TZUTC: -0500
MSGID: 1916.consprcy@1:2320/105 2dc10fb3
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
2025 Digital rights review: Spyware, AI war & EU regulations

Date:
Mon, 05 Jan 2026 09:52:57 +0000

Description:
We spoke to the digital rights organization Access Now about the most
significant developments of the past 12 months. Here's what they said.

FULL STORY

This year was defined by surveillance, censorship, and shrinking civic space
according to Access Now s executive director, Alejandro Mayoral Baos . 

Despite the sobering headlines, the US-based digital rights organization says
theres still hope. Resistance has continued and, as Baos puts it, communities
refused to disappear. 

I spoke to members of Access Now about the most pressing developments from 
the past 12 months. Heres what they told me.

Spyware continues to proliferate 

Four years on from the Pegasus Project revelations , reports suggest that
spyware remains a significant threat to privacy. 

This year, Graphite  a tool developed by Paragon Solutions  was found to have
been used to track journalists and activists in Europe . While an Italian
parliamentary committee report confirmed the government had used the spyware
against human rights activists, it stopped short of admitting to the
monitoring of journalists.

Apple and WhatsApp were unaware of the floors that Paragons products were
exploiting. In other words, the attackers were targeting zero-day
vulnerabilities . 

Traditional cybersecurity best practices offer little help against this type
of threat. While a trusted VPN provider protects your data while it is moving
across the internet, spyware targets a device's operating system. 

By attacking the device in this way, spyware operators can often gain total
access to your digital life  capturing every keystroke, eavesdropping through
your microphone, and even turning on your camera. 

Most dangerously, these are often zero-click attacks, meaning that unlike
traditional attacks, the target doesnt have to click a suspicious link or 
open a file. 

Mercenary spyware continued to prove that it is evolving faster than
safeguards, says Rand Hammoud, Surveillance Campaigns Lead at Access Now. 

While WhatsApp and Apple confirmed they had patched the specific
vulnerabilities exploited, the mercenary spyware industry is incredibly
resilient. It continues to source new entry points via the murky 
international market for zero-day vulnerabilities. 

This secretive global market involves hackers selling unpatched software 
flaws to the highest bidder  usually governments or private companies  that
then use them to break into devices before the manufacturers even know the
vulnerability exists. 

Fortunately, there was some progress for digital rights defenders this year.
Most notably, the Pall Mall Process launched a new Code of Practice for 
States in April, as Hammound explained. 

The Code is a voluntary, non-binding document which pushes for greater
accountability, oversight, and transparency among participating nations. 

There was also progress at the EU level, where the blocs export control rules
integrated human rights language. However, Hammoud warns that the dual-use
control list  which governs how EU-based companies sell and transfer
surveillance equipment  is undermined by weak catch-all clauses and uneven
national practices that leave room for evasion. 

Bottom line: 2025 shifted the question from do we need rules? to who will
actually enforce them?  because victims cant be protected by principles 
alone, Hammoud said.

AI-enabled digital warfare 

While spyware is highly targeted, Access Now has also monitored a much larger
shift: the development of AI-driven systems designed for use during active
conflict. 

Marwa Fatafta, MENA Policy and Advocacy Director at Access Now, said theres
been a troubling shift in recent years with the rapid militarization of
civilian technologies and personal data. Its a process that has blurred the
lines between the tools we use for daily life and the systems now being used
on the battlefield. 

Gaza stands as a stark example of how warfare evolves when mass surveillance
and AI-driven systems are woven into military operations with no restraints
Fatafta said. 

The technology is varied but is often used to generate targets at a speed no
human analyst can match. Thats down to a deadly combination of automated
systems, such as Lavender, alongside AI tracking tools that use 
mass-collected data.  The technologies being used have raised significant
ethical concerns , particularly due to a lack of accountability, control and
accuracy.

Earlier this year, the head of the United Nations called such "killer robots"
politically unacceptable and "morally repugnant." Despite mounting
international pressure, however, there remain few meaningful regulations on
its use. 

We can no longer afford to treat digital warfare as a peripheral issue,
Fatafta concludes.

EU rolls back digital rights protections 

An organization once expected to introduce meaningful protections   the
European Union  now seems to be moving in the opposite direction. According 
to Access Now, the bloc is failing to live up to its reputation as a
"privacy-first" regulator. 

After several years of being at the forefront of regulating digital rights
protections, the European Union seems to be turning its back on the very gold
standards it worked so hard to establish, according to Daniel Leufer, 
Emerging Technologies Policy Lead at Access Now. 

A wave of regulatory moves over the past 12 months has placed end-to-end
encryption in the crosshairs, including proposals to expand mandatory data
retention and increase the monitoring of private conversations . 

The stakes are high: current proposals seek to establish "lawful access" to
encrypted data. This could effectively end the era of truly "no-log" VPN
services in Europe. 

These are part of a broader shift, according to Leufer, in which the European
Commission has been bending over backwards to accommodate the most excessive
demands of industry lobbying and undermining key digital rights safeguards. 

And the future doesnt look promising. Leufer warns that the policies proposed
in 2025 may only be the beginning. He suggest that digital rights advocates
must now brace for a significant struggle to preserve hard-won protections
across data protection, privacy, and artificial intelligence.

What's next? 

As 2026 approaches, significant hurdles remain in the fight to protect
fundamental human rights online. Organizations like Access Now will continue
to push for better regulatory constraints on everything from mercenary 
spyware to AI-enabled weapons, alongside a renewed fight for meaningful data
protection around the globe. 

Alongside these high-level regulatory efforts, the tech community will
continue to build its own safeguards. Expect new privacy-by-design products
ranging from decentralized, no-log VPNs to messaging apps that offer
post-quantum encryption. 

For Access Now, the mission for the coming year is clear. The goal is, says
Baos, not to return to normal, but to build a stronger, fairer, and more
accountable digital rights ecosystem." It's a vision that privacy advocates
around the world will doubtless share.

======================================================================
Link to news story:
https://www.techradar.com/vpn/vpn-privacy-security/2025-digital-rights-review-
spyware-ai-war-and-eu-regulations

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 275 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12
SEEN-BY: 5075/35
PATH: 2320/105 229/426