TZUTC: -0500   
   MSGID: 1916.consprcy@1:2320/105 2dc10fb3   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   2025 Digital rights review: Spyware, AI war & EU regulations   
      
   Date:   
   Mon, 05 Jan 2026 09:52:57 +0000   
      
   Description:   
   We spoke to the digital rights organization Access Now about the most   
   significant developments of the past 12 months. Here's what they said.   
      
   FULL STORY   
      
   This year was defined by surveillance, censorship, and shrinking civic space   
   according to Access Now s executive director, Alejandro Mayoral Baos .    
      
   Despite the sobering headlines, the US-based digital rights organization says   
   theres still hope. Resistance has continued and, as Baos puts it, communities   
   refused to disappear.    
      
   I spoke to members of Access Now about the most pressing developments from    
   the past 12 months. Heres what they told me.   
      
   Spyware continues to proliferate    
      
   Four years on from the Pegasus Project revelations , reports suggest that   
   spyware remains a significant threat to privacy.    
      
   This year, Graphite  a tool developed by Paragon Solutions  was found to have   
   been used to track journalists and activists in Europe . While an Italian   
   parliamentary committee report confirmed the government had used the spyware   
   against human rights activists, it stopped short of admitting to the   
   monitoring of journalists.   
      
   Apple and WhatsApp were unaware of the floors that Paragons products were   
   exploiting. In other words, the attackers were targeting zero-day   
   vulnerabilities .    
      
   Traditional cybersecurity best practices offer little help against this type   
   of threat. While a trusted VPN provider protects your data while it is moving   
   across the internet, spyware targets a device's operating system.    
      
   By attacking the device in this way, spyware operators can often gain total   
   access to your digital life  capturing every keystroke, eavesdropping through   
   your microphone, and even turning on your camera.    
      
   Most dangerously, these are often zero-click attacks, meaning that unlike   
   traditional attacks, the target doesnt have to click a suspicious link or    
   open a file.    
      
   Mercenary spyware continued to prove that it is evolving faster than   
   safeguards, says Rand Hammoud, Surveillance Campaigns Lead at Access Now.    
      
   While WhatsApp and Apple confirmed they had patched the specific   
   vulnerabilities exploited, the mercenary spyware industry is incredibly   
   resilient. It continues to source new entry points via the murky    
   international market for zero-day vulnerabilities.    
      
   This secretive global market involves hackers selling unpatched software    
   flaws to the highest bidder  usually governments or private companies  that   
   then use them to break into devices before the manufacturers even know the   
   vulnerability exists.    
      
   Fortunately, there was some progress for digital rights defenders this year.   
   Most notably, the Pall Mall Process launched a new Code of Practice for    
   States in April, as Hammound explained.    
      
   The Code is a voluntary, non-binding document which pushes for greater   
   accountability, oversight, and transparency among participating nations.    
      
   There was also progress at the EU level, where the blocs export control rules   
   integrated human rights language. However, Hammoud warns that the dual-use   
   control list  which governs how EU-based companies sell and transfer   
   surveillance equipment  is undermined by weak catch-all clauses and uneven   
   national practices that leave room for evasion.    
      
   Bottom line: 2025 shifted the question from do we need rules? to who will   
   actually enforce them?  because victims cant be protected by principles    
   alone, Hammoud said.   
      
   AI-enabled digital warfare    
      
   While spyware is highly targeted, Access Now has also monitored a much larger   
   shift: the development of AI-driven systems designed for use during active   
   conflict.    
      
   Marwa Fatafta, MENA Policy and Advocacy Director at Access Now, said theres   
   been a troubling shift in recent years with the rapid militarization of   
   civilian technologies and personal data. Its a process that has blurred the   
   lines between the tools we use for daily life and the systems now being used   
   on the battlefield.    
      
   Gaza stands as a stark example of how warfare evolves when mass surveillance   
   and AI-driven systems are woven into military operations with no restraints   
   Fatafta said.    
      
   The technology is varied but is often used to generate targets at a speed no   
   human analyst can match. Thats down to a deadly combination of automated   
   systems, such as Lavender, alongside AI tracking tools that use    
   mass-collected data.  The technologies being used have raised significant   
   ethical concerns , particularly due to a lack of accountability, control and   
   accuracy.   
      
   Earlier this year, the head of the United Nations called such "killer robots"   
   politically unacceptable and "morally repugnant." Despite mounting   
   international pressure, however, there remain few meaningful regulations on   
   its use.    
      
   We can no longer afford to treat digital warfare as a peripheral issue,   
   Fatafta concludes.   
      
   EU rolls back digital rights protections    
      
   An organization once expected to introduce meaningful protections   the   
   European Union  now seems to be moving in the opposite direction. According    
   to Access Now, the bloc is failing to live up to its reputation as a   
   "privacy-first" regulator.    
      
   After several years of being at the forefront of regulating digital rights   
   protections, the European Union seems to be turning its back on the very gold   
   standards it worked so hard to establish, according to Daniel Leufer,    
   Emerging Technologies Policy Lead at Access Now.    
      
   A wave of regulatory moves over the past 12 months has placed end-to-end   
   encryption in the crosshairs, including proposals to expand mandatory data   
   retention and increase the monitoring of private conversations .    
      
   The stakes are high: current proposals seek to establish "lawful access" to   
   encrypted data. This could effectively end the era of truly "no-log" VPN   
   services in Europe.    
      
   These are part of a broader shift, according to Leufer, in which the European   
   Commission has been bending over backwards to accommodate the most excessive   
   demands of industry lobbying and undermining key digital rights safeguards.    
      
   And the future doesnt look promising. Leufer warns that the policies proposed   
   in 2025 may only be the beginning. He suggest that digital rights advocates   
   must now brace for a significant struggle to preserve hard-won protections   
   across data protection, privacy, and artificial intelligence.   
      
   What's next?    
      
   As 2026 approaches, significant hurdles remain in the fight to protect   
   fundamental human rights online. Organizations like Access Now will continue   
   to push for better regulatory constraints on everything from mercenary    
   spyware to AI-enabled weapons, alongside a renewed fight for meaningful data   
   protection around the globe.    
      
   Alongside these high-level regulatory efforts, the tech community will   
   continue to build its own safeguards. Expect new privacy-by-design products   
   ranging from decentralized, no-log VPNs to messaging apps that offer   
   post-quantum encryption.    
      
   For Access Now, the mission for the coming year is clear. The goal is, says   
   Baos, not to return to normal, but to build a stronger, fairer, and more   
   accountable digital rights ecosystem." It's a vision that privacy advocates   
   around the world will doubtless share.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/vpn/vpn-privacy-security/2025-digital-rights-review-   
   spyware-ai-war-and-eu-regulations   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: Capitol City Online (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 134 206 275 300 307 317 400 426 428   
   SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200   
   SEEN-BY: 396/45 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12   
   SEEN-BY: 5075/35   
   PATH: 2320/105 229/426