Google is rolling out an AI-powered browsing agent inside Chrome, allowing users to automate routine online tasks. The feature is being introduced in the US for AI Pro and AI Ultra subscribers.
The Gemini agent can interact directly with websites in the US, including opening pages, clicking buttons and completing complex online forms. Testers reported successful use for tasks such as tax paperwork and licence renewals.
Google said Gemini AI integrates with password management tools while requiring user confirmation for payments and final transactions. Security safeguards and fraud detection systems have been built into Chrome for US users.
The Dutch data protection authority has urged the government to act swiftly to protect the country’s digital sovereignty, warning that dependence on overseas technology firms could expose vital public services to significant risk.
Concern has intensified after DigiD, the national digital identity system, appeared set for acquisition by a US company, raising questions about long-term control of key infrastructure.
The watchdog argues that the Netherlands relies heavily on a small group of non-European cloud and IT providers, and stresses that public bodies lack clear exit strategies if foreign ownership suddenly shifts.
Additionally, the watchdog criticises the government for treating digital autonomy as an academic exercise rather than recognising its immediate implications for communication between the state and citizens.
In a letter to the economy minister, the authority calls for a unified national approach rather than fragmented decisions by individual public bodies.
It proposes sovereignty criteria for all government contracts and suggests termination clauses that enable the state to withdraw immediately if a provider is sold abroad. It also notes the importance of designing public services to allow smooth provider changes when required.
The watchdog urges the government to strengthen European capacity by investing in scalable domestic alternatives, including a Dutch-controlled government cloud. The economy ministry has declined to comment.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A Chrome browser extension posing as an AI assistant has stolen OpenAI credentials from more than 10,000 users. Cybersecurity platform Obsidian identified the malicious software, known as H-Chat Assistant, which secretly harvested API keys and transmitted user data to hacker-controlled servers.
The extension, initially called ChatGPT Extension, appeared to function normally after users provided their OpenAI API keys. Analysts discovered that the theft occurred when users deleted chats or logged out, triggering the transmission of credentials via hardcoded Telegram bot credentials.
At least 459 unique API keys were exfiltrated to a Telegram channel months before they were discovered in January 2025.
Researchers believe the malicious activity began in July 2024 and continued undetected for months. Following disclosure to OpenAI on 13 January, the company revoked compromised API keys, though the extension reportedly remained available in the Chrome Web Store.
Security analysts identified 16 related extensions sharing the identical developer fingerprints, suggesting a coordinated campaign by a single threat actor.
LayerX Security consultant Natalie Zargarov warned that whilst current download numbers remain relatively low, AI-focused browser extensions could rapidly surge in popularity.
The malicious extensions exploit vulnerabilities in web-based authentication processes, creating, as researchers describe, a ‘materially expanded browser attack surface’ through deep integration with authenticated web applications.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Worldcoin jumped 40% after reports that OpenAI is developing a biometric social platform to verify users and eliminate bots. The proposed network would reportedly integrate AI tools while relying on biometric identification to ensure proof of personhood.
Sources cited by Forbes claim the project aims to create a humans-only platform, differentiating itself from existing social networks, including X. Development is said to be led by a small internal team, with work reportedly underway since early 2025.
Biometric verification could involve Apple’s Face ID or the World Orb scanner, a device linked to the World project co-founded by OpenAI chief executive Sam Altman.
The report sparked a sharp rally in Worldcoin, though part of the gains later reversed amid wider market weakness. Despite the brief surge, Worldcoin has remained sharply lower over the past year amid weak market sentiment and ongoing privacy concerns.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Pornhub will begin blocking access for new UK users from 2 February 2026, allowing entry only to people who had already created an account and completed age checks before that date, the company said, framing the move as a protest against how the UK’s Online Safety Act is being enforced.
The UK regime, overseen by Ofcom, requires porn services accessible in Britain to deploy ‘highly effective’ age assurance measures, not simple click-through age gates. Ofcom says traffic to pornography sites has fallen by about a third since the age-check deadline of 25 July 2025, and it has pursued investigations into dozens of services as enforcement ramps up.
