Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Security. Show all posts
Microsoft
Bitlocker BitLocker encryption CPU CPU vulnerabilities Cyber Security Hardware Hardware Encryption Microsoft

Microsoft Introduces Hardware-Accelerated BitLocker to Boost Windows 11 Security and Performance

 

Microsoft is updating Windows 11 with hardware-accelerated BitLocker to improve both data security and system performance. The change enhances full-disk encryption by shifting cryptographic work from the CPU to dedicated hardware components within modern processors, helping systems run more efficiently while keeping data protected. 

BitLocker is Windows’ built-in encryption feature that prevents unauthorized access to stored data. During startup, it uses the Trusted Platform Module to manage encryption keys and unlock drives after verifying system integrity. While this method has been effective, Microsoft says faster storage technologies have made the performance impact of software-based encryption more noticeable, especially during demanding tasks. 

As storage speeds increase, BitLocker’s encryption overhead can slow down activities like gaming and video editing. To address this, Microsoft is offloading encryption tasks to specialized hardware within the processor that is designed for secure and high-speed cryptographic operations. This reduces reliance on the CPU and improves overall system responsiveness. 

With hardware acceleration enabled, large encryption workloads no longer heavily tax the CPU. Microsoft reports that testing showed about 70% fewer CPU cycles per input-output operation compared to software-based BitLocker, although actual gains depend on hardware configurations. 

On supported devices with NVMe drives and compatible processors, BitLocker will default to hardware-accelerated encryption using the XTS-AES-256 algorithm. This applies to automatic device encryption, manual activation, policy-based deployment, and script-driven setups, with some exceptions. 

The update also strengthens security by keeping encryption keys protected within hardware, reducing exposure to memory or CPU-based attacks. Combined with TPM protections, this moves BitLocker closer to eliminating key handling in general system memory.  

Hardware-accelerated BitLocker is available in Windows 11 version 24H2 with September updates installed and will also be included in version 25H2. Initial support is limited to Intel vPro systems with Intel Core Ultra Series 3 (Panther Lake) processors, with broader system-on-a-chip support planned. 

Users can confirm whether hardware acceleration is active by running the “manage-bde -status” command. Microsoft notes BitLocker will revert to software encryption if unsupported algorithms or key sizes are used, certain enterprise policies apply, or FIPS mode is enabled on hardware without certified cryptographic offloading.
Read more »
Threat Intelligence
Class Action Lawsuit Cyber Security Healthcare Data Theft Identity Compromise Insurance Cyberattack Network Outage Scattered Spider SSN Exposure Threat Intelligence

Personal and Health Information of 22.6 Million Aflac Clients Stolen in Cyberattack

 


At the start of 2026, a significant cybersecurity breach that was disclosed heightened awareness of digital vulnerabilities within the American insurance industry, after Aflac, one of the largest supplemental insurance providers in the country, confirmed that a sophisticated cyberattack, which took place in June 2025, compromised approximately 22.65 million individuals' personal and protected health information. 

An intrusion took place during the summer of 2025 and has since been regarded as one of the biggest healthcare-related data breaches of the year. The attack pattern of advanced cybercriminals has shifted significantly from targeted low-value sectors to high-value sectors that handle sensitive consumer data, illustrating a noticeable shift in their attack patterns towards those sectors. 

In an effort to determine who is responsible for the breach, investigators and threat analysts have attributed it to the Scattered Spider cybercriminal collective, also referred to as UNC3944, who are widely known for their evolving campaign strategies and earlier compromises targeting retailers across the United States and United Kingdom.

It has been reported that Aflac contained the incident within hours of its detection and confirmed that no ransomware payload has been deployed. However, the attackers have managed to extract a wide range of sensitive information including Social Security numbers, government-issued identification numbers, medical and insurance records, claims data from policyholders, as well as confidential information about protected health. 

Since the disclosure came to light, it has sparked rare bipartisan concern among lawmakers, triggered multiple class-action lawsuits against insurance companies, and has intensified debate about the resilience of the insurance industry when it comes to cyber security, given the large amount of data it stores and its sensitivity, making it prime targets for highly coordinated cyber attacks. 

