Italian Lawmakers Demand Clarity on Alleged Journalist Spying with U.S.-Made Spyware

/in /tarafından

Italian lawmakers have officially pressed the government for answers over whether it spied on journalists, possibly using surveillance software from U.S.-based spyware company Paragon, escalating a political scandal that has dogged Prime Minister Giorgia Meloni’s administration for months.

Lawmakers Seek Accountability

The COPASIR (Parliamentary Committee for the Security of the Republic) has submitted a formal request to Cabinet Undersecretary Alfredo Mantovano, a senior Meloni aide responsible for intelligence oversight, to clarify whether journalists were targeted with spyware. A source familiar with the matter disclosed this development on Friday.

Mantovano has not responded publicly, and the Meloni government continues to deny any illegal surveillance activities against journalists.

The Spyware Controversy

The scandal centers on Paragon’s spyware, which was reported by Meta in January to have targeted approximately 90 WhatsApp users, including Italians. Last month, Reuters reported that prosecutors were investigating whether journalists including Ciro Pellegrino, Francesco Cancellato (Fanpage), and Roberto D’Agostino (Dagospia) had been spied on. Dutch political commentator Eva Vlaardingerbroek was also reportedly affected.

COPASIR’s June report acknowledged that Italy’s intelligence agencies had contracts with Paragon and had used its tools against a limited number of targets, including members of a migrant sea rescue NGO. These operations were said to have judicial approval.

However, the committee found no evidence that Paragon spyware was used on Cancellato, contradicting the journalist’s public statements. The report made no reference to the other journalists, leaving the scope of surveillance unclear.

Conflicting Accounts and Contract Termination

Amid the public uproar and mounting political pressure, both Paragon and Italian authorities confirmed in June that their spyware contracts had been terminated. However, each party presented a different account:

  • Paragon claimed it offered the Italian government a method to verify spyware usage against Cancellato, and ended the contract when the offer was refused.

  • COPASIR countered that Italy independently ended the deal and disputed Paragon’s narrative.

Opposition Demands Transparency

Opposition lawmakers accuse the Meloni administration of using state surveillance tools to intimidate dissenters, especially critical journalists and NGOs. While the government maintains that any surveillance was conducted lawfully and within judicial boundaries, pressure is mounting for full transparency over the extent and targets of Paragon spyware deployment.

The episode has sparked widespread concerns over press freedom, abuse of state surveillance, and civil liberties under Meloni’s right-wing government.

South Korea Fines SK Telecom Over Massive Data Breach Affecting Millions

/in /tarafından

South Korean authorities on Friday penalised SK Telecom, the country’s largest mobile operator, for its failure to prevent a massive data leak involving nearly 27 million pieces of user data, blaming the company for negligence and failure to meet regulatory standards.

Government Findings and Penalties

The Ministry of Science and ICT found that SK Telecom did not adequately protect USIM (universal subscriber identity module) data and violated cybersecurity regulations. The ministry’s investigation followed SK Telecom’s disclosure in April that it had been the target of a malware attack, leading to the breach.

As a result, SK Telecom faces:

  • A fine of up to 30 million won (~$22,000)

  • A requirement to implement quarterly security audits

  • Mandates for the CEO to directly oversee data governance

  • Increased investment and staffing in cybersecurity

The ministry called the situation a “wake-up call” for the nation’s broader digital infrastructure and urged stronger protections across the telecom sector.

Company Response and Compensation Measures

Following the announcement, SK Telecom said it would invest 700 billion won (~$513 million) over the next five years to bolster data protection. The company also offered:

  • A 50% discount on August subscription fees for its 24 million customers

  • Free USIM replacements to all affected users at 2,600+ retail stores

  • A public apology from CEO Ryu Young-sang, who said the company takes full responsibility for the incident

To reflect the financial impact, SK Telecom has cut its 2025 revenue forecast by 800 billion won, citing approximately 500 billion won in costs linked to the customer compensation package.

Broader Fallout and Public Concern

The breach has caused widespread alarm among SK Telecom’s 23 million active users, many of whom fear the potential theft of personal and financial information. As of late June, around 9.39 million users had replaced their USIM cards in response.

SK Group Chairman Chey Tae-won also apologised last month, vowing to take responsibility and restore public trust.

South Korea’s handling of the incident is likely to influence future regulatory scrutiny and standards in the country’s telecom and tech sectors, as data privacy becomes an increasingly critical issue in both corporate accountability and public confidence.

EU Faces Mounting Pressure to Delay Enforcement of AI Act as Deadline Nears

/in /tarafından

With key provisions of the EU Artificial Intelligence Act (AI Act) set to begin on August 2, major tech companies and political figures are urging the European Commission to delay enforcement. Critics say the current framework lacks sufficient guidance, placing a heavy burden on businesses—especially startups—without clear rules on how to comply.

What Happens on August 2?

Although the AI Act was passed in 2024, its rules are being phased in gradually. On August 2, some of the first obligations come into force—specifically for General Purpose AI (GPAI) models such as those developed by Google, OpenAI, Mistral, and others.

These initial provisions require AI developers to:

  • Draw up technical documentation

  • Disclose training data summaries

  • Comply with EU copyright laws

  • Conduct testing for bias, toxicity, and robustness

More rigorous rules apply to high-impact and systemic-risk models, which will need:

  • Adversarial testing

  • Incident reporting

  • Risk assessments

  • Energy efficiency disclosures

However, full enforcement—particularly penalties and oversight powers—doesn’t begin until August 2, 2026.

Why Are Companies Pushing for a Delay?

Tech companies argue that they lack clarity on how to comply with the law. A promised AI Code of Practice, meant to serve as the act’s compliance manual, was due on May 2 but has not been published. The European AI Board is now discussing pushing the guidance release to late 2025.

In an open letter, 45 European AI firms called for a two-year “clock-stop”—a suspension of the countdown to enforcement—until key standards are finalized. They also asked for simpler regulations, warning that unclear requirements could damage European innovation.

Lobbying group CCIA Europe, which represents companies like Google and Meta, said:

“A bold ‘stop-the-clock’ intervention is urgently needed to give AI developers and deployers legal certainty.”

Will the EU Postpone It?

Officially, the European Commission has not signaled a postponement. It insists that the August 2 start date for GPAI obligations stands, although the lack of finalized guidance suggests informal delays in compliance expectations.

Some political figures—including Swedish Prime Minister Ulf Kristersson—have also expressed concern, calling the act “confusing” and backing the idea of a pause.

What Comes Next?

Even if the AI Act’s initial deadlines hold, enforcement might be soft or flexible in the early stages due to the lack of practical tools. The AI Code of Practice remains the critical next step for clarity.

Meanwhile, the tension highlights a broader EU challenge: balancing innovation with regulation, especially in fast-moving fields like artificial intelligence.