LinkedIn has been fined 310 million euros by European Union regulators for breaching the bloc’s strict data privacy rules. The penalty targets the Microsoft-owned platform for improperly using personal data to target users with ads.
Ireland’s Data Protection Commission (DPC) issued the fine, criticising LinkedIn for failing to handle user data lawfully, fairly, and transparently. As LinkedIn’s European headquarters is in Dublin, the DPC acts as the platform’s lead privacy regulator across the EU.
The investigation found LinkedIn lacked a lawful basis to collect personal information for advertising, violating the General Data Protection Regulation (GDPR). Regulators have ordered the company to align its practices with GDPR standards.
LinkedIn maintains it was operating within the rules but confirmed it is adjusting its advertising practices to meet compliance requirements. Deputy Commissioner Graham Doyle stressed that processing data without legal grounds undermines the fundamental right to privacy.
Taiwan Semiconductor Manufacturing Company (TSMC) has halted chip shipments to a client after discovering its components were found in a Huawei product. This action came about two weeks ago, triggering a detailed investigation to assess the situation’s full scope. A Taiwanese trade official, speaking anonymously, confirmed the development due to its sensitive nature.
The incident has raised alarms due to potential violations of US export controls. TSMC notified both US and Taiwanese authorities, categorising the discovery as a significant internal warning. While the client involved remains undisclosed, TSMC is cooperating with officials but has refrained from commenting further.
The controversy follows a report by TechInsights, which disassembled a Huawei device and found TSMC chips. Such findings suggest the chips may have bypassed US restrictions designed to limit China’s access to advanced technology, particularly to curb military advancements. Taiwan, mindful of growing regional tensions, enforces strict export rules in alignment with the US.
Huawei has long been a focal point of US efforts to control the flow of advanced technology to Chinese entities. Despite these restrictions, Chinese companies have sought workarounds, including using cloud platforms like Amazon’s to gain access to advanced US chips. Taiwan continues to monitor such risks closely, aiming to uphold compliance with international export regulations.
The Australian Competition and Consumer Commission (ACCC) is enhancing its cybersecurity capabilities throughout FY25 as part of a broader strategy to improve compliance and maturity in line with the Australian Cyber Security Centre’s Essential Eight framework. The initiative addresses the ACCC’s expanding regulatory role within Australia’s cybersecurity landscape, particularly with the launch of the national anti-scam centre and digital ID, set to take effect on 1 December.
The ACCC will be responsible for accrediting digital ID services, approving participants in the government’s digital ID service, and enforcing compliance regulations, resulting in a heightened workload and increased resource demand. To tackle these challenges, the ACCC aims to elevate its cybersecurity maturity to level two of the Essential Eight framework, prioritising risk management and improvement initiatives.
To strengthen its cybersecurity posture, the uplift will be supported by leveraging various Microsoft technologies, including Active Directory, Group Policy, Defender, Sentinel, and Intune. Recognising the importance of robust defences against cyber threats, the ACCC is committed to allocating the necessary resources to support its enhanced cybersecurity efforts. By elevating its maturity level and effectively managing emerging risks, the ACCC seeks to ensure the resilience of its operations and safeguard consumer interests in an increasingly complex cyber landscape.
Georgia‘s secretary of state’s office recently thwarted a cyberattack aimed at crashing the website used by voters to request absentee ballots. The attack, believed to have originated from a foreign entity, involved hundreds of thousands of IP addresses flooding the system with fake traffic. Despite briefly slowing the site, the attack did not disrupt the ability of voters to request ballots, thanks in part to support from cybersecurity firm Cloudflare.
Officials have yet to confirm the foreign origin, though Gabe Sterling, an election official in Georgia, suggested the attack had “the hallmarks of a foreign power.” The FBI and the US Cybersecurity and Infrastructure Security Agency are involved in the investigation. This incident highlights ongoing attempts by hackers, including foreign-linked groups, to interfere with the democratic process as the US presidential election approaches.
Georgia has previously dealt with cyber threats, including a cyberattack in Coffee County earlier this year, underscoring the continuous risk to election infrastructure. However, no cyber activity has affected the actual casting or counting of votes so far.
The United States Justice Department introduced new rules on Monday to safeguard federal and personal data from foreign adversaries such as China, Russia, and Iran. The regulations aim to limit certain business transactions that could transfer sensitive American data to these countries.
The proposal implements an executive order from President Biden and seeks to prevent the misuse of American financial, health, and genomic data by foreign governments for purposes like espionage and cyber attacks. Countries such as Venezuela, Cuba, and North Korea are also included in the list of nations targeted by the rule.
Among the data types restricted from transfer are human genomic data on more than 100 individuals, and financial or health data on over 10,000 people. Geolocation data on more than 1,000 US devices will also be restricted under the new rule.
The Justice Department plans to enforce compliance through both civil and criminal penalties. Apps like TikTok could potentially violate the new regulations if they transfer sensitive data to their Chinese parent companies.
Meta Platforms and its CEO, Mark Zuckerberg, successfully defended against a lawsuit claiming the company misled shareholders about child safety on Facebook and Instagram. A US federal judge dismissed the case on Tuesday.