Anflac has submitted further details regarding the scope of the information exposed as a result of the incident to the Texas and Iowa attorneys generals' offices, confirming that the compromised data includes both sensitive and non-sensitive personal identifying information of a large range of individuals. 

A company disclosure stated that the stolen records included details such as customer names, dates of birth, home addresses, passports and state identification cards, driver's licenses, Social Security numbers, along with detailed medical information and health insurance information, as well as information about the company's employees. 

According to Aflac's submission to Iowa authorities, the perpetrators may have connections with a known cybercrime organization, according to the company's submission, while noting that the attackers might have been engaged in a broader campaign against multiple insurance firms. Both the government and external cybersecurity experts have suggested that the attackers could have been engaged in this kind of campaign. 

It is important to note that Scattered Spider, an informal collective of mainly young English-speaking threat actors, has not been publicly identified as the group that is responsible for the attacks, but some cybersecurity analysts believe it is an obvious candidate based on the overlapping tactics and timing of their attacks. 

According to news outlets, Aflac did not immediately respond to requests for comment from news outlets despite the fact that it serves approximately 50 million customers. Only now is the company attempting to deal with the fallout from what could be the largest data breach in recent memory. In the midst of an intensifying cyber threat that aimed directly at the insurance sector, the breach unfolded. 

Approximately a year after Aflac disclosed the June 2025 attack, the Threat Intelligence Group of Google released a security advisory suggesting that the group, Scattered Spider, a loosely organized group of mostly young, English-speaking hackers, had switched its targeting strategy from retail companies to insurers, indicating a significant increase in the group's operational focus. 

It is important to note that during the same period, Erie Insurance as well as Philadelphia Insurance both confirmed significant network interruptions, raising concerns about a coordinated probe across the entire industry. As of July 2025, Erie has reported that business operations have been fully restored, emphasizing that internal reviews did not reveal any evidence of data loss. 

Philadelphia has also reported the recovery of their network and confirmed that they have not experienced a ransomware incident. After the Aflac breach was discovered, the company made subsequent statements stating that it had initiated a comprehensive forensic investigation within hours of discovery, engaged external cyber specialists and informed federal law enforcement agencies and relevant authorities about the breach. 

This incident, according to the insurer, affected its entire ecosystem, including its customers, beneficiaries, employees, licensed agents, and other individuals associated with that ecosystem. It was revealed that exposed records included names, contact information, insurance claims, health information, Social Security numbers, and other protected personal identifiers related to insurance claims, health claims, and health information. 

As a symbol of their rapid response, Aflac reiterated that the breach was contained within hours, data remained safe, and no ransomware payload was deployed in the process of containing the breach. It is nonetheless notable that even though these assurances have been given, the scale of the compromise has resulted in legal action. 

An ongoing class action lawsuit has already been filed in Georgia federal court in June 2025, and two similarly filed suits have been filed against Erie Insurance as a result of its own cyber incident, reflecting increasing pressures on insurers to strengthen their defenses in a sector increasingly threatened by agile and persistent cybercriminals. 

With insurers struggling to keep up with the growing threat surface of an increasingly digitalized industry, the Aflac incident provides a vital lesson for both breach response and sectoral risk exposure as insurers deal with a growing threat surface. A swift containment prevented the system from paralyzing, but the breach underscores a larger truth, which is that security is no longer a matter of scale alone. 

According to industry experts, proactive reinforcement is the key to reducing vulnerability rather than reactive repair, and firms need to put a strong emphasis on real-time threat monitoring, identity-based access controls, and multilayered encryption of policyholder information to protect themselves against threats. 

As attackers move towards socially-engineered entry points and credential-based compromises, this is especially pertinent. It is also worth mentioning that this incident has sparked discussions about mandatory breach transparency and faster consumer notification frameworks, as well as tighter regulatory alignment across the US states, which remain fragmented regarding reporting requirements. 

