"Swiss voters have backed plans for electronic identity cards by a wafer-thin margin," reports the Guardian, "in the second nationwide vote on the issue." In a referendum on Sunday, 50.4% of voters supported an electronic ID card, while 49.6% were against, confounding pollsters who had forecast stronger support for the "yes" vote. Turnout was 49.55%, higher than expected... [V]oters rejected an earlier version of the e-ID in 2021, largely over objections to the role of private companies in the system. In response to these concerns, the Swiss state will now provide the e-ID, which will be optional and free of charge... To ensure security the e-ID is linked to a single smartphone, users will have to get a new e-ID if they change their device... An ID card containing biometric data — fingerprints — will be available from the end of next year.

Critics of the e-ID scheme raised data protection concerns and said it opened the door to mass surveillance. They also fear the voluntary scheme will become mandatory and disadvantage people without smartphones. The referendum was called after a coalition of rightwing and data-privacy parties collected more than 50,000 signatures against e-ID cards, triggering the vote.
"To further ease privacy concerns, a particular authority seeking information on a person — such as proof of age or nationality, for example — will only be able to check for those specific details," notes the BBC: Supporters of the Swiss system say it will make life much easier for everyone, allowing a range of bureaucratic procedures — from getting a telephone contract to proving you are old enough to buy a bottle of wine — to happen quickly online. Opponents of digital ID cards, who gathered enough signatures to force another referendum on the issue, argue that the measure could still undermine individual privacy. They also fear that, despite the new restrictions on how data is collected and stored, it could still be used to track people and for marketing purposes.
The BBC adds that the UK government also announced plans earlier this week to introduce its own digital ID, "which would be mandatory for employment. The proposed British digital ID would have fewer intended uses than the Swiss version, but has still raised concerns about privacy and data security."

The Guardian reports: The referendum came soon after the UK government announced plans for a digital ID card, which would sit in the digital wallets of smartphones, using state-of-the-art encryption. More than 1.6 million people have signed a petition opposing e-ID cards, which would be mandatory for people working in the UK by 2029.
Thanks to long-time Slashdot reader schwit1 for sharing the news.

Digital ID will be mandatory in order to work in the UK, as part of plans to tackle illegal migration. From a report: Sir Keir Starmer said the new digital ID scheme would make it tougher to work in the UK illegally and offer "countless benefits" to citizens. However, opposition parties argued the proposals would not stop people crossing the Channel in small boats.

The prime minister set out his plans in a broader speech to a gathering of world leaders, in which he said it had been "too easy" for people to work illegally in the UK because the centre-left had been "squeamish" about saying things that were "clearly true."

Addressing the Global Progressive Action Conference in London - attended by politicians including Australian Prime Minister Anthony Albanese and Canadian Prime Minister Mark Carney - Sir Keir said it was time to "look ourselves in the mirror and recognise where we've allowed our parties to shy away from people's concerns."

"It is not compassionate left-wing politics to rely on labour that exploits foreign workers and undercuts fair wages," he said. "The simple fact is that every nation needs to have control over its borders. We do need to know who is in our country."

Nine major European banks are creating a Netherlands-based company to launch a euro-backed stablecoin in 2026, aiming to counter U.S. dominance in the digital token market. Reuters reports: While global stablecoin issuance stands at nearly $300 billion, euro-denominated stablecoins totalled just $620 million, according to figures released last week by the Bank of Italy, with dollar-pegged tokens overwhelmingly dominant. "The initiative will provide a real European alternative to the U.S.-dominated stablecoin market, contributing to Europe's strategic autonomy in payments," the banks said. They launched the effort, which they said will create a token that can be used for quick, low-cost payments and settlements, even as the European Central Bank voices scepticism over stablecoins.

ECB President Christine Lagarde in June told European policymakers that privately issued stablecoins posed risks for monetary policy and financial stability. As a safer alternative, she has urged European lawmakers to introduce legislation backing the launch of a digital version of the EU's single currency. Some commercial banks, however, have pushed back against the introduction of a digital euro, fearing that it would empty their coffers as customers transfer cash out of banks and into the safety of an ECB-guaranteed wallet. In addition to ING and UniCredit, the other banks participating in the new company include Banca Sella, KBC, DekaBank, Danske Bank, SEB, Caixabank, and Raiffeisen Bank International. They said that others could join the initiative, and a CEO for the company would be appointed soon. According to a recent report by Deutsche Bank, emerging market economies are adopting dollar-based stablecoins to replace local deposits and cash. "This has created a global monetary dilemma: countries should adopt stablecoins or risk being left behind. Europe is under particular pressure."