Privacy and security concerns become sharper when adult platforms are turned into identity checkpoints. In December 2025, reporting linked a large leak of Pornhub premium-user analytics data, including emails and viewing/search histories, to a breach involving a third-party analytics provider, underscoring how sensitive such datasets can be when they are collected or retained.
Government and regulator messaging emphasises child protection and the Online Safety Act’s enforcement teeth, including significant penalties and, in extreme cases, access restrictions, while companies like Aylo argue that inconsistent enforcement simply pushes demand to riskier corners of the internet and fuels workarounds like VPNs.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
SoundCloud disclosed a major data breach in December 2025, confirming that around 29.8 million global user accounts were affected. The incident represents one of the largest security failures involving a global music streaming platform.
The privacy breach exposed email addresses alongside public profile information, including usernames, display names and follower data. SoundCloud said passwords and payment details were not accessed, but the combined data increases the risk of phishing.
SoundCloud detected unauthorised activity in December 2025 and launched an internal investigation. Attackers reportedly exploited a flaw that linked public profile data with private email addresses at scale.
After SoundCloud refused an extortion demand, the stolen dataset was released publicly. SoundCloud has urged users worldwide to monitor accounts closely and enable stronger security protections.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Meta plans to nearly double its AI investment in 2026, according to its latest earnings report. Spending is expected to reach between $115bn and $135bn as the company expands large-scale infrastructure.
Mark Zuckerberg said the investment will focus on data centres needed to train advanced AI models. The strategy is designed to support long-term AI development across Meta’s platforms in the US.
Zuckerberg described 2026 as a pivotal year for AI, with Meta working on multiple products rather than a single launch. Testing is reportedly underway on new models intended to succeed the Llama family in the US.
Meta said building proprietary AI models allows greater control over future products. The company positioned AI as a tool for personal empowerment, setting its approach apart from more centralised automation strategies in the US.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
WhatsApp rejected a class-action lawsuit accusing Meta of accessing encrypted messages, calling such claims false. The company reaffirmed that chats remain protected by device-based Signal protocol encryption.
Filed in a US federal court in California, the complaint alleges Meta misleads more than two billion users by promoting unbreakable encryption while internally storing and analysing message content. Plaintiffs from several countries claim employees can access chats through internal requests.
WhatsApp said no technical evidence accompanies the accusations and stressed that encryption occurs on users’ devices before messages are sent. According to the company, only recipients hold the keys required to decrypt content, which are never accessible to Meta.
The firm described the lawsuit as frivolous and said it will seek sanctions against the legal teams involved. Meta spokespersons reiterated that WhatsApp has relied on independently audited encryption standards for over a decade.
The case highlights ongoing debates about encryption and security, but so far, no evidence has shown that message content has been exposed.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Swiss technology and privacy expert Anna Zeiter is leading the development of W Social, a new European-built social media network designed as an alternative to X. The project aims to reduce reliance on US tech and strengthen European digital sovereignty.
W Social will require users to verify their identity and provide a photo to ensure genuine human accounts, tackling fake profiles and bot driven disinformation that critics link to existing platforms. Zeiter said the name W stands for ‘We’ as well as values and verification.
The platform’s infrastructure will be hosted in Europe under strict EU data protection laws, with decentralised storage and offices planned in Berlin and Paris. Early support comes from European political and tech figures, signalling interest beyond Silicon Valley.
W Social could launch a beta version as early as February, with broader public access planned by year-end. Backers hope the network will foster more positive dialogue and provide a European alternative to US based social media influence.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The certification allows the advertising technology firm to manage personal data without relying on additional transfer mechanisms.
The framework, adopted in 2023, provides a legal basis for EU-to-US data flows while strengthening oversight and accountability. Certification requires organisations to meet strict standards on data minimisation, security, transparency, and individual rights.
By joining the framework, StackAdapt enhances its ability to support advertisers, publishers, and partners through seamless international data processing.
The move also reduces regulatory complexity for European customers while reinforcing the company’s broader commitment to privacy-by-design and responsible data use.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
