It’s been reported that The New York Times has sued OpenAI and Microsoft, alleging that they used millions of its articles without permission to help train chatbots.

The First 

It’s understood that the New York Times (NYT) is the first major US media organisation to sue ChatGPT’s creator OpenAI, plus tech giant Microsoft (which is also an OpenAI investor and creator of Copilot), over copyright issues associated with its works.

Main Allegations 

The crux of the NYT’s argument appears to be that the use of its work to create GenAI tools should come with permission and an agreement that reflects the fair value of the work. Also, it’s important in this case to note that the NYT relies on digital subscriptions rather than physical newspaper subscriptions, of which it now has 9 million+ subscribers (the relevance of which will be clear below).

With this in mind, in addition to the main allegation of training AI on its articles without permission (for free), other main allegations made by the NYT about OpenAI and Microsoft in relation to the lawsuit include :

– OpenAI and Microsoft may be trying to get a “free-ride on The Times’s massive investment in its journalism” by using it to provide another way to deliver information to readers, i.e. a way around its payment wall. For example, the NYT alleges that OpenAI and Microsoft chatbots gave users near-verbatim excerpts of its articles. The NYT’s legal team have given examples of these, such as restaurant critic Pete Wells’ 2012 review of Guy Fieri’s (of Diners, Drive-Ins, and Dives fame) “Guy’s American Kitchen & Bar”. The NYT argues that this threatens its high-quality journalism by reducing readers’ perceived need to visit its website, thereby reducing its web traffic, and potentially reducing its revenue from advertising and from the digital subscriptions that now make up most of its readership.

– Misinformation from OpenAI’s (and Microsoft’s) chatbots, in the form of errors and so-called ‘AI hallucinations’ make it harder for readers to tell fact from fiction, including when their technology falsely attributes information to the newspaper. The NYT’s legal team cite examples of where this may be the case, such as ChatGPT once falsely attributing two recommendations for office chairs to its Wirecutter product review website.

“Fair Use” And Transformative 

In their defence, Open AI and Microsoft appear likely to be relying mainly on the arguments that the training of AI on NYT’s content amounts to “fair use” and the outputs of the chatbots are “transformative.”

For example, under US law, “fair use” is a doctrine that allows limited use of copyrighted material without permission or payment, especially for purposes like criticism, comment, news reporting, teaching, scholarship, or research. Determining whether a specific use qualifies as fair use, however, will involve considering factors like the purpose and character of the usage. For example, the use must be “transformative”, i.e. adding something new or altering the original work in a significant way (often for a different purpose). OpenAI and Microsoft may therefore argue that training their AI products could potentially be seen as transformative as the AI uses the newspaper content in a way that is different from the original purpose of news reporting or commentary. However, the NYT has already stated that: “There is nothing ‘transformative’ about using The Times’s content without payment to create products that substitute for The Times and steal audiences away from it”. Any evidence of verbatim outputs may also damage the ‘transformative’ argument for OpenAI and Microsoft.

Complicated 

Although these sound like relatively clear arguments either way, there are several factors that add to the complication of this case. These include:

– The fact that OpenAI altered its products following copyright issues, thereby making it difficult to decide whether its outputs are currently enough to find liability.

– Many possible questions about the journalistic, financial, and legal implications of generative AI for news organisations.

– Broader ethical and practical dilemmas facing media companies in the age of AI.

What Is It Going To Cost? 

Given reports that talks between all three companies to avert the lawsuit have failed to resolve the matter, what the NYT wants is:

Damages of an as yet undisclosed sum, which some say could be in the $billions (given that OpenAI is valued at $80 billion and Microsoft has invested $13 billion in a for-profit subsidiary).

For OpenAI and Microsoft to destroy the chatbot models and training sets that incorporate the NYT’s material.

Many Other Examples

AI companies like OpenAI are now facing many legal challenges of a similar nature, e.g. the scraping/automatic collection of online content/data by AI without compensation, and for other related reasons. For example:

– A class action lawsuit filed in the Northern District of California accuses OpenAI and Microsoft of scraping personal data from internet users, alleging violations of privacy, intellectual property, and anti-hacking laws. The plaintiffs claim that this practice violates the Computer Fraud and Abuse Act (CFAA).

– Google has been accused in a class-action lawsuit of misusing large amounts of personal information and copyrighted material to train its AI systems. This case raises issues about the boundaries of data use and copyright infringement in the context of AI training.

– A Stability AI, Midjourney, and DeviantArt class action claims that these companies used copyrighted images to train their AI systems without permission. The key issue in this lawsuit is likely to be whether the training of AI models with copyrighted content, particularly visual art, constitutes copyright infringement. The challenge lies in proving infringement, as the generated art may not directly resemble the training images. The involvement of Large-scale Artificial Intelligence Open Network (LAION) in compiling images used for training adds another layer of complexity to the case.

– Back in February 2023, Getty Images sued Stability AI alleging that it had copied 12 million images to train its AI model without permission or compensation.

