Network security

TikTok accused of breaching EU digital safety rules

The European Commission has concluded that TikTok’s design breaches the Digital Services Act by encouraging compulsive use and failing to protect users, particularly children and teenagers.

Preliminary findings say the platform relies heavily on features such as infinite scroll, which automatically delivers new videos and makes disengagement difficult.

Regulators argue that such mechanisms place users into habitual patterns of repeated viewing rather than supporting conscious choice. EU officials found that safeguards introduced by TikTok do not adequately reduce the risks linked to excessive screen time.

Daily screen time limits were described as ineffective because alerts are easy to dismiss, even for younger users who receive automatic restrictions. Parental control tools were also criticised for requiring significant effort, technical knowledge and ongoing involvement from parents.

Henna Virkkunen, the Commission’s executive vice-president for tech sovereignty, security and democracy, said addictive social media design can harm the development of young people. European law, she said, makes platforms responsible for the effects their services have on users.

Regulators concluded that compliance with the Digital Services Act would require TikTok to alter core elements of its product, including changes to infinite scroll, recommendation systems and screen break features.

TikTok rejected the findings, calling them inaccurate and saying the company would challenge the assessment. The platform argues that it already offers a range of tools, including sleep reminders and wellbeing features, to help users manage their time.

The investigation remains ongoing and no penalties have yet been imposed. A final decision could still result in enforcement measures, including fines of up to six per cent of TikTok’s global annual turnover.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Slovenia plans social media ban for children under 15

Among several countries lately, Slovenia is also moving towards banning access to social media platforms for children under the age of 15, as the government prepares draft legislation aimed at protecting minors online.

Deputy Prime Minister Matej Arčon said the Education Ministry initiated the proposal and would be developed with input from professionals.

The planned law would apply to major social networks where user-generated content is shared, including TikTok, Snapchat and Instagram. Arčon said the initiative reflects growing international concern over the impact of social media on children’s mental health, privacy and exposure to addictive design features.

Slovenia’s move follows similar debates and proposals across Europe and beyond. Countries such as Italy, France, Spain, UK, Greece and Austria have considered restrictions, while Australia has already introduced a nationwide minimum age for social media use.

Spain’s prime minister recently defended proposed limits, arguing that technology companies should not influence democratic decision-making.

Critics of such bans warn of potential unintended consequences. Telegram founder Pavel Durov has argued that age-based restrictions could lead to broader data collection and increased state control over online content.

Despite these concerns, Slovenia’s government appears determined to proceed, positioning the measure as part of a broader effort to strengthen child protection in the digital space.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU split widens over ban on AI nudification apps

European lawmakers remain divided over whether AI tools that generate non-consensual sexual images should face an explicit ban in the EU legislation.

The split emerged as debate intensified over the AI simplification package, which is moving through Parliament and the Council rather than remaining confined to earlier negotiations.

Concerns escalated after Grok was used to create images that digitally undressed women and children.

The EU regulators responded by launching an investigation under the Digital Services Act, and the Commission described the behaviour as illegal under existing European rules. Several lawmakers argue that the AI Act should name pornification apps directly instead of relying on broader legal provisions.

Lead MEPs did not include a ban in their initial draft of the Parliament’s position, prompting other groups to consider adding amendments. Negotiations continue as parties explore how such a restriction could be framed without creating inconsistencies within the broader AI framework.

The Commission appears open to strengthening the law and has hinted that the AI omnibus could be an appropriate moment to act. Lawmakers now have a limited time to decide whether an explicit prohibition can secure political agreement before the amendment deadline passes.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Germany fines Amazon €59 million for abusing market power in seller pricing

The German competition authority has fined Amazon €59 million for abusing its dominant position by influencing the pricing behaviour of third-party sellers.

Regulators concluded that Amazon’s pricing algorithms and Fair Pricing Policy breached national digital dominance rules and the EU competition law, rather than aligning with fair marketplace standards.

The authority argued that Amazon competes directly with merchants on its platform while shaping their prices through restrictions such as caps that penalise sellers who exceed certain limits.

Officials described that approach as incompatible with healthy competition since a platform should not influence rivals’ commercial strategies while participating in the same market.

Amazon strongly disputed the ruling and claimed the conclusion conflicts with the EU consumer standards. The company argued that the decision forces the platform to promote prices that fail to reflect competitive market conditions and announced it will challenge the findings.

The case follows a 2025 preliminary assessment and builds on Amazon’s earlier designation in 2022 as a company of paramount significance for competition, a judgement upheld by the Federal Court of Justice in Germany in 2024.

A ruling that marks another step in Europe’s efforts to rein in digital platforms that wield extensive influence across multiple markets.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Spain faces escalating battle with Telegram founder

The confrontation between Spain and Telegram founder Pavel Durov has intensified after he claimed that Pedro Sánchez endangered online freedoms.

Government officials responded that the tech executive spread lies rather than engage with the proposed rules in good faith. Sánchez argued that democracy would not be silenced by what he called the techno-oligarchs of the algorithm.

The dispute followed the unveiling of new measures aimed at major technology companies. The plan introduces a ban on social media use for under-16s and holds corporate leaders legally responsible when unlawful or hateful content remains online rather than being removed.

Platforms would also need to adopt age-verification tools such as ID checks or biometric systems, which Durov argued could turn Spain into a surveillance state by allowing large-scale data collection.

