenClaw after rising concerns about security and data privacy.

Kakao, Naver and Karrot Market have moved to block the open-source agent within corporate networks, signalling a broader effort to prevent sensitive information from leaking into external systems.

Their decisions follow growing unease about how autonomous tools may interact with confidential material, rather than remaining contained within controlled platforms.

OpenClaw serves as a self-hosted agent that performs actions on behalf of a large language model, acting as the hands of a system that can browse the web, edit files and run commands.

Its ability to run directly on local machines has driven rapid adoption, but it has also raised concerns that confidential data could be exposed or manipulated.

Industry figures argue that companies are acting preemptively to reduce regulatory and operational risks by ensuring that internal materials never feed external training processes.

China has urged organisations to strengthen protections after identifying cases of OpenClaw running with inadequate safeguards.

Security analysts in South Korea warn that the agent’s open-source design and local execution model make it vulnerable to misuse, especially when compared to cloud-based chatbots that operate in more restricted environments.

Wiz researchers recently uncovered flaws in agents linked to OpenClaw that exposed personal information.

Despite the warnings, OpenClaw continues to gain traction among users who value its ability to automate complex tasks, rather than rely on manual workflows.

Some people purchase separate devices solely to run the agent, while an active South Korea community on X has drawn more than 1,800 members who exchange advice and share mitigation strategies.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Smart policing project halted by Greek data protection authority

Greece’s data protection authority has warned against activating an innovative policing system planned by the Hellenic Police. The ruling said biometric identity checks carried out on the street would breach data protection law in Greece.

The system would allow police patrols in Greece to use portable devices to scan fingerprints and facial images during spot checks. Regulators said Greek law lacks a clear legal basis for such biometric processing.

The authority said existing rules cited by the Hellenic Police only apply to suspects or detainees and do not cover modern biometric technologies. Greece, therefore, faces unlawful processing risks if the system enters full operation.

The innovative policing project in Greece received the EU funding of around four million euros and received backlash in the past. Regulators said deployment must wait until new legislation explicitly authorises police to use biometrics.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Social engineering breach exposes 1.4 million Betterment customer records

Betterment has confirmed a data breach affecting around 1.4 million customers after a January 2026 social engineering attack on a third-party platform. Attackers used the access to send fraudulent crypto scam messages posing as official promotions.

The breach occurred after an employee was tricked into sharing login credentials, allowing unauthorised access to internal messaging systems rather than core investment infrastructure. Attackers used the access to send messages promising to multiply cryptocurrency deposits sent to external wallets.

Subsequent forensic analysis and breach monitoring services confirmed that more than 1.4 million unique records were exposed. Betterment said investment accounts and login credentials were not compromised during the incident.

Exposed information included names, email addresses, phone numbers, physical addresses, dates of birth, job titles, location data, and device metadata. Security experts warn that such datasets can enable targeted phishing, identity fraud, and follow-on social engineering campaigns.

Betterment revoked access the same day, notified customers, and launched an external investigation. The breach was formally added to public exposure databases in early February, highlighting the growing risk of human-focused attacks against financial platforms.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Dubai hosts launch of AI tools for university students

The UAE Ministry of Higher Education and Scientific Research has partnered with Microsoft to develop AI agents to help university students find jobs. The initiative was announced in Dubai during a major policy gathering in the UAE.

The collaboration in the UAE will use Microsoft Azure to build prototype AI agents supporting personalised learning and career navigation. Dubai-based officials said the tools are designed to align higher education with labour market needs in the UAE.

Four AI agents are being developed in the UAE, covering lifelong skills planning, personalised learning, course co creation and research alignment. Dubai remains central to the project as a hub for higher education innovation in the UAE.

Officials in the UAE said the partnership reflects national priorities around innovation and a knowledge based economy. Microsoft said Dubai offers an ideal environment to scale AI driven education tools across the UAE.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New compliance-orchestrated blockchain model introduced by ZenithBlox

ZenithBlox has introduced Compliance-Orchestrated Blockchain Infrastructure (COBI), a governance-driven execution architecture designed to help regulated institutions adopt blockchain without compromising compliance oversight.

The system shifts away from transaction-centric blockchain models.

Enterprise adoption has faced regulatory friction, with estimates suggesting nearly 90% of pilots fail to reach production. COBI embeds institutional policy and regulatory controls directly into execution, ensuring transactions occur only after compliance validation.

The architecture operates through four layers covering process logic, compliance policy, system orchestration, and blockchain execution. Integrations span banking infrastructure, ERP platforms, and settlement networks without requiring system replacement.

Designed for financial and sovereign use cases, COBI supports cross-border payments, CBDCs, and tokenised assets. ZenithBlox is raising USD 8 million to scale deployments and certifications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

User emails and phone numbers leaked in Substack security incident

Substack confirmed a data breach that exposed user email addresses and phone numbers. The company said passwords and financial information were not affected. The incident occurred in October and was later investigated.

Chief executive Chris Best told users the vulnerability was identified in February and has since been fixed, with an internal investigation now underway. The company has not disclosed the technical cause of the breach or why the intrusion went undetected for several months.

Substack also did not confirm how many users were affected or provide evidence showing whether the exposed data has been misused. Users were advised to remain cautious about unexpected emails and text messages following the incident.

The breach was first reported by TechCrunch, which said the company declined to provide further operational details. Questions remain around potential ransom demands or broader system access.

Substack reports more than 50 million active subscriptions, including 5 million paid users, and raised $100 million in Series C funding in 2025, led by BOND and The Chernin Group, with participation from Andreessen Horowitz and other investors.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.