The Actors and Writers Strike 

The recent strike by Hollywood actors and writers is another example of how fears about AI, consent, and copyright, plus the possible effects of AI on eroding the value of people’s work and jeopardising their income are now of real concern. For example, the strike was primarily focused on concerns regarding the use of AI in the entertainment industry. Writers, represented by the Writers Guild of America, were worried about AI being used to write or complete scripts, potentially affecting their jobs and pay. Actors, under SAG-AFTRA, protested against proposals to use AI to scan and use their likenesses indefinitely without ongoing consent or compensation.

Disputes like this, and the many lawsuits against AI companies highlight the urgent need for clear policies and regulations on AI’s use, and the fear that AI’s advance is fast outstripping the ability for laws to keep up.

What Does This Mean For Your Business? 

We’re still very much at the beginning of a fast-evolving generative AI revolution. As such, lawsuits against AI companies like Google, Meta, Microsoft, and OpenAI are now challenging the legal limits of gathering training material for AI models from public databases. These types of cases are likely to help to shape the legal framework around what is permissible in the realm of data-scraping for AI purposes going forward.

The NYT/OpenAI/Microsoft lawsuit and other examples, therefore, demonstrate the evolving legal landscape as courts now try to grapple with the implications of AI technology on copyright, privacy, and data use laws, and its complexities. Each case will contribute to defining the boundaries and acceptable practices in the use of online content for AI training purposes, and it will be very interesting to see whether arguments like “fair use” are enough to stand up to the pressure from multiple companies and industries. It will also be interesting to see what penalties (if things go the wrong way for OpenAI and others) will be deemed suitable, both in terms of possible compensation and/or the destruction of whole models and training sets.

For businesses (who are now able to create their own specialised, tailored chatbots), these major lawsuits should serve as a warning to be very careful in the training of their chatbots and to think carefully about any legal implications, and to focus on creating chatbots that are not just effective but are also likely to be compliant.

Following news that Google may need to pay $5 billion over tracking millions of people who thought they were browsing privately through incognito mode, we look at what incognito mode actually does.

Incognito Mode 

Different browsers have different names for ‘private browsing mode’ including ‘InPrivate browsing’ (Edge), ‘Private’ for Firefox (Mozilla) and Safari, and ‘Incognito’ for Google Chrome.

Those who use Google’s Chrome browser will know that in addition to browsing via a normal window, clicking/tapping on the three dots (top right) allows you to open another browser window in ‘incognito mode.’

Incognito mode is essentially just a setting on your web browser that allows you to go undercover (to an extent) when browsing the internet. It works by removing local data from web browsing sessions, i.e. browsing is recorded in your local search history (any cookies which a website attempts to upload to your computer are deleted or blocked). In incognito mode, other trackers, temporary files, and third-party toolbars are also disabled. An incognito window is not signed to any accounts so can’t be tracked by them. However, in incognito mode a user’s IP address can still be tracked.

Google says of incognito mode: “When you browse privately, other people who use the device won’t see your history. Chrome doesn’t save your browsing history or information entered in forms. Cookies and site data are remembered while you’re browsing, but deleted when you exit Incognito mode.” 

Therefore, when you use incognito mode:

– Your browsing history is (supposedly) private (i.e. it’s not recorded).

– Cookies are deleted, helping to keep your personal preferences private, and hopefully preventing the resulting targeted adverts.

– You can sign into multiple accounts simultaneously, e.g. you can log into a work-related account in an incognito window while also being logged into a separate personal account at the same site in a normal window.

Does Google Still Track You In Incognito Mode? 

Google can still track you in Incognito mode, however the tracking mechanisms are different from regular browsing. Although incognito mode primarily prevents your browsing history, cookies, and site data from being saved on your device, it doesn’t make you invisible online. For example, the fact that your IP address is still visible means that your activities can still be visible to websites you visit, your employer, and your ISP. This means that while Incognito mode offers more privacy from other users of your device, it does not offer complete anonymity online.

The Recent Case 

The recent case involving Google, where the company has agreed to a settlement (to be finalised on February 24) could see it pay out $5 billion following a class action lawsuit. The lawsuit claimed that Google had secretly tracked millions of people who’d been using Incognito Mode between 2016 and 2020.

It’s been reported that when the lawsuit was first submitted, even Google’s own staff joked about how ‘un-private’ the incognito mode was. The lawsuit stated that: “Through its pervasive data tracking business, Google knows who your friends are, what your hobbies are, what you like to eat, what movies you watch, where and when you like to shop, what your favourite vacation destinations are, what your favourite colour is, and even the most intimate and potentially embarrassing things you browse on the internet – regardless of whether you follow Google’s advice to keep your activities ‘private’.” 

How Can You Browse Privately? 

Given that Incognito mode is not completely private, other measures that users can take when they want to browse privately / make browsing more private include:

– Using private browsers. For example, there are now a number of private browsers available, such as DuckDuckGo, Epic, and Brave.

– Using privacy extensions for browsers. These include Privacy Badger, Ghostery, HTTPS Everywhere, Cookie AutoDelete, and more, although some of these are more focused on blocking cookies and tracking.

– Using a VPN to encrypt traffic, and hide your IP address, although they don’t protect you from being tracked, from cookies, from user-agent strings, or through the accounts they are logged into (e.g. Google).

– Adjusting browser settings to block tracking cookies, and regularly deleting browser cookies and cache to remove tracking data and browsing history stored on the device.

What Does This Mean For Your Business? 