Analysts have noted that incidents of this magnitude, despite the absence of ransomware deployment, can have long-term reputational and financial effects that may last longer than the technical intrusion itself. Cyber resilience must go beyond firewalls because it requires the adoption of an organizational culture, vendor governance, and a proactive approach to early anomaly detection. 

In the public, the need to monitor identities and account activity remains crucial - consumers should remain vigilant over identity monitoring. Although the breach of insurance security seems to have been contained, it still has a lasting impact on the insurance sector, which has become more cautious and prepared in the future.
Read more »
South Korea
Cyber Security Data Breach Shinhan Card South Korea

Shinhan Card Probes Internal Data Leak Affecting About 190,000 Merchants

 

Shinhan Card, South Korea’s largest credit card issuer, said on December 23 that personal data linked to about 190,000 merchant representatives was improperly accessed and shared by employees over a three year period, highlighting ongoing concerns around internal data controls in the country’s financial sector. 

The company said roughly 192,000 records were leaked between March 2022 and May 2025. The exposed information included names, mobile phone numbers, dates of birth and gender details of franchise owners. 

Shinhan Card said no resident registration numbers, card details or bank account information were involved and that the incident did not affect general customers. According to the company, the breach was uncovered after a whistleblower submitted evidence to South Korea’s Personal Information Protection Commission, prompting an investigation. 

Shinhan Card began an internal review after receiving a request for information from the regulator in mid November. Investigators found that 12 employees across regional branches in the Chungcheong and Jeolla areas had taken screenshots or photos of merchant data and shared them via mobile messaging apps with external sales agents. 

The information was allegedly used to solicit new card applications from recently registered merchants, including restaurants and pharmacies. Shinhan Card said verifying the scale of the leak took several weeks because the data was spread across more than 2,200 image files containing about 280,000 merchant entries in varying formats. 

Each file had to be checked against internal systems to confirm what information was exposed. Chief Executive Park Chang hoon issued a public apology, saying the leak was caused by unauthorized employee actions rather than a cyberattack. 

He said the company had blocked further access, completed internal audits and strengthened access controls. Shinhan Card said the employees involved would be held accountable. The company added that affected merchants are being notified individually and can check their status through an online portal. 

It said compensation would be provided if any damage is confirmed. The incident adds to a series of internal data misuse cases in South Korea’s financial industry. Regulators said they are assessing whether the breach violates national data protection laws and what penalties may apply. 

The Financial Supervisory Service said it has so far found no evidence that credit information was leaked but will continue to monitor the case. 

Analysts say the Shinhan Card case underscores the growing risk posed by insider misuse as financial institutions expand digital services and data driven operations, putting renewed focus on employee oversight and internal governance.
Read more »
Red Hat
big data Cyber Security Data Breach Nissan Red Hat

Nissan Says Customer Data Exposed After Breach at Red Hat Systems

 

Nissan Motor Co Ltd said that personal information of thousands of customers was exposed following a cyber breach at Red Hat, the US based software company it had engaged to develop customer management systems. 

The Japanese automaker said it was notified by Red Hat in early October that unauthorized access to a server had resulted in data leakage. The affected system was part of a Red Hat Consulting managed GitLab environment used for development work. 

Nissan said the breach involved customer information linked to Nissan Fukuoka Sales Co Ltd. About 21,000 customers who purchased vehicles or received services in Fukuoka, Japan were affected. 

The exposed data included customer names, physical addresses, phone numbers, email addresses and other information used in sales and service operations. Nissan said no credit card or payment information was compromised. 

“Nissan Motor Co Ltd received a report from Red Hat that unauthorized access to its data servers had resulted in information being leaked,” the company said in a statement.

It added that it has no evidence the data has been misused. Red Hat acknowledged earlier that an attacker had accessed and copied data from a private GitLab instance, affecting multiple organisations. 

The breach was disclosed publicly in early October after threat actors claimed to have stolen hundreds of gigabytes of data from tens of thousands of private repositories. The intrusion was initially claimed by a group calling itself Crimson Collective. 

Samples of the stolen data were later published by another cybercrime group, ShinyHunters, as part of an extortion effort. Neither Nissan nor Red Hat has publicly attributed the breach to a specific actor. 

