FCC Chairwoman Jessica Rosenworcel has proposed requiring US communications providers to certify annually that they have plans to defend against cyberattacks. The move comes amid growing concerns over espionage by ‘Salt Typhoon,’ a hacking group allegedly linked to Beijing that has infiltrated several American telecom companies to steal call data.
Rosenworcel highlighted the need for a modern framework to secure networks as US intelligence agencies assess the impact of Salt Typhoon’s widespread attack. A senior US official confirmed the hackers had stolen metadata from numerous Americans, breaching at least eight telecom firms.
The FCC proposal, which Rosenworcel has circulated to other commissioners, would take effect immediately if approved. The announcement follows a classified Senate briefing on the breach, but industry giants like Verizon, AT&T, and T-Mobile have yet to comment.
A senior US official revealed that a Chinese hacking group, known as ‘Salt Typhoon,’ has stolen vast amounts of Americans’ metadata in a broad cyberespionage effort targeting US telecommunications. While specific figures remain undisclosed, the hackers are said to have breached at least eight American telecom firms, including Verizon, AT&T, and T-Mobile.
Call record metadata — detailing who called whom, when, and where — was a key target, exposing sensitive personal and professional patterns. In some cases, telephone audio intercepts were also reportedly stolen. The campaign remains active, with the White House prioritising efforts to counter the intrusions.
Government agencies, including the FBI and the National Security Council, have briefed lawmakers and President Joe Biden on the matter, highlighting the severity of the breach. Efforts to secure the nation’s telecommunications infrastructure are ongoing.
Meta, the parent company of Facebook, plans to invest $10 billion to construct a state-of-the-art AI data centre in Richland Parish, Louisiana. Once completed, it will be the largest data centre in Meta’s global portfolio, designed to manage the vast data needs of AI and digital infrastructure. The facility is set to begin construction in December and is expected to take until 2030 to complete.
The company is working with Entergy, a utility provider operating in Louisiana, to ensure the centre’s energy consumption is fully matched by renewable sources. Entergy already supports similar projects, including Amazon’s upcoming cloud services facility in Mississippi, and operates two nuclear power plants in Louisiana.
As AI computing drives a surge in energy demand among tech giants like Meta, Amazon, and Microsoft, companies are increasingly exploring nuclear power to supplement renewable energy. However, challenges such as an ageing reactor fleet, regulatory hurdles, and supply chain limitations for uranium fuel may slow the adoption of nuclear energy.
Meta recently sought proposals from nuclear power developers to support its AI and environmental goals, aiming for 1 to 4 gigawatts of new US nuclear capacity by the early 2030s. The Louisiana data centre is part of Meta’s broader strategy to integrate sustainability with cutting-edge AI technology.
Social media buzzed over the weekend as ChatGPT, the popular AI chatbot, mysteriously refused to generate the name ‘David Mayer.’ Users reported responses halting mid-sentence or error messages when attempting to input the name, sparking widespread speculation about Mayer’s identity and theories that he might have requested privacy through legal means.
OpenAI, the chatbot’s developer, attributed the issue to a system glitch. A spokesperson clarified, ‘One of our tools mistakenly flagged this name, which shouldn’t have happened. We’re working on a fix.’ The company has since resolved the glitch for ‘David Mayer,’ but other names continue to trigger errors.
Conspiracy theories emerged online, with some suggesting a link to David Mayer de Rothschild, who denied involvement, and others speculating connections to a deceased academic with ties to a security list. Experts noted the potential relevance of GDPR’s ‘right to be forgotten’ privacy rules, which allow individuals to request the removal of their data from digital platforms.
However, privacy specialists highlighted AI systems’ challenges in fully erasing personal data due to their reliance on massive datasets from public sources. While the incident has drawn attention to the complexities of AI data handling and privacy compliance, OpenAI remains tight-lipped on whether the glitch stemmed from a deletion request under GDPR guidelines. The situation underscores the tension between advancing AI capabilities and safeguarding individual privacy.
US agencies have briefed senators on ‘Salt Typhoon,’ a Chinese cyber-espionage campaign allegedly targeting American telecommunications networks. Officials claim the hackers stole call metadata and other sensitive information, affecting at least eight US telecom firms and dozens of companies worldwide. The breaches have sparked bipartisan concern, with some senators pressing for stronger preventive measures and legislation.
