Privacy and data protection

AI and cyber priorities headline massive US defence budget bill

The US House of Representatives has passed an $848 billion defence policy bill with new provisions for cybersecurity and AI. Lawmakers voted 231 to 196 to approve the chamber’s version of the National Defence Authorisation Act (NDAA).

The bill mandates that the National Security Agency brief Congress on plans for its Cybersecurity Coordination Centre and requires annual reports from combatant commands on the levels of support provided by US Cyber Command.

It also calls for a software bill of materials for AI-enabled technology that the Department of Defence uses. The Pentagon will be authorised to create up to 12 generative AI projects to improve cybersecurity and intelligence operations.

An adopted amendment allows the NSA to share threat intelligence with the private sector to protect US telecommunications networks. Another requirement is that the Pentagon study the National Guard’s role in cyber response at the federal and state levels.

Proposals to renew the Cybersecurity Information Sharing Act and the State and Local Cybersecurity Grant Program were excluded from the final text. The Senate is expected to approve its version of the NDAA next week.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Moncler Korea fined over customer data breach

South Korea’s Personal Information Protection Commission has fined Moncler Korea 88 million won ($63,200) over a large-scale customer data breach.

The regulator said a cyberattack in December 2021 exposed the personal details of about 230,000 customers. Hackers gained access by compromising an administrator account and installing malware on the company’s servers.

The stolen information of the South Korean customers included purchase-related data, though names, dates of birth, emails and card numbers were not part of the leak.

According to officials, Moncler Korea only became aware of the breach a month later and delayed reporting it to both customers and the regulator.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Cyberattack hits LNER passenger data, investigation under way

The contact details of rail passengers have been stolen in a cyberattack affecting London North Eastern Railway (LNER). The company stated that it had been notified of unauthorised access to files managed by a third-party supplier and advised customers to be vigilant against phishing attempts.

LNER stressed that no bank details, card numbers, or passwords had been compromised. The York-based operator stated that it was collaborating with cybersecurity experts and the supplier to investigate the breach and ensure necessary safeguards.

The company did not confirm the number of passengers affected. The incident comes as LNER reported revenues exceeding £1 billion, yet it continues to rely on government support since its nationalisation in 2018.

Passenger complaints rose 12.2 percent in 2025, reaching 24,015, and competition from private operators is driving losses—online ticket platforms such as Trainline direct passengers to cheaper rivals, costing LNER significant revenue.

The breach follows other attacks on UK transport services, including a 2024 incident in which the bank details of 5,000 Transport for London customers were exposed, resulting in weeks of disrupted online services.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI-generated film sparks copyright battle as it heads to Cannes

OpenAI has taken a significant step into entertainment by backing Critterz, the first animated feature film generated with GPT models.

Human artists sketch characters and scenes, while AI transforms them into moving images. The $30 million project, expected to finish in nine months, is far cheaper and faster than traditional animation and could debut at the Cannes Film Festival in 2026.

Yet the film has triggered a fierce copyright debate in India and beyond. Under India’s Copyright Act of 1957, only human works are protected.

Legal experts argue that while AI can be used as a tool when human skill and judgement are clearly applied, autonomously generated outputs may not qualify for copyright at all.

The uncertainty carries significant risks. Producers may struggle to combat piracy or unauthorised remakes, while streaming platforms and investors could hesitate to support projects without clear ownership rights.

A recent case involving an AI tool credited as a co-author of a painting, later revoked, shows how untested the law remains.

Global approaches vary. The US and the EU require human creativity for copyright, while the UK recognises computer-generated works under certain conditions.

In India, lawyers suggest contracts provide the safest path until the law evolves, with detailed agreements on ownership, revenue sharing and disclosure of AI input.

The government has already set up an expert panel to review the Copyright Act, even as AI-driven projects and trailers rapidly gain popularity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack keeps JLR factories shut, hackers claim responsibility

Jaguar Land Rover (JLR) has confirmed that data was affected in a cyberattack that has kept its UK factories idle for more than a week. The company stated that it is contacting anyone whose data was involved, although it did not clarify whether the breach affected customers, suppliers, or internal systems.

JLR reported the incident to the Information Commissioner’s Office and immediately shut down IT systems to limit damage. Production at Midlands and Merseyside sites has been halted until at least Thursday, with staff instructed not to return before next week.

The disruption has also hit suppliers and retailers, with garages struggling to order spare parts and dealers facing delays registering vehicles. JLR said it is working around the clock to restore operations in a safe and controlled way, though the process is complex.

Responsibility for the hack has been claimed by Scattered Lapsus$ Hunters, a group linked to previous attacks on Marks & Spencer, the Co-op, and Las Vegas casinos in the UK and the US. The hackers posted alleged screenshots from JLR’s internal systems on Telegram last week.

Cybersecurity experts say the group’s claim that ransomware was deployed raises questions, as it appears to have severed ties with Russian ransomware gangs. Analysts suggest the hackers may have only stolen data or are building their own ransomware infrastructure.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Claude AI gains powerful file editing tools for documents and spreadsheets

Anthropic’s Claude has expanded its role as a leading AI assistant by adding advanced tools for creating and editing files. Instead of manually working with different programs, users can now describe their needs in plain language and let the AI produce or update Word, Excel, PowerPoint, and PDF files.