Spotify says it has has removed over 75 million fraudulent tracks in the past year as it works to combat "AI slop," deepfake impersonations, and spam uploads. Variety reports: Its new protections include a policy to police unauthorized vocal impersonation ("deepfakes") and fraudulent music uploaded to artists' official profiles; an enhanced spam filter to prevent mass uploads, duplicates, SEO hacks, artificially short tracks designed to fraudulently boost streaming numbers and payments. The company also says it's collaborating with industry partners to devise an industry standard in a song's credits to "clearly indicate where and how AI played a role in the creation of a track."

"The pace of recent advances in generative AI technology has felt quick and at times unsettling, especially for creatives," the company writes in a just-published post on its official blog. "At its best, AI is unlocking incredible new ways for artists to create music and for listeners to discover it. At its worst, AI can be used by bad actors and content farms to confuse or deceive listeners, push 'slop' into the ecosystem, and interfere with authentic artists working to build their careers. The future of the music industry is being written, and we believe that aggressively protecting against the worst parts of Gen AI is essential to enabling its potential for artists and producers."

In a press briefing on Wednesday, Spotify VP and Global Head of Music Product Charlie Hellman said, "I want to be clear about one thing: We're not here to punish artists for using AI authentically and responsibly. We hope that they will enable them to be more creative than ever. But we are here to stop the bad actors who are gaming the system. And we can only benefit from all that good side if we aggressively protect against the bad side."

Circle, the world's second-biggest issuer of stablecoins, is examining ways to make it possible to reverse transactions involving its tokens [non-paywalled source], in a rare admission by a major crypto firm that it needs to take lessons from the traditional financial sector. Financial Times: Circle president Heath Tarbert said a mechanism that allowed money to be refunded in cases of fraud or disputes would help the stablecoin industry's push to become part of the financial mainstream. "We are thinking through...whether or not there's the possibility of reversibility of transactions, right, but at the same time, we want settlement finality," Tarbert told the Financial Times.

"So there's an inherent tension there between being able to transfer something immediately, but having it be irrevocable," he added. Such measures could be seen as a major departure from the crypto industry's previous emphasis on the "immutability" of the blockchain, a digital ledger that is public and records transactions that cannot be unwound.

Apple asked the European Union to scrap its landmark digital competition law on Thursday, arguing that it poses security risks and creates a "worse experience" for consumers. From a report: The US tech giant and the EU have repeatedly locked horns over the bloc's Digital Markets Act (DMA), which Brussels says seeks to make the digital sector in the 27-nation bloc fairer and more open. "The DMA should be repealed while a more appropriate fit for purpose legislative instrument is put in place," Apple said in a formal submission to the European Commission as part of a consultation on the law.

[...] "It's become clear that the DMA is leading to a worse experience for Apple users in the EU," the tech giant said in a blog post accompanying its submission. "It's exposing them to new risks, and disrupting the simple, seamless way their Apple products work together."

An anonymous reader quotes a report from The Conversation: Twenty-one years after Facebook's launch, Australia's top 25 news outlets now have a combined 27.6 million followers on the platform. They rely on Facebook's reach more than ever, posting far more stories there than in the past. With access to Meta's Content Library (Meta is the owner of Facebook), our big data study analysed more than three million posts from 25 Australian news publishers. We wanted to understand how content is distributed, how audiences engage with news topics, and the nature of misinformation spread. The study enabled us to track de-identified Facebook comments and take a closer look at examples of how misinformation spreads. These included cases about election integrity, the environment (floods) and health misinformation such as hydroxychloroquine promotion during the COVID pandemic. The data reveal misinformation's real-world impact: it isn't just a digital issue, it's linked to poor health outcomes, falling public trust, and significant societal harm. [...]