Judge Charles Breyer ruled that the plaintiff, Matt Eisner, failed to demonstrate that shareholders experienced financial harm due to Meta’s disclosures. He stated that federal law does not require companies to reveal all decisions regarding child safety measures or focus on their shortcomings.
Eisner had sought to delay Meta’s 2024 annual meeting and void its election results unless the company revised its proxy statement. However, the judge emphasised that many of Meta’s commitments in its proxy materials were aspirational and not legally binding. His dismissal, issued with prejudice, prevents Eisner from filing the same case again.
Meta still faces legal challenges from state attorneys general and hundreds of lawsuits from children, parents, and schools, accusing the company of fostering social media addiction. Other platforms, such as TikTok and Snapchat, also confront similar legal actions.
Sui has announced a significant partnership with Google Cloud, which was made possible by ZettaBlock, to provide developers with real-time blockchain data access. This integration allows developers to harness Sui’s blockchain data through Google Cloud’s Pub/Sub service, facilitating new applications such as AI-powered fraud detection and dynamic gaming features. With the ability to access live data, AI models can function more effectively, improving the accuracy and speed of applications.
This move is expected to revolutionise online gaming. Real-time data from the blockchain will be able to impact gameplay, making experiences more interactive and responsive. ZettaBlock also plans to expand its platform, providing developers with even more tools to create innovative AI applications.
The Danish government has relaunched the National Cyber Security Council (NCSC) with an expanded mandate to strengthen digital security across critical sectors while advancing AI capabilities. That effort is part of a larger initiative that includes the country’s €100 million National Strategy for Digitalisation (NSD), which supports AI development through regulatory sandboxes and guidelines aligned with the EU’s AI Act.
The NCSC will promote public-private partnerships, enhance data sharing between government, businesses, and academia, and protect critical infrastructure from rising cyber threats. In tandem, the government’s Artificial Intelligence Guideline (AIG) project helps companies and public authorities adopt AI securely, offering a framework to test and integrate AI technologies within a regulatory safe zone. These combined efforts boost digital transformation while ensuring strong cybersecurity and legal compliance.
The NCSC’s new mission addresses growing cybersecurity challenges, particularly in light of geopolitical instability, such as Russia’s invasion of Ukraine. The council aims to foster collaboration between national security agencies and small and medium-sized enterprises (SMEs) by assembling experts from key sectors, including businesses, universities, and municipalities.
The Danish government’s investment in AI development is also supported by regulatory sandboxes that allow companies to innovate safely within the EU legal frameworks like GDPR and the AI Act. The broader NSD also targets improvements in digital education, workforce skills, and business transformation, ensuring that a solid security and regulatory oversight foundation underpins Denmark’s push for innovation.
Nexus and Utimaco have joined forces to enhance security for mobile identities, IoT devices, and critical infrastructure. The strategic partnership reflects a commitment to addressing escalating cybersecurity threats, especially as organisations increasingly adopt mobile-first environments and connected devices.
At the core of this collaboration are integrated security solutions that combine Nexus’ Public Key Infrastructure (PKI) platform with Utimaco’s Hardware Security Module (HSM) and encryption technologies. Specifically, these capabilities enable organisations to issue PKI-based mobile identities for secure access and authentication without traditional passwords while simultaneously allowing manufacturers to assign trusted identities to IoT devices during production.
Furthermore, the solutions support compliance with regulations such as VS-NfD and the EU Cyber Resilience Act (CRA), ensuring that sensitive information is protected and mitigating risks associated with counterfeit products and unauthorised access. A practical application of these integrated solutions is already evident in a major European telecommunications provider, which has successfully secured the provisioning and communication of its IoT devices, significantly reducing risks and maintaining regulatory compliance.
That partnership represents a proactive approach to cybersecurity, providing organisations with the tools needed to navigate the complexities of digital identity management and the secure deployment of connected devices. By leveraging each other’s expertise, Nexus and Utimaco aim to deliver robust solutions that enhance user convenience and strengthen overall security measures. As security threats evolve, the collaboration prioritises user flexibility and strong protection, paving the way for a more secure digital landscape.
CUDIS announced the integration of the World App, enabling users to securely verify and manage their biometric data through World ID, a system that utilises iris scans for identity verification. The innovative feature enhances the functionality of the CUDIS smart ring, which tracks important health metrics such as heart rate and sleep patterns and allows it to interact with decentralised physical infrastructure networks (DePIN).
Moreover, users are incentivised to engage with various features, including an AI fitness coach, and they receive WRD tokens for submitting their biometric data. Consequently, the integration significantly bolsters privacy and security by allowing users to store their data on-chain using the decentralised InterPlanetary File System (IPFS). Additionally, World ID, part of the World Network (formerly known as Worldcoin), aims to combat digital identity threats like deepfakes while preserving user privacy.
In the near future, CUDIS plans to release a limited-edition smart ring specifically for World ID holders, emphasising the importance of encrypting biometric data to ensure transparency and trust among users. Since its launch in May, the company has sold 10,000 smart rings and is preparing to airdrop a Solana-based token by the end of the year.
Furthermore, CUDIS introduced an NFT series called ‘Edamame’ and successfully raised $5 million in seed funding, indicating strong investor confidence in the company’s innovative digital identity and health-tracking approach.