The main point to remember is that incognito mode is not completely private because your IP address is still visible. This means that your activities can still be visible to the websites you visit, your employer, and your ISP. Also, the Google case highlights what a grey area the ‘incognito’ name seems to be, and one of the questions in the case has been whether Google actually made a legally binding promise not to collect users’ data when they browsed in private / incognito mode.

Achieving complete privacy while browsing the internet is actually quite a challenge due to the interconnected and complex nature of online services and the widespread use of tracking technologies. Most websites and online services collect user data for various purposes, such as personalising content, advertising, or analytics. This data collection is often deeply integrated into the infrastructure of the web, making it difficult to avoid entirely.

Therefore, perhaps the most realistic way for users to enhance their privacy is a multi-layered approach. Using a reliable Virtual Private Network (VPN) is a good start, as it encrypts internet traffic and masks the user’s IP address, making it harder for third parties to track online activities. Also, using privacy-focused browsers and search engines, disabling tracking cookies, and regularly clearing browsing history and caches can further reduce one’s digital footprint. However, it’s important to understand that these measures improve privacy but do not guarantee complete anonymity. For instance, a VPN hides your IP address from websites but the VPN provider itself can see your internet traffic unless it enforces a strict no-logs policy. Similarly, while privacy-focused browsers limit tracking, they don’t completely eliminate the possibility of data collection by websites or internet service providers.

UK Transport Secretary, Mark Harper, said in a recent radio interview that driverless cars could be on some UK roads by the end of 2026.

2026 

Following the November announcement of the new Automated Vehicles (AV) Bill, in an interview on BBC Radio 4’s Today programme, Mr Harper said: “Probably by as early as 2026 people will start seeing some elements of these cars that have full self-driving capabilities being rolled out.” 

Safety 

Although the first thing that may come to mind at the thought of driverless cars being on the road is the potential risk, the narrative around driverless vehicles is that they could, in fact, improve safety on the roads. This is because they remove the possibility of driver error which Mr Harper says is currently responsible for 88 per cent of road traffic collisions.

Automated Vehicles Bill  

The Automated Vehicles Bill, announced in November 2023 as part of the King’s speech, will provide the legal frameworks for self-driving vehicles in the UK, and has “safety at its core.” 

The government says that before self-driving vehicles (AVs) are allowed on UK roads, they will, for example, have to meet or exceed the rigorous new safety requirements set out in the law that the bill will eventually become.

Why Self-Driving Vehicles?  

In addition to potentially bringing a significant reduction in the number of driver-error road collisions, the UK government says that the many advantages that AVs could bring include:

– The technology will also help make travel more convenient and accessible, improving the lives of millions of people who can’t drive.

– Better connecting rural communities, improving access to essential services, and reducing isolation.

– Making last-mile delivery and long-haul freight services more efficient, reducing congestion, and providing on-demand transport services.

– Boosting the economy by creating up to 38,000 jobs.

Other advantages to UK businesses of allowing the (regulated) use of AVs on UK roads in the near future include:

– Lower labour costs as driver expenses are eliminated.

– Increased efficiency through allowing continuous operation and optimised routes and delivery times.

– Fuel efficiency through better fuel economy, resulting from optimised driving patterns.

– Providing valuable operational and traffic data for business insights.

– Supply chain optimisation, i.e. timely and predictable deliveries improving logistics.

– Environmental benefits (from electric or hybrid power), thereby reducing emissions.

– Opening up innovative service and delivery models.

– Helping businesses to meet evolving safety and environmental standards.

What Could Possibly Go Wrong? 

Early tests of AVs going awry have already highlighted the risks posed by (and associated with) having AVs on normal roads. For example:

– Back in 2018, in Tempe, Arizona (the US), a self-driving Uber vehicle hit and killed a pedestrian. This was one of the first fatal accidents involving a pedestrian and an autonomous vehicle. The incident raised significant questions about the safety of self-driving technology and its ability to handle unpredictable situations.

– Also in 2018, in Chandler, Arizona, a Waymo self-driving minivan was involved in a crash when a human-driven car swerved and collided with it. While the Waymo vehicle was operating in autonomous mode, it was not at fault. This incident, however, underscored the complexities of integrating autonomous vehicles into current traffic systems dominated by human drivers.

– There have been several reported accidents involving Tesla’s Autopilot system, where drivers misused the system or over-relied on its capabilities. These incidents, including fatal crashes, highlighted the challenges in ensuring drivers remain engaged and ready to take control even in semi-autonomous modes.

What Does This Mean For Your Business? 

The introduction of Autonomous Vehicles (AVs) to UK roads as soon as 2026 may seem a little ambitious, yet it highlights the government’s commitment to the idea of being able to create new jobs, help establish the UK as a new technology leader, plus stimulate the growth of a £42 billion industry here.

For UK businesses, provided the AVs are affordable, easy enough to operate and safe enough, AVs promise operational efficiency, cost management benefits and productivity enhancements, particularly in sectors like logistics and transportation, boosting levels of efficiency in supply chain management.

However, embracing this new technology will come with its challenges. Safety concerns (highlighted by incidents involving AVs in recent years) are reminders of the need for stringent safety standards and robust legal frameworks (such as the AV Bill is designed to provide). Also, building public trust in this new technology is likely to be vital so and concerns about safety, privacy, and the broader societal impact (including job displacement) need to be addressed to ensure smooth integration into society.