Our study has lessons for public figures and institutions. They, especially politicians, must lead in curbing misinformation, as their misleading statements are quickly amplified by the public. Social media and mainstream media also play an important role in limiting the circulation of misinformation. As Australians increasingly rely on social media for news, mainstream media can provide credible information and counter misinformation through their online story posts. Digital platforms can also curb algorithmic spread and remove dangerous content that leads to real-world harms. The study offers evidence of a change over time in audiences' news consumption patterns. Whether this is due to news avoidance or changes in algorithmic promotion is unclear. But it is clear that from 2016 to 2024, online audiences increasingly engaged with arts, lifestyle and celebrity news over politics, leading media outlets to prioritize posting stories that entertain rather than inform. This shift may pose a challenge to mitigating misinformation with hard news facts. Finally, the study shows that fact-checking, while valuable, is not a silver bullet. Combating misinformation requires a multi-pronged approach, including counter-messaging by trusted civic leaders, media and digital literacy campaigns, and public restraint in sharing unverified content.

The Japanese city of Toyoake has passed (PDF) a symbolic ordinance limiting recreational smartphone use to two hours a day, aiming to improve citizens' sleep -- especially for students after summer vacation. The Register reports: "The primary purpose of this ordinance is to ensure that all citizens receive adequate sleep," states a Council information page, which explains that many Japanese people ignore Ministry of Health, Labor and Welfare recommendations to spend six to eight hours a day dozing. An accompanying FAQ [PDF] explains that Council passed the ordinance because students who return to school after summer vacations sometimes need a nudge the re-establish an appropriate daily regime.

The ordinance also points out "Excessive phone users and their families are facing difficulties in their daily and social lives," and suggests the two-hours-a-day guidance might help. Council's documents point out that smartphones have myriad uses beyond recreation, and that the ordinance should not be taken as a suggestion to reduce overall use of the devices. Toyoake is part of the Nagoya megalopolis and is home to around 70,000 people. The town's government plans to survey residents about the ordinance, and the FAQ also mentions it wants to tackle other digital menaces, among them harmful effects of using smartphones while walking.

Neon Mobile, now the No. 2 social networking app in Apple's U.S. App Store, pays users up to $30 per day to record their phone calls and sell the data to AI companies. The app claims to only capture one side of a call unless both parties use Neon, but its terms grant sweeping rights over recordings. TechCrunch reports: The app, Neon Mobile, pitches itself as a money-making tool offering "hundreds or even thousands of dollars per year" for access to your audio conversations. Neon's website says the company pays 30 cents per minute when you call other Neon users and up to $30 per day maximum for making calls to anyone else. The app also pays for referrals.

According to Neon's terms of service, the company's mobile app can capture users' inbound and outbound phone calls. However, Neon's marketing claims to only record your side of the call unless it's with another Neon user. That data is being sold to "AI companies," the company's terms of service state, "for the purpose of developing, training, testing, and improving machine learning models, artificial intelligence tools and systems, and related technologies."

Despite what Neon's privacy policy says, its terms include a very broad license to its user data, where Neon grants itself a: "...worldwide, exclusive, irrevocable, transferable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to sell, use, host, store, transfer, publicly display, publicly perform (including by means of a digital audio transmission), communicate to the public, reproduce, modify for the purpose of formatting for display, create derivative works as authorized in these Terms, and distribute your Recordings, in whole or in part, in any media formats and through any media channels, in each instance whether now known or hereafter developed." That leaves plenty of wiggle room for Neon to do more with users' data than it claims. The terms also include an extensive section on beta features, which have no warranty and may have all sorts of issues and bugs. Peter Jackson, cybersecurity and privacy attorney at Greenberg Glusker, told TechCrunch: "Once your voice is over there, it can be used for fraud. Now, this company has your phone number and essentially enough information -- they have recordings of your voice, which could be used to create an impersonation of you and do all sorts of fraud."

In a bid to slash red tape, the European Commission wants to eliminate one of its peskiest laws: a 2009 tech rule that plastered the online world with pop-ups requesting consent to cookies. From a report: It's the kind of simplification ordinary Europeans can get behind. European rulemakers in 2009 revised a law called the e-Privacy Directive to require websites to get consent from users before loading cookies on their devices, unless the cookies are "strictly necessary" to provide a service. Fast forward to 2025 and the internet is full of consent banners that users have long learned to click away without thinking twice.

