Governance, Legislation, and Geostrategies
(Daphne Keller – Just Security – 2 April 2025) Lawmakers are right to worry about platforms’ power over public discourse and democracy. But legislative responses too often seek to empower the government to set new rules for online speech. Courts have rightly held that such laws violate the First Amendment. Attempted work-arounds like using Federal Communications Commission (FCC) authority or statutory immunities to target “lawful but awful” speech have similar problems. For some lawmakers, this constitutional barrier is a bug. For the rest of us, it is decidedly a feature. The First Amendment is meant to protect us from the short-sightedness about state power that afflicted many Democrats during the Biden administration, and Republicans in this one. – https://www.justsecurity.org/109744/regulated-democracy-regulated-speech/
(Alexander Martin – The Record – 2 April 2025) A joint diplomatic initiative by the French and British governments to tackle “the proliferation and irresponsible use” of commercial hacking tools is hoping to announce its participants have agreed new rules on the technologies involved in Paris this week. Formally known as the Pall Mall Process, the initiative has to-date struggled to convince all of its participants that it has the capability to actually change how commercial cyber intrusion capabilities (CCICs) are traded and used — partially because many countries do not want to voluntarily amend their own practices. – https://therecord.media/paris-pall-mall-process-meeting-commercial-hacking-tools
(Christina Knight – Lawfare – 2 April 2025) “The United States of America is the leader in AI, and our administration plans to keep it that way,” Vice President Vance pronounced at the Paris AI Action Summit in February 2025. Vance’s speech, which proceeded to mention “America” 20 times but “collaboration” only once, emphasized crucial points about U.S. leadership but may have struck some international partners as a worrying choice of words. Instead of reassuring allies about U.S. leadership at this global cooperation meeting, Vance may have instilled fear about U.S. isolationism and abandonment. Unfortunately, the Trump administration did little to deter worries about U.S. isolationism regarding artificial intelligence (AI). Before the Paris summit, Washington banned key U.S. AI policy staff—including the individual who planned a panel for the event and represented the U.S. at previous AI summits—from attending. The U.S. representatives who did attend participated in few bilateral meetings and refused to sign the summit’s only joint international statement. This is a serious problem. If the Trump administration is committed to leading the world in AI (which global stability and safety necessitates), the new administration needs to focus on deep collaboration with allies to shape their regulation, promote U.S. open source technology, and counter China’s AI influence. – https://www.lawfaremedia.org/article/why-u.s.-leadership-in-ai-necessitates-global-collaboration
(Center for Security and Emerging Technology – 2 April 2025) The following policy document describes how China should go about creating a system for ethics reviews of scientific research. The policy assigns the main responsibility for ethics reviews to universities, labs, and other institutions that conduct scientific research, with China’s Ministry of Science and Technology in an overall oversight role. It identifies human subject research, use of laboratory animals, and research in fields such as life science, medicine, and AI as particularly deserving of ethical scrutiny. – https://cset.georgetown.edu/publication/china-science-ethics-opinions/
(Aamir Khollam – Interesting Engineering – 2 April 2025) The race to acquire TikTok’s U.S. operations has reached a fever pitch as the April 5 deadline imposed by the Trump administration rapidly approaches. With national security concerns at the forefront, multiple high-profile companies have made last-minute bids to secure control of the popular video-sharing app. Among the most prominent suitors are mobile technology company AppLovin, retail giant Amazon, and several private equity firms. – https://interestingengineering.com/culture/amazon-bids-for-tiktok-amid-ban-deadline
(German Marshall Fund of the United States – 1 April 2025) A conversation between Bonnie Glaser and Michael Caster discussing China’s Digital Silk Road and the diffusion of China’s digital governance norms and standards in the Indo-Pacific region. The year 2025 marks the 10th anniversary of China’s Digital Silk Road, which has become an increasingly crucial component of Xi Jinping’s flagship foreign policy project: the Belt and Road Initiative. Over the past decade, China has massively expanded its digital infrastructure investment across the globe. Accompanying the investment has been the diffusion of China’s digital governance norms and standards in recipient states. Countries in the Indo-Pacific have been at the forefront of this stretching Chinese digital influence landscape. The conflation between digital development cooperation and digital governance norms adoption has far-reaching implications that need to be better understood and addressed. – https://www.gmfus.org/news/chinas-digital-governance-indo-pacific
Security
(RUSI – 2 April 2025) After several years of development, the UK government has launched a consultation on a set of legislative proposals that aim to reduce the impact of ransomware on the UK and increase the amount of intelligence available to operational agencies on incidents and payments. – https://www.rusi.org/explore-our-research/publications/conference-reports/assessing-uk-ransomware-policy-workshop-report
(Jonathan Greig – The Record – 2 April 2025) North Korea’s IT worker scam has expanded widely into Europe after years of focusing on U.S. companies, according to new research. Google’s Threat Intelligence Group said it identified increased operations in Europe by North Korean operatives as part of a larger evolution in the scam — which sees the Democratic People’s Republic of Korea (DPRK) place workers in IT roles at multiple companies in order to earn hefty salaries and eventually extort organizations. – https://therecord.media/north-korean-it-worker-scam-spreads-to-europe
(Europol – 2 April 2025) Kidflix, one of the largest paedophile platforms in the world, has been shut down in an international operation against child sexual exploitation. The investigation was supported by Europol and led by the State Criminal Police of Bavaria (Bayerisches Landeskriminalamt) and the Bavarian Central Office for the Prosecution of Cybercrime (ZCB). Over 35 countries worldwide participated in the operation. – https://www.europol.europa.eu/media-press/newsroom/news/global-crackdown-kidflix-major-child-sexual-exploitation-platform-almost-two-million-users
(Jonathan Greig – The Record – 2 April 2025) The Lower Sioux Indian Community warned residents on Wednesday that a cyberattack caused disruptions for the local healthcare facility, government center and casino. After days of reported technology outages, the federally-recognized Indian tribe located in south central Minnesota said it was forced to activate incident response protocols following a cybersecurity incident that was discovered on some systems connected to Jackpot Junction, the local casino controlled by the tribe. The tribe “continued to take measures to contain the incident, including taking some systems offline (tribal phones, fax machines, and emails),” officials said in a social media post. – https://therecord.media/native-minnesota-tribe-says-cyber-incident-disrupted-healthcare-casino
(Jonathan Greig – The Record – 2 April 2025) Federal cybersecurity officials are warning about powerful malware used alongside the exploitation of a vulnerability in popular security tools earlier this year. The alleged Chinese hackers behind the December and January attacks on tools from tech company Ivanti deployed malware called Resurge, according to experts from Cybersecurity and Infrastructure Security Agency (CISA). In a recent malware analysis report, CISA said Resurge resembles several other strains previously identified by Google and government officials in Japan. – https://therecord.media/cisa-alert-ivanti-bug-resurge-malware
Defense, Intelligence, and Warfare
(Derek Gatopoulos – Defense News – 3 April 2025) Greece will spend 25 billion euros ($27 billion) over the next decade to adapt its military to evolving high-tech warfare technologies, officials announced Wednesday. Defense Minister Nikos Dendias told parliament the overhaul will be built around a planned air defense system called “Achilles Shield,” primarily aimed at addressing tensions with neighboring Turkey. – https://www.defensenews.com/global/europe/2025/04/02/greece-vows-27b-on-defense-overhaul-centered-on-high-tech-warfare/