The prospect of driverless cars on UK roads within two years, therefore, presents a blend of exciting opportunities and formidable challenges for businesses. While the benefits of improved efficiency, cost savings, and environmental impacts are clear, navigating the safety, regulatory, and societal aspects are less clear at the moment. For businesses looking forward, adaptability and readiness to embrace change will be crucial in capitalising on the advantages that AVs bring.

Amazon has announced that from 5 February 2024, its Amazon Prime Video customers in the UK and Germany will see “limited” ads unless they pay £2.99 per month to remove them.

Why? 

Amazon says that in view of the fact it won’t be making changes in 2024 to the current price of Prime membership, and that it will continue investing in content and keep increasing that investment over a long period of time, it will be adding the “limited” adverts that customers must pay to remove.

In the announcement about the pay-to-remove ads, Amazon listed the many benefits of the Prime Service, and its heavy investment in the service. More specifically, it’s also likely that its renewals of hit series like Redemption and The Boys, its deal with Games Workshop (bringing Warhammer 40,000 to cinema screens) and its plans for other popular content like a series based on the video game Fallout, may also be used to balance out the cost/value analysis in the minds of customers.

The online retail and tech giant and streamer is also keen to stress that it will “have meaningfully fewer ads than linear TV and other streaming TV providers.” 

That said, live content such as sports will continue to include advertising whether customers pay for Prime ad removal or not.

Ad-Free Option Later 

Amazon has also said that it will be adding a new ad-free option but will share the price of that option at a later date.

How And When? 

Amazon says no action is required for Prime members as the “gradual” rollout of the ads takes place and that it will email Prime members several weeks before ads are introduced into Prime Video. The email will also contain information on how users can sign up for the ad-free option and will, presumably, give the price of the ad-free service.

More Expensive Than The US And Germany

Although customers in the US and Canada will see ads rolled out earlier than in the UK (from 29 January), at US $2.99 (£2.35) to stop the ads, this works out cheaper than for UK customers.  It is also understood that customers in Germany will have a better deal by only having to pay the equivalent of Germany will pay £2.60.

Competitors  

Amazon Prime’s competitors, Disney+ and Netflix, have also introduced their own cheaper ad-supported memberships (and price rises). For example, back in August 2023, Disney+ announced its plan to introduce a cheaper streaming option with adverts in the UK in November (due to falling profits). Also, it was back in November 2022 when Netflix launched its ‘Basic with Ads’ streaming plan.

What Does This Mean For Your Business? 

For Amazon Prime, adopting the limited ads that require payment to remove them idea provides an extra revenue stream which could be used to contribute to its investment in content creation thus enhancing the platform’s offerings and competitiveness.

The email to be sent to customers about the ads also provides Amazon Prime with an opportunity to get customers’ attention and highlight its ad-free option in a more ‘under-the-radar’ way in what is a highly competitive streaming market.

Since the boom-time of the pandemic when streaming services were prioritised and multiple users per account tolerated, the post-pandemic saw user numbers drop, e.g. for Netflix. This led to the leading streaming platforms having to increasingly explore varied revenue models, including ad-supported tiers in order to offer more attractive and diversified subscription options to retain and attract a broader subscriber base in this highly competitive space. Amazon Prime, therefore, like Netflix and Disney+, is now offering ad-free options to increase user numbers and attract this broader range of customers (more price-sensitive viewers) thereby intensifying the competition among streaming services.

However, although Amazon Prime’s move could provide new revenue opportunities, it also presents challenges and choices for customers, who now must weigh the trade-off between tolerating ads or paying more for uninterrupted viewing, thereby potentially unsettling them and lowering barriers to exit. As Amazon’s announcement about the change shows, it’s hoping that its commitment to a lower ad volume compared to other platforms could mitigate some potential viewer dissatisfaction and that reminding customers of the many benefits of its services may soften the blow.

Amazon’s business-changing model for streaming is, therefore, an expected reflection of the changing landscape of the highly competitive streaming services market, as providers continuously adapt their strategies.

The latest version of the Apple Watch has gone back on sale in the US after being removed from sale by the US Government from 26 December 2023.

Its removal from sale followed claims by medical technology company Masimo that the watch’s pulse oximetry sensors (used to measure how much oxygen is in the blood) violated its patents.

The ban, which applied to the Apple Watch Series 9 and Apple Watch Ultra 2, has now been halted and the watch has gone back on sale while a court considers Apple’s motion for a longer-term pause during the appeals process. The court has given the US International Trade Commission (ITC) until 10 January to respond to Apple’s request.

Cyber Security News has compiled a top 10 most notable cyber-attacks of 2023 list, serving as a reminder to businesses that advancements in technology, increased connectivity, and the more sophisticated tactics used by threat actors mean that cyber-attacks are evolving at a rapid pace.