"Too much consent basically kills consent. People are used to giving consent for everything, so they might stop reading things in as much detail, and if consent is the default for everything, it's no longer perceived in the same way by users," said Peter Craddock, data lawyer with Keller and Heckman. Cookie technology is now a focal point of the EU executive's plans to simplify technology regulation. Officials want to present an "omnibus" text in December, scrapping burdensome requirements on digital companies. On Monday, it held a meeting with the tech industry to discuss the handling of cookies and consent banners.

An anonymous reader quotes a report from The Guardian: After deflecting the US Department of Justice's attack on its illegal monopoly in online search, Google is facing another attempt to dismantle its internet empire in a trial focused on abusive tactics in digital advertising. The trial that opened Monday in an Alexandria, Virginia, federal court revolves around the harmful conduct that resulted in US district Judge Leonie Brinkema declaring parts of Google's digital advertising technology to be an illegal monopoly in April. The judge found that Google has been engaging in behavior that stifles competition to the detriment of online publishers that depend on the system for revenue.

Google and the justice department will spend the next two weeks in court presenting evidence in a "remedy" trial that will culminate in Brinkema issuing a ruling on how to restore fair market conditions. If the justice department gets its way, Brinkema will order Google to sell parts of its ad technology -- a proposal that the company's lawyers warned would "invite disruption and damage" to consumers and the internet's ecosystem. The justice department contends a breakup would be the most effective and quickest way to undercut a monopoly that has been stifling competition and innovation for years. [...]

The case, filed in 2023 under Joe Biden's administration, threatens the complex network that Google has spent the past 17 years building to power its dominant digital advertising business. Digital advertising sales account for most of the $305 billion in revenue that Google's services division generates for its corporate parent Alphabet. The company's sprawling network of display ads provide the lifeblood that keeps thousands of websites alive. Google believes it has already made enough changes to its "ad manager" system, including providing more options and pricing options, to resolve the problems Brinkema flagged in her monopoly ruling.

Australian horror film Together, starring Dave Franco and Alison Brie, underwent digital alterations for its mainland China release on September 12. Chinese cinemagoers discovered that a wedding scene between two men had been modified using face-swapping technology to transform one male character into a female appearance. The change only became apparent after side-by-side screenshots from the original and altered versions circulated on social media platforms.

Chinese viewers are expressing outrage over the AI-powered modification, The Guardian reports, citing concerns about creative integrity and the difficulty of detecting such alterations compared to traditional scene cuts. The film's distributor halted the scheduled September 19 general release following the backlash. China's censorship authorities require all imported films to undergo approval before release.

Disney is raising prices again for Disney+, Hulu, and ESPN Select starting October 21, 2025, with most ad-supported tiers going up by $2-3 per month and bundles also seeing increases. It marks the third consecutive year of U.S. streaming price hikes. Variety reports: It's that time of year again, apparently: Disney is raising the prices of its Disney+ and Hulu plans in the U.S., including most bundles, as of next month. The standalone Disney+ with ads service is rising from $9.99 to $11.99/month on Oct. 21, 2025, while the Disney+ Premium (without ads) is going from $15.99 to $18.99/month. The Hulu standalone plan with ads is increasing from $9.99 to $11.99/month as of the same date; the premium version of Hulu with no ads will remain at $18.99 per month.

In addition, the price of ESPN Select (the service formerly known as ESPN+, which has a more limited content lineup than the recently launched ESPN Unlimited all-in app) will increase from $11.99 to $12.99 per month on Oct. 21. For now, the introductory price of the Disney+, Hulu and ESPN Unlimited bundle with ads will remain $29.99 per month (for the first 12 months). It's the third time in three years Disney is raising the prices of the streaming services in the U.S., after price hikes for Disney+ and Hulu in October 2024 and in October 2023. Disney provided notifications of the latest price hikes Tuesday on its customer support sites.

