Serbia has been accused of using spyware to target journalists and activists, according to a new Amnesty International report. Investigations revealed that ‘NoviSpy,’ a homegrown spyware, extracted private data from devices and uploaded it to a government-controlled server. Some cases also involved the use of technology provided by Israeli firm Cellebrite to unlock phones before infecting them.
Activists reported unusual phone activity following meetings with Serbian authorities. Forensic experts confirmed NoviSpy exported contact lists and private photos to state-controlled servers. The Serbian government has yet to respond to requests for comment regarding these allegations.
Cellebrite, whose phone-cracking devices are widely used by law enforcement worldwide, stated it is investigating the claims. The company’s representative noted that misuse of their technology could violate end-user agreements, potentially leading to a suspension of use by Serbian officials.
Concerns over these practices are heightened due to Serbia’s EU integration programme, partially funded by Norway and administered by the UN Office for Project Services (UNOPS). Norway expressed alarm over the findings and plans to meet with Serbian authorities and UNOPS for clarification.
TikTok’s deadline is approaching as its Chinese parent company, ByteDance, prepares to take its case to the US Supreme Court. A federal appeals court on Friday rejected TikTok’s request for more time to challenge a law mandating ByteDance to divest TikTok’s US operations by 19 January or face a nationwide ban. The platform, used by 170 million Americans, now has weeks to seek intervention from the Supreme Court to avoid a shutdown that would reshape the digital landscape.
The US government argues that ByteDance’s control over TikTok poses a persistent national security threat, claiming the app’s ties to China could expose American data to misuse. TikTok strongly disputes these assertions, stating that user data and content recommendation systems are stored on US-based Oracle servers and that moderation decisions are made domestically. A TikTok spokesperson emphasised the platform’s intention to fight for free speech, pointing to the Supreme Court’s history of defending such rights.
The ruling leaves TikTok’s immediate fate uncertain, placing the decision first in the hands of President Joe Biden, who could grant a 90-day extension if progress toward a divestiture is evident. However, Biden’s decision would give way to President-elect Donald Trump, who takes office just one day after the 19 January deadline. Despite his previous efforts to ban TikTok in 2020, Trump recently opposed the current law, citing concerns about its benefits to rival platforms like Facebook.
Adding to the urgency, US lawmakers have called on Apple and Google to prepare to remove TikTok from their app stores if ByteDance fails to comply. As the clock ticks, TikTok’s battle with the US government highlights a broader conflict over technology, data privacy, and national security. The legal outcome could force millions of users and businesses to rethink their digital strategies in a post-TikTok world.
More than 20 price comparison websites across Europe, including Germany’s Idealo and France‘s LeGuide, criticised Google’s proposed changes to its search results, claiming they fail to comply with EUDigital Markets Act (DMA) requirements. The Act prohibits companies from favouring their own products and services on their platforms.
Google’s latest proposal includes redesigned search results to balance comparison sites and supplier websites, alongside testing an older ‘ten blue links’ format in some countries. However, the websites argue Google has disregarded feedback from over a year of discussions.
The critics, in an open letter, called on the European Commission to take decisive action, including fines, to ensure compliance. Google referred to a November statement highlighting efforts to meet DMA requirements.
The US Securities and Exchange Commission (SEC) has reopened its investigation into Neuralink, Elon Musk’s brain-chip startup, according to a letter shared by Musk on X, formerly known as Twitter. The letter, dated Dec. 12 and written by Musk’s attorney Alex Spiro, also revealed that the SEC issued Musk a 48-hour deadline to settle a probe into his $44 billion takeover of Twitter or face charges. The settlement amount remains undisclosed.
Musk’s tumultuous relationship with the SEC has resurfaced amid allegations that he misled investors about Neuralink’s brain implant safety. Despite ongoing investigations, the extent to which the SEC can take action against Musk is uncertain. Musk, who also leads Tesla and SpaceX, is positioned to gain significant political leverage after investing heavily in supporting Donald Trump’s presidential campaign. Trump, in turn, has appointed Musk to a government reform task force, raising questions about potential regulatory leniency toward his ventures.
In the letter, Spiro criticised the SEC’s actions, stating Musk would not be “intimidated” and reserving his legal rights. This marks the latest in a series of clashes between Musk and the SEC, including a 2018 lawsuit over misleading Tesla-related tweets, which Musk settled by paying $20 million and stepping down as Tesla chairman. Both the SEC and Neuralink have yet to comment on the reopened investigation.
Google has successfully defended itself against a revived privacy lawsuit in the UK concerning the transfer of patient data from the Royal Free London NHS Trust. The legal case, brought by patient Andrew Prismall on behalf of 1.6 million individuals, alleged that the data shared with Google’s AI division, DeepMind Technologies, was misused.
The Royal Free NHS Trust had transferred the data in 2015 to assist in developing an AI app designed to detect kidney injuries. Although Britain’s Information Commissioner’s Office ruled in 2017 that the data-sharing arrangement violated privacy laws, a subsequent lawsuit against Google and DeepMind was dismissed last year due to insufficient grounds.
On Wednesday, the Court of Appeal upheld this dismissal, rejecting Prismall’s attempt to challenge the earlier ruling. Google has not commented on the outcome, which closes a high-profile chapter in the debate over privacy and technology’s role in healthcare.