Nissan said the compromised Red Hat environment did not store any additional Nissan data beyond what has already been confirmed. The company said it has informed affected customers and advised them to remain alert for suspicious emails, calls or messages that could exploit the leaked information. 

Cybersecurity experts say such data can be used for social engineering attacks, including phishing and impersonation scams, even if financial details are not exposed. The incident adds to a series of cybersecurity issues involving Nissan. 

In late August, a Qilin ransomware attack affected its design subsidiary Creative Box Inc in Japan. Last year, Nissan North America disclosed a breach impacting about 53,000 employees, while an Akira ransomware attack exposed data of roughly 100,000 customers at Nissan Oceania. 

The Red Hat breach has renewed concerns about supply chain security, where compromises at technology vendors can have cascading effects on downstream clients. Nissan said it continues to review its security controls and coordination with third party providers following the incident.
Read more »
Cyber Security
AI in robotics AI Techniques Automation Automotive British transport China Cyber Security

Chinese Robotaxis May Launch UK Trials in 2026 as Uber and Lyft Partner With Baidu

 

Chinese autonomous taxis could begin operating on UK roads by 2026 after Uber and Lyft announced plans to partner with Chinese technology company Baidu to trial driverless vehicles in London. Both companies are seeking government approval to test Baidu’s Apollo Go robotaxis, a move that could mark an important step in the UK’s adoption of self-driving transport. 

Baidu’s Apollo Go service already operates in several cities, mainly in China, where it has completed millions of passenger journeys without a human driver. If approved, the UK trials would represent the first large-scale use of Chinese-developed robotaxis in Europe, placing London among key global hubs working toward autonomous mobility. 

The UK government has welcomed the development. Transport secretary Heidi Alexander said the announcement supports Britain’s plans for self-driving vehicles and confirmed that the government is preparing to allow autonomous cars to carry passengers under a pilot scheme starting in spring. The Department for Transport is developing regulations to enable small autonomous taxi- and bus-style services from 2026, with an emphasis on responsible and safe deployment. 

Uber has said it plans to begin UK driverless car trials as regulations evolve, partnering with Baidu to help position Britain as a leader in future transport while offering Londoners another travel option. Lyft has also expressed interest, stating that London could become the first European city to host Baidu’s Apollo Go vehicles as part of a broader agreement covering the UK and Germany.  

Despite enthusiasm from companies and policymakers, regulatory approval remains a major challenge. Lyft chief executive David Risher said that, if approved, testing could begin in London in 2026 with a small fleet of robotaxis, eventually scaling to hundreds. Experts caution, however, that autonomous transport systems cannot expand as quickly as other digital technologies.  

Jack Stilgoe, professor of science and technology policy at University College London, warned that moving from limited trials to a fully operational transport system is complex. He stressed the importance of addressing safety, governance, and public trust before autonomous taxis can become widely used. 

Public scepticism remains strong. A YouGov poll in October found that nearly 60 percent of UK respondents would not ride in a driverless taxi under any circumstances, while 85 percent would prefer a human-driven cab if price and convenience were the same. Ongoing reports of autonomous vehicle errors, traffic disruptions, and service suspensions have added to concerns. Critics also warn that poorly regulated robotaxis could worsen congestion, undermining London’s efforts to reduce city-centre traffic.
Read more »
Urban Infrastructure Risk
Anti-Jamming Tech Cyber Security GPS Resilience Military Encryption Multi-Constellation Navigation NAVIC Satellite Security Signal Interference Urban Infrastructure Risk

Inside China’s Urban Navigation Blackout and the Lessons for India


 

The administrative capital of Jiangsu Province and the eastern Chinese city of Nanjing, home to nearly 10 million people, briefly lost its digital compass on Wednesday when the city experienced an unprecedented six-hour satellite navigation outage that temporarily stalled traffic at the city's airport. 

It is official that local authorities are pointing out that the sudden disruption is a result of a systemic anomaly, and that it has disabled positioning services based on both the US's Global Positioning System and China's domestic BeiDou network, as well as applications that depend on the parallel BeiDou-linked BeiDou Navigation Satellite System. 