Telecom giants like Verizon, AT&T, and T-Mobile acknowledged the incidents but downplayed the impact on customer data. Federal agencies, including the FBI and Cybersecurity and Infrastructure Security Agency, emphasised the challenge of fully removing hackers from networks, while incoming FCC Chair Brendan Carr pledged to strengthen cybersecurity defences.
China has denied the allegations, calling them disinformation. Meanwhile, a Senate subcommittee hearing on December 11 will focus on the risks posed by such cyber threats and explore ways to protect US communications infrastructure.
A senior United States cybersecurity official has urged Americans to embrace encryption to safeguard their communications, citing ongoing efforts to expel alleged Chinese hackers from US telecom networks. Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasised the importance of avoiding plaintext communications and recommending encrypted apps like Signal and WhatsApp.
US authorities have accused hackers from China of infiltrating telecommunications companies, such as T-Mobile, to access sensitive data, including call records and intercepted audio, predominantly from Washington, DC. Beijing has denied the allegations, calling them disinformation. Greene acknowledged that removing the hackers entirely from the networks could take an unpredictable amount of time, further underscoring the need for encryption to ensure secure communications.
The advice marks a notable shift from previous US government positions that questioned strong encryption’s impact on public safety. As concerns over foreign cyber intrusions grow, Greene’s remarks highlight encryption as a critical tool for Americans facing prolonged cybersecurity threats.
Turkey‘s competition board has concluded its investigation into Meta Platforms regarding data-sharing practices between Threads and Instagram. The inquiry, launched last year over potential competition law violations, ended after Meta addressed concerns through commitments deemed satisfactory by the authority.
Meta pledged that Threads users in Turkey will be able to access the platform without needing an Instagram account, once Threads becomes available again. Additionally, the company assured that data from Threads accounts will not be merged with Instagram unless users explicitly choose to link their profiles.
In April, Meta temporarily suspended Threads in Turkey to comply with an interim order from regulators. The resolution paves the way for the app’s reinstatement while easing concerns over anti-competitive practices.
Republican Senator Ted Cruz has called for an investigation into whether European governments have improperly influenced US policies on AI. Cruz’s concerns stem from growing international collaborations on AI regulation, including treaties and partnerships initiated by the Biden administration.
Cruz criticised European regulations as overly restrictive, claiming they target American AI companies and could shape US policies unfairly. He also accused the Centre for the Governance of Artificial Intelligence (GovAI), a UK-based nonprofit, of political activities without registering as a foreign agent, though GovAI has denied any wrongdoing.
The European Union has taken a leading role in AI regulation, recently passing the AI Act, the world’s first comprehensive law for governing technology. Cruz has framed these efforts as part of what he describes as ‘radical left’ interference, urging transparency about foreign involvement in shaping US AI laws.
Google Cloud has partnered with Air France-KLM to apply generative AI technology to the airline group’s vast data. The airline’s extensive operations, which include 551 aircraft and 93 million passengers carried in 2023, generate significant amounts of data. Google Cloud’s AI solution will analyse passenger preferences and travel patterns and optimise aircraft maintenance predictions.
The partnership aims to enhance the airline’s operations by offering more tailored services to passengers and improving maintenance efficiency, reducing the time needed for predictive analysis from hours to minutes.
Despite the collaboration, Air France-KLM will retain full control over its data. Matt Renner, President of Google Cloud’s Global Revenue, emphasised the value of airline data in driving operational insights and enhancing customer experiences.
Data brokers Mobilewalla and Gravy Analytics have agreed to stop using sensitive location data following a settlement with the US Federal Trade Commission (FTC). The agreement addresses concerns about tracking individuals’ religious beliefs, political leanings, and pregnancy status through mobile device data.
The settlement represents the first instance of banning the collection of location data through online advertising auctions. The FTC accused the companies of unfair practices, stating that Mobilewalla gathered information without consent from ad auction platforms. Such platforms allow advertisers to bid on specific audiences but inadvertently exposed consumers to privacy risks.
Gravy Analytics, owned by Unacast, sold location data to government contractors, prompting constitutional concerns from FTC commissioners. Mobilewalla disputed the allegations but stated the agreement allows it to continue offering insights while respecting privacy. Both companies committed to halting sensitive data usage and introducing opt-out options for consumers.
FTC Chair Lina Khan highlighted the broader risks of targeted advertising, warning that Americans’ sensitive data is at risk of misuse. The settlement is part of the Biden administration’s effort to regulate data brokers and strengthen privacy protections, as outlined by proposed rules from the US Consumer Financial Protection Bureau.