Top of its list is the MOVEit Mass Attack launched by a Russian hacking group which used the MOVEit file transfer software to extort an estimated $75-100 million from 2,667 organisations. The others in the list include Cisco IOS XE attacks, the US government hacked via Microsoft 365, the Citrix Bleed attack, Okta’s customer support data breach, the Western Digital cyber-attack, and the MGM Resorts breach. The list also includes the Royal Ransomware attack over the city of Dallas, the GoAnywhere attacks, and the 3CX software supply chain attack.

Businesses should, therefore, make sure that they are well protected for 2024 from a wide range of common cyber-attack methods, including malware, phishing, distributed denial of Service (DDoS), man-in-the-Middle (MitM), and many more.

Austria’s Repair Bonus voucher scheme sees the government pay citizens up to €200 (£173) towards getting old electrical appliances, devices and tech gadgets fixed.

Why?  

The Austrian government scheme, financed through the Covid Recovery Fund, is designed to motivate people to repair rather than throw away old electrical appliances (and add to a growing pile of e-waste). Austria’s Climate Minister Leonore Gewessler launched the scheme with the intention of “making repair attractive again.” 

The E-Waste Problem 

A 2019 UN report showed that the world produces as much as 50 million tonnes annually of electronic and electrical waste, also known as e-waste, but that only 20 per cent of this is formally recycled. Put in context, the current worldwide pile of electronic waste weighs more than all the commercial airliners ever made. The UK, for example, currently produces 24.9kg of e-waste per person, which is nearly 10kg more than the European Union (EU) average.

Some of the main problems associated with e-waste are:

– Environmental pollution. E-waste contains harmful toxins like Lead, Mercury, Cadmium (and others), posing significant health and environmental risks.

– Loss of valuable materials. E-waste is a source of scarce and valuable materials such as gold and platinum, which are often lost due to improper disposal.

– The current recycling rates are too low. Only about 20 per cent of e-waste is formally recycled worldwide, leading to environmental harm and material loss.

– Health risks in informal recycling. In countries with a predominantly informal e-waste sector, such as India, workers face severe health risks due to exposure to dangerous chemicals.

– Asset wastage. Companies often prematurely dispose of electronic assets, resulting in the loss of potentially useful resources.

– Data security concerns. Fears over data security leads some companies to destroy electronic assets rather than recycle or reuse them.

– E-waste export to developing countries. Despite the Basel Convention’s limitations, developed countries have been exporting a significant portion of their e-waste to developing countries, contributing to improper recycling practices. However, the upcoming “Swiss-Ghana Amendments” to the Basel Convention, effective from 2025, aim to redefine the trade rules for hazardous and non-hazardous e-waste, potentially reducing this issue.

– Cheap electrical goods preventing recycling. For example, if the costs of repairing an electrical item / device are more than 20-30 per cent of the cost of the new product, people are more likely to buy new and not repair the old item. The Repair Bonus scheme may, therefore, be a way to lower those costs, and act as an incentive to repair more.

Which Items Does The Austrian Repair Scheme Apply To? 

Austria’s Repair Bonus voucher scheme applies to almost all electrical and electronic equipment commonly used in private households, including those with a power cord, rechargeable battery, and battery or solar modules.

How Does The Scheme Work? 

The scheme works by issuing vouchers that can be redeemed at third party partner companies who carry out the repairs. The customer downloads the voucher from the government website, pays the partner company upfront, and then receives a direct payment (into their bank account) of half the costs of the repair back after three to four weeks.

A Win-Win 

The scheme is being described as a win-win because customers benefit from cost savings on the repair, local businesses (the partner repair businesses) benefit from additional revenues, and the environment benefits from a reduction in the amount of e-waste.

Challenges 

Although the Austrian scheme has led to more repairs it hasn’t been without its challenges. For example:

– There is a shortage of technicians and craftspeople to carry out the repairs.

– Some of the spare parts needed for some repairs are no longer available, so replacements need to be found.

– The scheme needs to work well enough to change quite an entrenched mindset in what has become a ‘throwaway society.’

What Else Could Encourage Repair and Recycling? 

In addition to voucher schemes, like the one in Austria, other measures that could encourage the repair and recycling of electrical goods and a circular and more sustainable economy could include:

– Educational campaigns, i.e. increasing public awareness about the environmental and economic benefits of repairing and recycling electronics and educating consumers about their rights to repair their own devices or to have them repaired by a third party.

– Extended producer responsibility (EPR), i.e. implementing policies requiring manufacturers to take back used products for recycling or proper disposal.

– Repair-friendly design regulations. Encouraging or mandating manufacturers to design products that are easier to repair and upgrade.

– Tax breaks or incentives for companies and consumers who repair, recycle, or buy refurbished electronics.

– Community repair events such as organising local repair cafes or workshops / pop-up workshops where people can bring their electronics for free or low-cost repairs.

– Providing financial and technical support to small businesses specialising in repairing electronics.

– Recycling infrastructure development. Investing in more accessible and efficient recycling facilities and collection points.

– More laws and regulations for waste reduction including enforcing stricter regulations on electronic waste disposal and promoting recycling.

Is There A Similar Scheme In The UK? 

Unfortunately, here in the UK, there isn’t a direct counterpart to Austria’s Repair Bonus voucher scheme for electrical devices. However, the UK government did introduce new ‘Right to Repair’ laws in 2021, and has initiated a consultation to enhance electrical waste recycling, making it easier for people to recycle through manufacturer and retailer responsibility. Also, The Restart Project advocates for the Right to Repair and promotes repair and reuse through various initiatives and community activities.