During the period of the blackout, essential urban services such as navigation and ride-hailing platforms were seriously disrupted, logistics coordination was compromised, food delivery operations were hampered, commercial drone activity was disrupted, along with many other systems reliant on real-time geospatial accuracy in real-time. 

Almost six hours ago, Nanjing's streets and airspace were without dependable satellite guidance for close to six hours, revealing the deep connection between navigation infrastructure and everyday transportation as well as the commercial ecosystem, as well as the vulnerability of densely networked cities when the core positioning frameworks fail to function properly. 

Several regional tech monitors confirmed later that not only did the outage stall consumer applications, but also the coordinated drone operations came to a halt, affecting the algorithms used to match drivers to passengers, and causing significant delays with last-mile delivery networks. In an era where navigation data has become just as essential to city functionality as electricity and telecommunications, urban resilience is becoming increasingly a concern. 

Interesting Engineering notes that the disruption, which is cited by a technology briefing, impacted civilian navigation services that were operated through the U.S. Global Positioning System, as well as China's BeiDou satellite network. The disruption temporarily shook the city's digital infrastructure to its core. Location-based platforms encountered widespread operational failures as satellite signal reception was compromised. 

A number of ride-hailing networks reported a significant reduction in activity during the outage window, with bookings decreasing by close to 60 percent, whereas food delivery services complained of delays in the range of 40 percent, affecting last-mile logistics to an extremely high degree.

The public mobility systems were similarly destabilised; bike-sharing platforms came out as the most severely affected, with users reporting severe errors in their geolocation, placing bicycles 35 miles away from their actual locations, making fleet tracking and rental unreliable for those bikes. 

A preliminary assessment of mobile network faults was ruled out, but subsequent confirmation from the Nanjing Satellite Application Industry Association indicated that the outage resulted from "temporary interference and signal pressure" on GPS and BeiDou civilian frequencies, resulting in devices being unable to obtain stable satellite-derived positional data as a result. 

The authorities failed to reveal the origin or intent of the interference, which in turn strengthened public speculation that the event might have been linked to the heightened security protocols surrounding a sensitive engagement that was not disclosed. In the aftermath of the interference conditions and stabilization of satellite reception, navigation functionality was incrementally restored to normal after six hours. 

Analysts noted that the incident revealed the structural differences between the two systems' signal designs BeiDou, unlike its counterpart, uses a physical separation of the military and civilian frequency bands, shielding defence-grade signals with layers of encryption and anti-jamming measures. The GPS system, on the other hand, transmits both military and civilian signals over shared carrier frequencies while preserving functional separation through discrete encryption and spectral modulation. 

Strategic technology assessors have interpreted the simultaneous disruption of civilian signals to be a deliberate outcome of overlapped frequency compatibility, noting that interference with one system's civilian band would inherently negatively affect GPS-based services, as well as other systems. 

A number of experts describe this interoperability as a strategic deterrent mechanism that raises the costs associated with targeted jamming, which bolsters the resilience of civilian networks. This also creates the opportunity for a mutual-impact dynamic that complicates malicious interference scenarios. 

Upon the stabilisation of signal reception, navigation services were gradually restored, however, experts were prompted to question the routine-glitch narrative presented in initial statements in light of the dual impact on both GPS and China's BeiDou network. 

There was a strong indication that the outage was orchestrated to occur at the same time, an experience that was difficult to explain by a standard technical problem, highlighting how deeply satellite positioning has become woven into the urban service delivery system, mobility, and commercial operations in recent years. 

There is a growing understanding among strategic analysts that this incident represents an example of cross-system vulnerability in the real world, noting that interference targeting one civilian signal band can cascade across other constellations operating on adjacent frequencies or overlapping among them. 

Throughout the year, the discussion immediately grew beyond China's borders and resonated with countries such as India, where transport networks, supply chains, emergency response frameworks, aerial operations, and app-driven businesses rely on uninterrupted access to geospatial information. 