Subscribing to an online service is often as easy as a click of a button. Is it illegal if it takes a maze of clicks to cancel? That issue is at the heart of a civil trial beginning this week that will scrutinize the tactics Amazon uses to entice consumers to sign up for its signature Prime service -- and to steer them away from leaving. WSJ: The Federal Trade Commission alleges the online giant has duped nearly 40 million customers, in violation of consumer-protection laws. It is seeking civil penalties, refunds to consumers and a court order prohibiting Amazon from using subscription practices that could confuse or deceive customers. The case, which will unfold in a Seattle courtroom, is a top test of the agency's enforcement campaign against allegedly deceptive digital subscription practices.

Amazon's Prime membership, the largest paid subscription program in the world with at least 200 million users, has helped the company become an integral part of consumers' shopping habits. The FTC, which sued Amazon in 2023, alleges the company tricked people into signing up for the service without their knowledge or consent, including by obscuring details about billing and the terms of free trials. It says Amazon created a labyrinth to make it hard to cancel, which the company dubbed "Iliad," a reference to Homer's epic about the long, arduous Trojan War. The FTC says Amazon required customers to navigate four webpages and chose from 15 options to cancel a Prime membership. The company streamlined the process in April 2023, ahead of the filing of the criminal complaint.

The FTC won an initial pretrial victory last week when a federal judge ruled that Amazon did violate consumer-protection laws by taking Prime members' billing information before disclosing the terms of the membership. But he said jurors still would have to consider whether the customers gave their consent to enroll and whether Amazon provided a simple cancellation mechanism.

"On a recent assignment to test defenses, Dave Brauchler of the cybersecurity company NCC Group tricked a client's AI program-writing assistant into executing programs that forked over the company's databases and code repositories," reports the Washington Post.

"We have never been this foolish with security," Brauchler said... Demonstrations at last month's Black Hat security conference in Las Vegas included other attention-getting means of exploiting artificial intelligence. In one, an imagined attacker sent documents by email with hidden instructions aimed at ChatGPT or competitors. If a user asked for a summary or one was made automatically, the program would execute the instructions, even finding digital passwords and sending them out of the network. A similar attack on Google's Gemini didn't even need an attachment, just an email with hidden directives. The AI summary falsely told the target an account had been compromised and that they should call the attacker's number, mimicking successful phishing scams.

The threats become more concerning with the rise of agentic AI, which empowers browsers and other tools to conduct transactions and make other decisions without human oversight. Already, security company Guardio has tricked the agentic Comet browser addition from Perplexity into buying a watch from a fake online store and to follow instructions from a fake banking email...

Advanced AI programs also are beginning to be used to find previously undiscovered security flaws, the so-called zero-days that hackers highly prize and exploit to gain entry into software that is configured correctly and fully updated with security patches. Seven teams of hackers that developed autonomous "cyber reasoning systems" for a contest held last month by the Pentagon's Defense Advanced Research Projects Agency were able to find a total of 18 zero-days in 54 million lines of open source code. They worked to patch those vulnerabilities, but officials said hackers around the world are developing similar efforts to locate and exploit them. Some longtime security defenders are predicting a once-in-a-lifetime, worldwide mad dash to use the technology to find new flaws and exploit them, leaving back doors in place that they can return to at leisure.

The real nightmare scenario is when these worlds collide, and an attacker's AI finds a way in and then starts communicating with the victim's AI, working in partnership — "having the bad guy AI collaborate with the good guy AI," as SentinelOne's [threat researcher Alex] Delamotte put it. "Next year," said Adam Meyers, senior vice president at CrowdStrike, "AI will be the new insider threat."
In August more than 1,000 people lost data to a modified Nx program (downloaded hundreds of thousands of times) that used pre-installed coding tools from Google/Anthropic/etc. According to the article, the malware "instructed those programs to root out" sensitive data (including passwords or cryptocurrency wallets) and send it back to the attacker. "The more autonomy and access to production environments such tools have, the more havoc they can wreak," the article points out — including this quote from SentinelOne threat researcher Alex Delamotte.

"It's kind of unfair that we're having AI pushed on us in every single product when it introduces new risks."

"A cyberattack targeting check-in and boarding systems disrupted air traffic and caused delays at several of Europe's major airports on Saturday," reports the Associated Press.