What Does This Mean For Your Organisation? 

Austria’s Repair Bonus voucher scheme could represent one way to move forward in addressing the escalating global problem of e-waste and promoting a more sustainable approach to technology usage and the use of all household appliances and gadgets. For organisations, this kind of initiative is not just about environmental stewardship but also presents an opportunity for economic and societal benefits.

The scheme does appear to provide a win-win in terms of providing cost savings to consumers, boosting local businesses, and reducing the volume of e-waste making the option of fixing old devices more attractive compared to buying new ones.

However, the Austrian scheme does face challenges, particularly in the areas of technical workforce and spare parts availability. Finding a way to ensure a steady supply of skilled technicians through training and education programs may be essential going forward. Also, making spare parts more accessible, possibly through collaborations with manufacturers, might be a way to ensure that more repairs are feasible and cost-effective.

If similar initiatives are adopted in many other countries too, this could have a positive impact on global e-waste reduction and tailoring these programs to suit specific national contexts could maximise their effectiveness. Also, incentivising businesses (who are large buyers of electrical devices) to engage more actively in repair and recycling efforts could be achieved through a variety of measures, such as tax incentives, subsidies, or recognition programs.

In terms of environmental impact, such initiatives could contribute to the conservation of valuable resources and reduce the need for extracting new raw materials. From an economic standpoint, developing a robust repair industry could also open up new job opportunities and foster local economies. Promoting repair and recycling also aligns with the broader goals of sustainability and responsible consumption.

The apparent success of Austria’s Repair Bonus scheme, therefore, offers valuable insights and food for thought into how similar strategies could be implemented globally. For organisations, embracing these principles could mean not only contributing to environmental sustainability but also potentially tapping into new economic opportunities. As awareness of the e-waste challenge grows, initiatives like these could provide a roadmap for responsible electronic waste management and a more sustainable future.

If there are websites that you use regularly, pinning tabs is a way to save time, stay organised, and get right to the websites you need every time you open your Google Chrome browser. Here’s how it works:

– Open Chrome and type in the domain of the required website.

– Right-click on the tab the website is open in and select ‘Pin’.

– You’ll see your pinned tab appear at the top of the browser on the left. Pinned tabs are stored on the left of the window and only show the site’s icon, saving space.

– Pinned tabs stay in place, even when you close and reopen Chrome, so it’s just a case of clicking on the pinned tab (top left) to quickly go to the required website.

Following on from Google’s recent launch announcement for Gemini (its new super-powered foundation model family), Google has now announced the launch of AI Studio to enable the development of apps and chatbots using Gemini.

Gemini (Pro) 

Google recently announced the introduction of its largest and most capable AI model, Gemini. The three sizes of the model, Ultra, Pro and Nano are already being rolled out with Gemini Nano in Android, starting with Pixel 8 Pro, and a specifically tuned version of Gemini Pro in Google’s Bard chatbot. Gemini Pro is now also available for developers and enterprises to build for their using AI Studio.

AI Studio – Leveraging The Power of Gemini 

Google’s new AI Studio (previously called ‘MakerSuite’), which Google describes as “the fastest way to build with Gemini” is a free, web-based developer tool that enables users to quickly develop prompts and then get an API key to use in app development. In short, it’s a fast, free, easy-to-use tool to enable the creation of apps and chatbots that leverage the power of Gemini Pro model (and Ultra later next year).

Generous Free Quota 

As Google is keen to point out, users who sign into Google AI Studio with their Google account login can take advantage of the 60 requests per minute free quota, which is 20 times more than other free offerings.

How It Works 

Once signed in, AI Studio users simply need to click on “Get code” to transfer their work to their integrated development environment (IDE) of choice or use one of the quickstart templates available in Android Studio, Colab or Project IDX.

Shared With Reviewers To Improve Product Quality 

Google also says that to improve the quality of AI Studio, when using the free quota, it may make the user’s API and Google AI Studio input and output accessible to trained reviewers. Google stresses that in the interests of privacy, this data is de-identified from the user’s Google account and API key.

Currently, Google AI Studio supports both Gemini Pro and Gemini Pro Vision models, which accommodate text and imagery development, but not yet image creation

How Much Can You Do With The Free AI Studio? 

It’s been reported that the team behind AI Studio have tried to make sure it doesn’t feel like a very limited trial version or a gated product and that, if the free-tiers rate limits are sufficient for their use, developers can start publishing their AI Studio apps or use them through the API or Google’s software development kits (SDKs) right away.

Which Software Development Kits (SDKs)? 

With Gemini Pro, the SDKs supported include Python, Android (Kotlin), Node.js, Swift and JavaScript, which should enable the building of apps that can run anywhere.

Transition To Vertex AI 

In line with Google’s “growing with Google” (customer retention) concept, AI Studio offers a way for Google to first let users experiment and learn, before seamlessly enabling them to “easily transition” to its fully managed (paid-for) AI developer platform ‘Vertex AI.’ This platform offers the added benefits and value of customisation of Gemini with full data control, and it benefits from additional Google Cloud features for enterprise security, safety, privacy and data governance and compliance.