Indian navigation is a diverse mix of technologies, which include GPS, Russia's GLONASS, the European Union's Galileo network, Chinese BeiDou, and Indian own satellite system, NAVIC. This system provides reliable positioning coverage within a 1,500 kilometre operational radius of the country's borders, providing the country with reliable position monitoring services. 

The majority of technology and defense experts believe that resilience is rooted in redundancy, advocating devices that can draw signals from multiple constellations, the use of offline navigation tools such as maps that are pre-downloaded, and the integration of terrestrial alternative positioning systems in commercial fleets, unmanned systems, and modern vehicles, such as cellular tower triangulations and local or carrier-based positioning modules. 

During prolonged escalations in regional security, NAVIC, in particular, has been cited as a strategic buffer, allowing a fallback layer that can be deployed as a sovereign fallback when external threats arise, thereby reducing the dependence on external systems. Satellite navigation is often treated as an invisible infrastructure, but the Nanjing episode demonstrated that even temporarily, if it fails — even temporarily — a modern city is unmoored. 

As a result, positioning networks play a geopolitical role in a region where navigation resilience is no longer a technical luxury, but rather a strategic necessity, and highlighting the urgency of long-term preparedness has never been more apparent. There are a lot of things that are left behind from the Nanjing navigation blackout, but not because of the length of time it was, but rather because of the fact that satellite positioning is not merely a background utility anymore, but rather a strategic artery that powers commerce, mobility, airspace management, and urban planning. 

As geopolitical tensions are increasingly intersecting with civilian technology, the fragility of location infrastructure has gained global attention. There is no easy answer to this question, but for nations such as India, which already operates its own regional constellation alongside multiple global systems, the incident reinforces the importance of funds continuing to be spent on sovereign signal hardening, receiver diversification, and terrestrial positioning options. 

Rather than relying on a single system choice in the future, experts say that future resilience will be enhanced through system layering in which satellite guidance is augmented by pre-cached intelligence, such as offline routing databases, hybrid receivers with a built-in artificial intelligence that can identify anomalies before they arise, and reroute services as needed before disruptions occur. 

Furthermore, policy advisers recommend that national simulation drills be conducted to stress-test airports, logistic grids, and emergency networks against coordinated signal interference. Even though the outage disrupted a single city, the lessons learned from it apply to the whole region: preparing long before the signal fades can be most effective when the outage occurs. There is an increased need in a world that charts its future based on coordinates. This has made continuity a national asset in itself.
Read more »
Open AI
AI Models AI Systems AI technology AI tools ChatGPT China Cyber Security Open AI

Chinese Open AI Models Rival US Systems and Reshape Global Adoption

 

Chinese artificial intelligence models have rapidly narrowed the gap with leading US systems, reshaping the global AI landscape. Once considered followers, Chinese developers are now producing large language models that rival American counterparts in both performance and adoption. At the same time, China has taken a lead in model openness, a factor that is increasingly shaping how AI spreads worldwide. 

This shift coincides with a change in strategy among major US firms. OpenAI, which initially emphasized transparency, moved toward a more closed and proprietary approach from 2022 onward. As access to US-developed models became more restricted, Chinese companies and research institutions expanded the availability of open-weight alternatives. A recent report from Stanford University’s Human-Centered AI Institute argues that AI leadership today depends not only on proprietary breakthroughs but also on reach, adoption, and the global influence of open models. 

According to the report, Chinese models such as Alibaba’s Qwen family and systems from DeepSeek now perform at near state-of-the-art levels across major benchmarks. Researchers found these models to be statistically comparable to Anthropic’s Claude family and increasingly close to the most advanced offerings from OpenAI and Google. Independent indices, including LMArena and the Epoch Capabilities Index, show steady convergence rather than a clear performance divide between Chinese and US models. 

Adoption trends further highlight this shift. Chinese models now dominate downstream usage on platforms such as Hugging Face, where developers share and adapt AI systems. By September 2025, Chinese fine-tuned or derivative models accounted for more than 60 percent of new releases on the platform. During the same period, Alibaba’s Qwen surpassed Meta’s Llama family to become the most downloaded large language model ecosystem, indicating strong global uptake beyond research settings. 