A feature that supports uploads of CSV and TSV data and can generate charts, graphs, or images where needed, with a 30MB size limit applying to uploads and downloads.

The real breakthrough lies in editing. Instead of opening a document or spreadsheet, users can simply type instructions such as replacing text, changing currencies, or updating job titles. Claude processes the prompt and makes all the changes in one pass, preserving the original formatting.

It positions the AI as more efficient than rivals, as Gemini can only export reports but not directly modify existing files.

The feature preview is available on web and desktop for subscribers on Max, Team, or Enterprise plans. Analysts suggest the update could reshape productivity tools, especially after reports that Microsoft has partnered with Anthropic to explore using Claude for Office 365 functions.

By removing repetitive tasks and making file handling conversational, Claude is pushing productivity software into a new phase of automation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NotebookLM turns notes into flashcards podcasts and quizzes

Google’s learning-focused AI tool NotebookLM has gained a major update, making studying and teaching more interactive.

Instead of offering only static summaries, it now generates flashcards that condense key information into easy-to-remember notes, helping users recall knowledge more effectively.

Reports can also be transformed into quizzes with customisable topics and difficulty, which can then be shared with friends or colleagues through a simple link.

The update extends to audio learning, where NotebookLM’s podcast-style Audio Overviews are evolving with new formats. Instead of a single style, users can now create Brief, Debate, or Critique episodes, giving greater flexibility in how material is explained or discussed.

Google is also strengthening its teaching tools. A new Blog Post format offers contextual suggestions such as strategy papers or explainers, while the ability to create custom report formats allows users to design study resources tailored to their needs.

The most significant addition, however, is the Learning Guide. Acting like a personal tutor, it promotes deeper understanding by asking open-ended questions, breaking problems into smaller steps, and adapting explanations to suit each learner.

With these features, NotebookLM is moving closer to becoming a comprehensive learning assistant, offering a mix of interactive study aids and adaptable teaching methods that go beyond simple note-taking.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Canadian news publishers clash with OpenAI in landmark copyright case

OpenAI is set to argue in an Ontario court that a copyright lawsuit by Canadian news publishers should be heard in the United States. The case, the first of its kind in Canada, alleges that OpenAI scraped Canadian news content to train ChatGPT without permission or payment.

The coalition of publishers, including CBC/Radio-Canada, The Globe and Mail, and Postmedia, says the material was created and hosted in Ontario, making the province the proper venue. They warn that accepting OpenAI’s stance would undermine Canadian sovereignty in the digital economy.

OpenAI, however, says the training of its models and web crawling occurred outside Canada and that the Copyright Act cannot apply extraterritorially. It argues the publishers are politicising the case by framing it as a matter of sovereignty rather than jurisdiction.

The dispute reflects a broader global clash over how generative AI systems use copyrighted works. US courts are already handling several similar cases, though no clear precedent has been established on whether such use qualifies as fair use.

Publishers argue Canadian courts must decide the matter domestically, while OpenAI insists it belongs in US courts. The outcome could shape how copyright laws apply to AI training and digital content across borders.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ransomware 3.0 raises alarm over AI-generated cyber threats

Researchers at NYU’s Tandon School of Engineering have demonstrated how large language models can be utilised to execute ransomware campaigns autonomously. Their prototype, dubbed Ransomware 3.0, simulated every stage of an attack, from intrusion to the generation of a ransom note.

The system briefly raised an alarm after cybersecurity firm ESET discovered its files on VirusTotal, mistakenly identifying them as live malware. The proof-of-concept was designed only for controlled laboratory use and posed no risk outside testing environments.

Instead of pre-written code, the prototype embedded text instructions that triggered AI models to generate tailored attack scripts. Each execution created unique code, evading traditional detection methods and running across Windows, Linux, and Raspberry Pi systems.

The researchers found that the system identified up to 96% of sensitive files and could generate personalised extortion notes, raising psychological pressure on victims. With costs as low as $0.70 per attack using commercial AI services, such methods could lower barriers for criminals.

The team stressed that the work was conducted ethically and aims to help defenders prepare countermeasures. They recommend monitoring file access patterns, limiting outbound AI connections, and developing defences against AI-generated attack behaviours.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Google avoids breakup as AI reshapes search and threatens e-commerce traffic

The US tech giant Google will not be forced to divest Chrome or Android following the long-running US monopoly case.

Judge Mehta ruled that while Google holds a monopoly in traditional search, the rise of AI companies is creating new competitive pressures.

The judgement prevents Google from striking exclusive distribution deals but still allows it to pay partners for preloading and placement of its products. The court also ordered Google to loosen its control over search data, a move that could enable rivals to build their own AI-driven search tools.

Yet, concerns remain for e-commerce businesses.

Google Zero, the company’s AI-powered search summary, is cutting website traffic by keeping users within Google’s results.

Research shows sharp declines in mobile click-through rates, leaving online retailers uncertain of their future visibility.

Experts warn that zero-click searches are becoming the norm. Businesses are being urged to optimise for Google’s AI overviews, enhance the value of product and review pages, track traffic impacts, and diversify their marketing channels.

While Google has avoided structural remedies, its dominance in search and AI appears far from over.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!