BeReal, the selfie-sharing app acquired by French mobile games publisher Voodoo earlier this year, is under scrutiny for allegedly violating European data protection rules. A privacy complaint filed by Noyb, a European privacy rights organisation, accuses the app of using manipulative ‘dark patterns’ to coerce users into consenting to ad tracking, a tactic that may breach the General Data Protection Regulation (GDPR).
The controversy centres on a consent banner introduced in July 2024, which appears to offer users a straightforward choice to accept or refuse tracking. However, Noyb argues that users who decline tracking face daily pop-ups when they try to post, while those who consent are spared further interruptions. This practice, Noyb asserts, pressures users into compliance, undermining the GDPR’s requirement that consent be ‘freely given.’
The complaint has been filed with France’s data protection authority, CNIL, and demands that BeReal revise its consent process to comply with GDPR. It also calls for any improperly obtained data to be deleted and suggests a fine for the alleged violations. BeReal’s parent company, Voodoo, has yet to comment on the complaint.
This case highlights growing concerns over dark patterns in social media apps, with regulators emphasising the need for fair and transparent consent mechanisms in line with user privacy rights.
Samsung has filed a legal challenge against India‘s Competition Commission (CCI), accusing the watchdog of unlawfully detaining employees and seizing data during a 2022 raid connected to an antitrust investigation involving Amazon and Walmart-owned Flipkart. The CCI claims Samsung colluded with the e-commerce giants to launch products exclusively online, a practice it argues violates competition laws.
In its filing with the northern city of Chandigarh’s High Court, Samsung alleged that confidential data was improperly taken from its employees during the raid and requested the return of the material. Samsung has secured an injunction to pause the CCI’s proceedings but seeks a broader ruling to prevent the use of the seized data. The CCI, in turn, has asked the Supreme Court to consolidate similar challenges by Samsung and 22 other parties, arguing that companies are attempting to derail the investigation.
The case stems from findings earlier this year that Amazon, Flipkart, and smartphone companies like Samsung engaged in anti-competitive practices by favouring select sellers and using exclusive product launches. While Amazon and Flipkart deny wrongdoing, brick-and-mortar retailers have long criticised their pricing and market strategies. Samsung, a major smartphone brand in India with a 14% market share, maintains it was wrongly implicated and cooperated only as a third party in the investigation.
A California court has ordered five individuals to pay over $5 million for their roles in the IcomTech Ponzi scheme. Between 2018 and 2019, the scheme defrauded investors through a fake Bitcoin trading platform. IcomTech promised 100% returns every six weeks, ultimately misappropriating $8.4 million of victims’ funds.
The group, led by founder David Carmona, lured over 190 investors with lavish expos and false claims of wealth. The court found them guilty of violating the Commodity Exchange Act and Commodity Futures Trading Commission (CFTC) regulations. Each was fined $1 million and banned from trading in CFTC-regulated markets.
In addition to financial penalties, the individuals received prison sentences ranging from five to ten years. The CFTC emphasised the importance of protecting investors from such schemes, urging vigilance in the cryptocurrency sector.
The US Supreme Court has dismissed an appeal by Nvidia, rejecting its attempt to block a securities fraud lawsuit accusing the chipmaker of misleading investors about its reliance on the volatile cryptocurrency market. The decision upholds a lower court’s ruling, allowing a 2018 class-action lawsuit led by Swedish investment firm E. Ohman J:or Fonder AB to proceed. The justices, offering no explanation in their one-line order, had previously expressed hesitation about addressing the case’s technical and factual complexities during November arguments.
The lawsuit centres on allegations that Nvidia’s leadership, including CEO Jensen Huang, downplayed how much of the company’s 2017-2018 revenue growth stemmed from crypto-related purchases. Nvidia’s chips gained popularity during the cryptocurrency boom but faced a sales slump when the market cooled in late 2018, leading to a drop in the company’s stock price. A federal judge initially dismissed the case, but the Ninth Circuit Court of Appeals revived it, concluding that plaintiffs sufficiently alleged Nvidia knowingly made misleading statements.
Nvidia has denied wrongdoing and vowed to continue its defence, emphasising the need for clear standards in securities litigation to protect shareholders. However, the plaintiffs argue their case is well-supported by expert analysis and insider accounts. Deepak Gupta, representing the shareholders, called the Supreme Court’s dismissal a victory for corporate accountability. President Biden’s administration backed the investors, reflecting broader concerns about corporate transparency in securities practices.
This case mirrors another recent Supreme Court decision involving Meta, where justices also dismissed a securities fraud lawsuit. Both rulings highlight the challenges of navigating legal thresholds for investor class actions under stringent US securities laws.
Australia‘s Federal Court has fined Bit Trade, the local operator of cryptocurrency exchange Kraken, A$8 million ($5.1 million) for unlawfully offering credit facilities to over 1,100 customers. The ruling came after the Australian Securities and Investments Commission (ASIC) filed civil proceedings against the company, accusing it of non-compliance with regulations for its margin trading product.
ASIC revealed that Bit Trade failed to assess whether its margin extensions—a form of credit repayable in digital assets like bitcoin or national currencies—were suitable for customers. This led to combined customer losses exceeding $5 million, while Bit Trade charged over $7 million in fees and interest. The court classified the margin extension product as a credit facility requiring a specific consumer suitability document, which the company had not provided.
In a statement, Kraken expressed disappointment, arguing the ruling could stifle economic growth in Australia. The exchange emphasised its willingness to work with regulators to shape the evolving cryptocurrency framework. The case marks a milestone for ASIC, as it is the first penalty imposed on a company for failing to provide a target market determination for a financial product.