This momentum is reinforced by a broader diffusion effect. As Meta reduces its role as a primary open-source AI provider and moves closer to a closed model, Chinese firms are filling the gap with freely available, high-performing systems. Stanford researchers note that developers in low- and middle-income countries are particularly likely to adopt Chinese models as an affordable alternative to building AI infrastructure from scratch. However, adoption is not limited to emerging markets, as US companies are also increasingly integrating Chinese open-weight models into products and workflows. 

Paradoxically, US export restrictions limiting China’s access to advanced chips may have accelerated this progress. Constrained hardware access forced Chinese labs to focus on efficiency, resulting in models that deliver competitive performance with fewer resources. Researchers argue that this discipline has translated into meaningful technological gains. 

Openness has played a critical role. While open-weight models do not disclose full training datasets, they offer significantly more flexibility than closed APIs. Chinese firms have begun releasing models under permissive licenses such as Apache 2.0 and MIT, allowing broad use and modification. Even companies that once favored proprietary approaches, including Baidu, have reversed course by releasing model weights. 

Despite these advances, risks remain. Open-weight access does not fully resolve concerns about state influence, and many users rely on hosted services where data may fall under Chinese jurisdiction. Safety is another concern, as some evaluations suggest Chinese models may be more susceptible to jailbreaking than US counterparts. 

Even with these caveats, the broader trend is clear. As performance converges and openness drives adoption, the dominance of US commercial AI providers is no longer assured. The Stanford report suggests China’s role in global AI will continue to expand, potentially reshaping access, governance, and reliance on artificial intelligence worldwide.
Read more »
Internet Shutdowns
AI regulation Cyber Security Digital Privacy Facial Recognition Internet Shutdowns

2026 Digital Frontiers: AI Deregulation to Surveillance Surge

 

Digital technology is rapidly redrawing the boundaries of politics, business and daily life, and 2026 looks set to intensify that disruption—from AI-driven services and hyper-surveillance to new forms of protest organised on social platforms. Experts warn that governments and companies will find it increasingly difficult to balance innovation with safeguards for privacy and vulnerable communities as investment in AI accelerates and its social side-effects become harder to ignore.

One key battleground is regulation. Policymakers are tugged between pressures to “future-proof” oversight and demands from large technology firms to loosen restrictions that could slow development. In Europe, the European Commission is expected to ease parts of its year-old privacy and AI framework, including allowing firms to use personal data to train AI models under “legitimate interest” without seeking consent.

In the United States, President Donald Trump is considering an executive order that could pre-empt state AI laws—an approach aimed at reducing legal friction for Big Tech. The deregulatory push comes alongside rising scrutiny of AI harms, including lawsuits involving OpenAI and claims linked to mental health outcomes.

At the same time, countries are experimenting with tougher rules for children online. Australia has introduced fines of up to A$49.5 million for platforms that fail to take reasonable steps to block under-16 users, a move applied across major social networks and video services, and later extended to AI chatbots. France is also pushing for a European ban on social media for children under 15, while Britain’s Online Safety Act has introduced stringent age requirements for major platforms and pornography sites—though critics argue age checks can expand data collection and may isolate vulnerable young people from support communities.

Another frontier is civic unrest and the digital tools surrounding it. Social media helped catalyse youth-led protests in 2025, including movements that toppled governments in Nepal and Madagascar, and analysts expect Gen Z uprisings to continue in response to corruption, inequality and joblessness. Governments, meanwhile, are increasingly turning to internet shutdowns to suppress mobilisation, with recent examples cited in Tanzania, Afghanistan and Myanmar.

Beyond politics, border control is going digital. Britain plans to use AI to speed asylum decisions and deploy facial age estimation technology, alongside proposals for digital IDs for workers, while Trump has expanded surveillance tools tied to immigration enforcement. Finally, the climate cost of “AI everything” is rising: data centres powering generative AI consume vast energy and water, with Google reporting 6.1 billion gallons of water used by its data centres in 2023 and projections that US data centres could reach up to 9% of national electricity use by 2030.
Read more »
Subscribe to: Comments (Atom)