Tensions widened as Sánchez clashed with prominent US tech figures. Sumar urged all bodies linked to the central administration to leave X, a move that followed Elon Musk’s accusation that the Spanish leader was acting like a tyrant.

The row highlighted how Spain’s attempt to regulate digital platforms has placed its government in open conflict with influential technology executives.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

TikTok access restored as Albania adopts new protective filters

Albania has lifted its temporary ban on TikTok after nearly a year, the government announced, saying that concerns about public, social and digital safety have now been addressed and that access will resume nationwide.

The restriction was introduced in March 2025 following a fatal stabbing linked to a social media dispute and aimed to protect younger users instead of exposing them to harmful online content.

Under the new arrangement, authorities are partnering with TikTok to introduce protective filters based on keywords and content controls and to strengthen reporting mechanisms for harmful material.

The government described the decision as a shift from restrictive measures to a phase of active monitoring, inter-institutional cooperation, and shared responsibility with digital platforms.

Although the ban has now been lifted, a court challenge contends that the earlier suspension violated the constitutional right to freedom of expression, and a ruling is expected later in February. Opposition figures also criticised the original ban when it was applied ahead of parliamentary elections.

Despite the formal ban, TikTok remained accessible to many users in Albania through virtual private networks during the year it was in force, highlighting the challenge of enforcing such blocks in practice.

Critics have also noted that addressing the impact on youth may require broader digital education and safety measures.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Info stealing malware spreads from Windows to macOS

Microsoft has warned that info stealing malware is increasingly targeting macOS alongside Windows, using cross platform tools and social engineering. The company said the trend accelerated from late 2025.

Attackers are luring macOS users to fake websites and malicious installers, often promoted through online ads. Microsoft said these campaigns steal credentials, crypto wallets and browser sessions on macOS and Windows.

Python based malware is also playing a larger role, enabling attackers to target macOS and Windows with the same code. Microsoft reported growing abuse of trusted platforms such as WhatsApp to spread infostealers.

Microsoft urged organisations and individuals to strengthen layered cybersecurity on macOS and Windows. The company said better user awareness and monitoring could reduce the risk of data theft and account compromise.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

New multi-stage scams use PDF files to harvest corporate credentials

Phishing continues to succeed despite increasingly sophisticated AI-driven threats, with attackers relying on familiar tools such as PDFs and cloud services. Researchers have identified a new campaign using legitimate-looking documents to redirect victims to credential-harvesting pages impersonating Dropbox.

The attack starts with professional emails framed as procurement or tender requests. When recipients open the attached PDF, they are quietly redirected through trusted cloud infrastructure before reaching a fake Dropbox login page designed to steal corporate credentials.

Each stage appears legitimate in isolation, allowing the campaign to bypass standard filters and authentication checks. Business-style language, reputable hosting platforms, and realistic branding reduce suspicion while exploiting everyday workplace routines.

Security specialists warn that long-standing trust in PDFs and mainstream cloud services has lowered user vigilance. Employees have been conditioned to view these formats as safe, creating opportunities for attackers to weaponise familiar business tools.

Experts say phishing awareness must evolve beyond basic link warnings to reflect modern multi-stage attacks. Alongside training, layered defences such as multi-factor authentication and anomaly detection remain essential for limiting damage.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Tinder tests AI Chemistry feature to cut swipe fatigue and revive engagement

The dating platform is expanding its reliance on AI, with Tinder experimenting with a feature designed to ease swipe fatigue among users.

A tool, known as Chemistry, that builds a picture of each person through optional questions and by reviewing their Camera Roll with permission, offering a more personalised route toward potential matches instead of repetitive browsing.

Match is currently testing the feature only in Australia. Executives say the system allows people to receive a small set of tailored profiles rather than navigating large volumes of candidates.

Tinder hopes the approach will strengthen engagement during a period when registrations and monthly activity remain lower than last year, despite minor improvements driven by AI-based recommendations.

Developers are also refocusing the broader discovery experience to reflect concerns raised by Gen Z around authenticity, trust and relevance.

The platform now relies on verification tools such as Face Check, which Match says cut harmful interactions by more than half instead of leaving users exposed to impersonators.

These moves indicate a shift away from the swipe mechanic that once defined the app, offering more direct suggestions that may improve outcomes.

Marketing investment is set to rise as part of the strategy. Match plans to allocate $50 million to new campaigns that will position Tinder as appealing again, using creators on TikTok and Instagram to reframe the brand.

Strong quarterly revenue failed to offset weaker guidance, yet the company argues that AI features will help shape a more reliable and engaging service for users seeking consistent matches.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Google issues warning on malware affecting over 40% of Android devices

The US tech giant, Google, has alerted users that more than 40% of Android phones are vulnerable to new malware and spyware due to outdated software. Phones running older versions than Android 13 no longer receive security updates, leaving over a billion users worldwide at risk.

Data shows Android 16 is present on only 7.5% of devices, while versions 15, 14, and 13 still dominate the market.

Slow adoption of updates means many devices remain exposed, even when security patches are available. Google emphasised that outdated phones are particularly unsafe and cannot protect against emerging threats.

Users are advised to upgrade to Android 13 or newer, or purchase a mid-range device that receives regular updates, instead of keeping an old high-end phone without support. Unlike Apple, where most iPhones receive timely updates, older Android devices may never get the necessary security fixes.

The warning highlights the urgent need for users to act immediately to avoid potential data breaches and spyware attacks. Google’s message is clear: using unsupported Android devices is a growing global security concern.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!