Those who choose to transition to Vertex will therefore have access to Gemini plus, meaning that they can:

– “Tune and distil” Gemini with their own company’s data and augment it with grounding to include up-to-minute information and extensions to take real-world actions.

– Build Gemini-powered search and conversational agents in a low code / no code environment. This includes support for retrieval-augmented generation (RAG), blended search, embeddings, conversation playbooks and more. RAG refers to using facts fetched from external sources to enhance the accuracy and reliability of generative AI models.

All this should mean that businesses can use these Google AI services to create their own working, real-world customised chatbots and apps (based on a powerful model), saving time and money and without requiring vast amounts of technical skill to do so. Google is also keen to highlight how using Vertex will protect privacy because Google says it doesn’t train its models on inputs or outputs from Google Cloud customers, and customer data and IPs remain their own. This is likely to be important to the many enterprise customers and developers that Google hopes will adopt AI Studio and then Vertex AI.

Looking Ahead (And Pricing)

As previously mentioned, using Google’s Gemini Pro through AI Studio is currently free, and a pay-as-you-go version (coming soon to AI Studio) will be priced at (input) $0.00025 / 1K characters and $0.0025 / image, and output $0.0005 / 1K char.

Google says: “Vertex AI developers can try the same models, with the same rate limits, at no cost until general availability early next year, after which there will be a charge per 1,000 characters or per image across Google AI Studio and Vertex AI.” The Vertex platform is already charged by every 1,000 characters of input (prompt) and every 1,000 characters of output (response).

With Gemini, the new, powerful three-flavoured foundation model means users can build their apps and chatbots via Google AI Studio and then Vertex. Ultra, the largest and most capable model, will be launched next year (following testing and tuning). Google also says it plans to bring Gemini to more of its developer platforms like Chrome and Firebase.

What Does This Mean For Your Business? 

In the fast-moving generative AI market, Google’s powerful Gemini models and its infrastructure and tools for leveraging these models (AI Studio and Vertex) enable it to compete with the likes of OpenAI’s GPT-4 model, its API and ChatGPT. With the race now moving towards giving users the tools to make their own customised apps and chatbots (like OpenAI’s GPTs) focused on their own business uses, this is an important competitive step from Google.

AI Studio is also a way to ease users into Google’s AI services, retain and upsell them by offering them a seamless way to move up to the bigger paid-for platform Vertex. Being able to build apps and chatbots in an easy, low-code way is likely to be very attractive to most businesses that are sold on the general benefits of AI but want a way to easily tailor it in a value-adding way that is specific to their own business needs. Although Google and the other major tech players are moving quickly to meet these needs, it seems that this is such a fast-moving market that in even just a month or two, other major developments or products can up the ante for all again. OpenAI, for example has (after its recent boardroom power struggle) has already announced some major new developments for the very near future.

For now, it’s a case of Google scoring some points with Gemini and its associated infrastructure tools. However, keep watching this space!

A whitepaper by researchers at Sophos highlights how, rather than remaining anonymous, ransomware gangs now engage with the media to shape the narrative around a hack and gain a tactical and strategic advantage.

The Ransomware Threat 

Ransomware is a type of malicious software designed to block access to a computer system or data (typically by encrypting it), until a ransom is paid. It’s worth remembering that even if a ransom is paid, it may not mean that data is ever returned. Ransomware has become increasingly popular among cybercriminals due to its lucrative nature and the ease with which it can be distributed, such as via phishing emails, malicious downloads, or exploiting security vulnerabilities. The rise of cryptocurrencies has also facilitated anonymous ransom payments, making it harder to trace and prosecute perpetrators.

Ransomware’s effectiveness in generating revenue for attackers plus the increasing digitisation of many business-sectors have contributed to its growing prevalence as an attack ‘vector’. For example, ransomware attacks have increased by over 37 per cent this year compared to previous years (ThreatLabz) and over the last five years, there has been a 13 per cent rise in ransomware attacks. Also, the global cost of ransomware is estimated to have exceeded $30 billion this year (tech.co).

The Commoditisation and Professionalisation of Ransomware 

The Sophos whitepaper highlights the fact that whereas historically, cybercriminals preferred to operate in obscurity and avoid public attention (for obvious reasons), there has been a marked shift in the behaviour of ransomware gangs. Sophos says that, aided by the commoditisation and professionalisation of ransomware, these criminal groups are now actively engaging with the media for a variety of tactical and strategic reasons.

Why? 

Some of the key reasons highlighted by Sophos as to why ransomware gangs now court the media include:

– Leveraging media attention. It seems that ransomware gangs now understand that their activities are newsworthy and are prepared to use media coverage to bolster their credibility and exert pressure on victims. For example, they sometimes link to existing coverage on their leak sites, thereby showcasing their notoriety and influence (making a name for themselves and bolstering their criminal ‘brand’).

– Many ransomware gangs now seek direct communication with journalists and invite and facilitate communication with them. For example, criminal gangs do this through FAQs on their leak sites, dedicated private PR channels, and public notices. This approach not only allows them to control the narrative but also serves as a means to intimidate victims by demonstrating their media reach.