"While the impact on travelers appeared to be limited, experts said the intrusion exposed vulnerabilities in security systems." The disruptions to electronic systems initially reported at Brussels, Berlin's Brandenburg and London's Heathrow airports meant that only manual check-in and boarding was possible. Many other European airports said their operations were unaffected... Airports said the issue centered around a provider of check-in and boarding systems — not airlines or the airports themselves. Collins Aerospace, whose systems help passengers check themselves in, print boarding passes and bag tags and dispatch their luggage from a kiosk, cited a "cyber-related disruption" to its MUSE (Multi-User System Environment) software at "select airports."
Brussels Airport initially reported a "large impact" on flight schedules," according to the article, with a spokesperson telling broadcaster VTM that by mid-morning nine flights had been canceled, with four more redirected to another airport and 15 delayed an hour or more. The airport later told Reuters there were "delays on most of the departing flights."

Reuters notes it's "the latest in a string of hacks targeting governments and companies across the world, hitting sectors from healthcare and defence to retail and autos.: A recent breach at luxury carmaker Jaguar Land Rover brought its production to a halt...

At Heathrow, Berlin and Brussels, 29 flight departures and arrivals had been cancelled as of 1130 GMT, aviation data provider Cirium said. In total, 651 departures were scheduled from Heathrow, 228 from Brussels and 226 from Berlin on Saturday... Brussels Airport said it had asked airlines to cancel half of their scheduled departing flights on Sunday to avoid long queues and late cancellations, signalling that the disruption would continue through the weekend.

A European Commission spokesperson said there were currently no indications of a "widespread or severe attack" and that the origin of the incident was still under investigation.

Libraries nationwide are fielding patron requests for books that don't exist after AI-generated summer reading lists appeared in the Chicago Sun-Times and Philadelphia Inquirer earlier this year. Reference librarian Eddie Kristan told 404 Media the problem began in late 2022 following GPT-3.5's release but escalated dramatically after the newspapers published lists created by a freelancer using AI without verification.

A Library Freedom Project survey found patrons increasingly trust AI chatbots over human librarians and become defensive when told their AI-recommended titles are fictional. Kristan now routinely checks WorldCat's global catalog to verify titles exist. Collection development librarians are requesting digital vendors remove AI-generated books from platforms while academic libraries struggle against vendors implementing flawed LLM-based search tools and AI-generated summaries that undermine information literacy instruction.

Microsoft will increase Xbox Series X and Series S console prices in the United States on October 3. The Series X rises to $649.99 from $599.99 and the 512GB Series S increases to $399.99 from $379.99. The 1TB Series S moves to $449.99 from $429.99. The Series X Digital Edition reaches $599.99 from $549.99 and the 2TB Galaxy Black Special Edition climbs to $799.99 from $729.99. Microsoft cited macroeconomic changes for the increases. Console prices outside the US and controller and headset prices domestically remain unchanged. The company raised console prices globally in May.

alternative_right writes: Austria's armed forces have switched from Microsoft's Office programs to the open-source LibreOffice package. The reason for this is not to save on software license fees for around 16,000 workstations. "It was very important for us to show that we are doing this primarily (...) to strengthen our digital sovereignty, to maintain our independence in terms of ICT infrastructure and (...) to ensure that data is only processed in-house," emphasizes Michael Hillebrand from the Austrian Armed Forces' Directorate 6 ICT and Cyber.

This is because processing data in external clouds is out of the question for the Austrian Armed Forces, as Hillebrand explained on ORF radio station O1. It was already apparent five years ago that Microsoft Office would move to the cloud. Back then, in 2020, the decision-making process for the switch began and was completed in 2021.

Security researcher Dirk-jan Mollema discovered two vulnerabilities in Microsoft's Entra ID identity platform that could have granted attackers administrative access to virtually all Azure customer accounts worldwide. The flaws involved legacy authentication systems -- Actor Tokens issued by Azure's Access Control Service and a validation failure in the retiring Azure Active Directory Graph API.

Mollema reported the vulnerabilities to Microsoft on July 14. Microsoft released a global fix three days later and found no evidence of exploitation. The vulnerabilities would have allowed attackers to impersonate any user across any Azure tenant and access all Microsoft services using Entra ID authentication. Microsoft confirmed the fixes were fully implemented by July 23 and added additional security measures in August as part of its Secure Future Initiative. The company issued a CVE on September 4.