– Bizarrely, some groups even give in-depth interviews, thereby hoping to provide a positive perspective of their activities, which could serve as a recruitment tool. This not only increases their notoriety but also offers insights into the ransomware scene from their perspective.

– Sophos reports that ransomware groups have even started issuing what they call “press releases,” often written in fluent English. These releases can, for example, range from recruitment announcements to attacks on organisations for not complying with their demands, thereby applying pressure, and causing reputational damage to victim organisations.

– According to Sophos, ransomware gangs have also started to focus on their own branding, using catchy names and slick graphics on their leak sites to attract media attention and distinguish themselves in the public domain.

Media Management Roles

Reading the above, it’s perhaps not such a surprise to learn that, in some well-established ransomware groups, Sophos reports that there are even individuals who have media management roles and are dedicated to negotiating ransoms and managing public communications. This indicates a worrying level of organisation and professionalisation akin to legitimate businesses.

Criticism and Mistrust of Media 

That said, and despite their engagement, it seems that the split personality and confused logic of ransomware gangs can’t help but shine through as they tend to display a contradictory attitude towards the media. For example, Sophos highlights how they often criticise journalists for what they perceive as unfair or inaccurate coverage and occasionally attack individual journalists to make them feel uncomfortable or cause reputational harm. However, as befits a more media-savvy approach (with a brand and image at stake) they also tend to refrain from making direct threats.

The Unique Position of Ransomware Gangs 

In the world of cybercrime, this need for publicity means that ransomware campaigns now occupy a unique position. Unlike other threats that thrive on remaining undetected, ransomware groups must make themselves known to demand ransoms. This involves using leak sites and media engagement. It should be remembered, however, that all this is used to apply pressure on victims, attract recruits, manage their public image, and shape the narrative of their attacks.

The Implications For The Security Community And Businesses 

To combat the problem of the increasing media savviness of ransomware gangs, many believe that the security community and media need to adopt specific strategies. These could include:

– Refraining from directly engaging with ransomware actors unless it aids in defence or is in the public interest.

– Factual reporting, i.e. focusing on providing information that aids defenders and avoids glorifying the threat actors, thereby reducing their manipulative power.

– Providing adequate support to journalists and researchers who may be targeted by these groups.

– Avoiding publicly naming or crediting threat actors unless necessary and factual, can deny them the publicity they seek, thereby limiting their powers and thwarting some of their criminal ambitions.

Why Aren’t Ransomware Gangs Afraid? 

As the Sophos whitepaper indicates, ransomware gangs often appear to be unfazed by the legal consequences of their actions. Some of the main reasons for this may be:

– An adequate level of anonymity and decentralisation. Despite their media engagement, ransomware operations still manage to maintain an adequate level of anonymity, often using encrypted communication and cryptocurrency for transactions, which makes the successful tracking and identification of perpetrators challenging.

– Jurisdictional challenges. Many ransomware gangs operate from countries with lax cybercrime laws or where local authorities are either unable or unwilling to cooperate with international law enforcement efforts. This creates a kind of safe-haven for cybercriminals.

– Sophistication of operations. Ransomware gangs are now becoming increasingly sophisticated, using advanced techniques to avoid detection, and employing a variety of methods to launder ransom payments.

– The ransomware-as-a-Service (RaaS) model allows ransomware developers to lease their malware to affiliates who conduct attacks, further complicating law enforcement efforts as the developers can claim ignorance of the actual attacks.

Some Sucesses 

Despite these challenges, police around the world have had some notable successes in recent years. Collaborations between international law enforcement agencies have led to the disruption of major ransomware operations, arrests of key figures, and seizure of ransom payments. For example, the takedown of the Emotet botnet, the arrest of individuals connected to the REvil and Egregor ransomware groups, and the recovery of part of the ransom paid in the Colonial Pipeline attack are some significant victories. However, these successes are relatively rare compared to the scale and frequency of ransomware attacks, while the constantly evolving nature of these cybercriminal groups continues to pose a substantial challenge to law enforcement worldwide.

What Does This Mean for Your Business?

This shift by ransomware gangs from hiding away to actively contacting the media seems counterintuitive, brazen, and shocking. For many of the reasons explained above, ransomware gangs don’t seem to fear detection and capture. Despite their media activities, the main point is that if businesses are well prepared with security measures in place, the ransomware threat can be mitigated and the gangs will have little to report.

Proactive businesses should, for example, implement robust cybersecurity practices to prevent breaches, and develop and regularly update a comprehensive incident response plan. It’s also important for businesses to educate employees about ransomware tactics, including their use of media and public relations strategies, and to engage with cybersecurity experts to stay informed about the latest ransomware trends and defence strategies. Businesses also need to be aware, like the attackers, that they may need to prepare a media strategy in case of a ransomware attack to control the narrative and minimise reputational damage.

There’s also clearly a part that the media can play in limiting the manipulative power of ransomware gangs by not engaging with them and by denying them the publicity they crave. Better collaboration between law enforcement globally and increasing investment in detecting and tackling these groups is also an important priority to protect businesses. The more brazen and open attackers become, the more likely they are to make mistakes and leave clues and trails that could lead to their detection and capture.

By understanding the evolving landscape of ransomware threats and their media strategies, businesses and the security community can better prepare and respond to these increasingly sophisticated cyber-attacks.