Google is widening access to Opal, its no-code AI mini-app builder, to 15 additional countries. However, new research warns that AI-accelerated development is outpacing software security.

What Is Opal?

Opal is a Google Labs experiment that turns a plain-English prompt into a working mini web app. Users describe what they want, then Opal assembles a visual workflow of inputs, AI model calls and outputs. Each step can be opened in an editor to review the prompt, adjust the logic, add new steps, or run the workflow step by step to see what happens and where it fails. Once ready, creators can publish the app to the web and share a link so others can use it with their Google accounts.

Google introduced Opal in the United States in late July 2025 as part of its push to make AI creation accessible to non-developers. The stated aim was essentially to let people turn ideas into small, useful tools without writing code, while keeping the workflow visible so it can be inspected and improved. However, when early U.S. adopters built more than just novelty projects, it seemed to nudge Google to move faster on a global rollout.

Where And When?

On 7 October 2025, Google said Opal would begin rolling out to 15 additional countries. These are Canada, India, Japan, South Korea, Vietnam, Indonesia, Brazil, Singapore, Colombia, El Salvador, Costa Rica, Panama, Honduras, Argentina and Pakistan. Google framed the expansion as a response to the sophistication of early user projects. As Megan Li, senior product manager at Google Labs, put it in a Google blog post, “we did not expect the surge of sophisticated, practical and highly creative Opal apps we got instead,” which made it clear the tool needed to reach “more creators globally.”

That said, the rollout remains within Google Labs and the product is still presented as just experimental, which may be helping Google to manage expectations at this point. For example, Google is giving the message that Opal is designed for rapid prototyping, automation and lightweight utilities, but not really for performance-critical systems. In other words, it’s a step toward broader access rather than the final word on enterprise-grade app building.

What Has Improved?

Alongside the expansion, Google announced two upgrades based around improving reliability and speed. The first is advanced debugging that stays no-code. With this, users can run a workflow step by step in the visual editor, or iterate on a single step in a console panel, with errors surfaced exactly where they occur. The second is a faster core, which means that the new Opal is snappier than before, and steps can run in parallel so complex workflows execute more quickly. Google’s hoping that these changes address common blockers for no-code builders, who need immediate context when something breaks and shorter wait times when experimenting.

Why Now?

Opal lowers the barrier to building AI-powered tools and keeps those experiments inside Google’s ecosystem. It also means that Google gets to learn what people are trying to build, where they get stuck, and which patterns succeed. That feedback loop improves the underlying models, the templates and the product itself. It also positions Google in a growing market where rivals are courting non-technical creators with prompt-to-app tools. Canva has expanded its Magic features, Figma has explored AI-assisted interface creation, and Replit has continued to blur lines between coding assistance and app scaffolding. By scaling Opal, Google can meet users where they are and channel more of that experimentation through its models and accounts.

Users And Teams

For individuals, Opal basically shortens the path from idea to working prototype. To give a few simple examples of how it could be used:

– A marketer could create a content repurposer that uses a brief to output social copy with a few review steps.

– A customer support manager could build a simple intake tool that classifies enquiries and drafts suggested replies for human approval.

– An analyst could chain together a data cleaning step, a summariser and a report generator without waiting for a development slot.

For teams inside businesses, the visual workflow aspect of Opal also matters. For example, people can see the logic, the prompts and the hand-offs between steps, which helps with training, peer review and handover when roles change. Publishing a mini-app as a link also makes internal distribution straightforward. That convenience is precisely why governance needs attention. Without some oversight, useful experiments can turn into shadow tools that handle customer data or trigger actions outside approved processes.

Businesses

Although the latest expansion does not include the UK, many UK organisations may be watching for signals about localisation, policy controls and Workspace integration. The draw is clear, i.e. faster prototypes mean faster experiments with customer journeys, marketing operations, knowledge management and lightweight analytics. The risk is also equally clear – if non-developers can publish AI-driven tools that interact with real data, then security, data protection and auditability have to be part of the pattern from day one. UK firms with regulated obligations will need to map Opal to existing controls for data handling, retention, identity and access, and change management.

Google’s Competitors

Following this wider rollout, Google’s competitors may now see three pressures intensify, which are:

1. Speed to value. Lower latency and parallel steps raise expectations for interactive build-iterate loops.

2. Visibility and trust. Step-level error context tackles a common barrier to adoption, which is uncertainty about what the AI system is doing and why it failed.

3. Distribution. Google can seed Opal where many small tools begin, inside consumer accounts and Workspace environments, which increases the chance of viral internal adoption once the feature reaches more markets.

Challenges And Criticisms

No-code tools typically hit a ceiling with bespoke integrations, complex data governance and strict performance requirements. With this in mind, Opal is unlikely to replace traditional engineering for systems of record or heavily regulated workflows. There are also questions about lock-in, portability and transparency. For example, if a mini-app depends on specific Google prompts or components, migrating it to another platform may not be trivial. Observers of AI-assisted creation have also raised concerns about inconsistency and security weaknesses in generated logic. Even with step-wise debugging, a workflow that calls external models can behave unpredictably across inputs, which complicates testing and assurance.

‘Security Debt’ In An AI-Accelerated World

This broader concern is reflected in new research from Black Duck, a long-running application security and open source risk specialist now part of Synopsys. For example, in a recent survey of 1,000 security professionals, 81 per cent said application security testing is slowing development and delivery, nearly 60 per cent said their organisations deploy code daily or more, and 46 per cent still rely on manual steps for security. The report warns that these patterns are creating “security debt”, with vulnerabilities left unaddressed as release velocity increases. It also highlights tool sprawl and alert fatigue, with 71 per cent of respondents complaining about noisy and duplicative alerts, and it notes that 61.64 per cent of organisations test less than 60 per cent of their applications. Veracode’s separate analysis adds context, estimating that average remediation times have increased from 171 days in 2020 to 252 days in 2025.

Black Duck’s CEO, Jason Schmitt, has previously said that the findings show traditional approaches to application security are no longer keeping pace with the speed of modern software delivery. The company has advised development teams to move towards integrated, automated security processes that sit directly within their everyday workflows, rather than relying on separate or reactive testing later in the cycle.

How This Connects To Opal And Similar Tools

Opal’s improvements in transparency and debugging make failures easier to spot and discuss, however they do not replace secure design, testing and monitoring. If AI lowers the threshold for building and sharing tools, more people will build more tools, which increases the importance of guardrails that operate at the point of creation. For organisations experimenting with Opal, that means deciding where such tools are permitted, classifying data types that may flow through them, setting standards for prompts and outputs, and ensuring that automated checks run when a mini-app is created and whenever dependencies change.

Black Duck’s long-running audits of commercial codebases routinely find vulnerable open source components and out-of-date dependencies. Even small utilities can pull in libraries, connect to services or incorporate code fragments that carry risk. The lesson here is not to block experimentation. It is also to bring security to where the experimentation happens, to reduce manual steps, and to ensure there is visibility of what has been published, by whom, and with what data access.

What To Watch

For Google, the next test is how Opal scales beyond early adopters, including whether it gains the policy controls and enterprise integrations that larger organisations expect. For rivals, it seems the bar for speed, transparency and distribution has now been nudged a bit higher. For business users, especially in the UK, there is an opportunity to prototype faster while maintaining a clear line of sight on data and permissions (when it rolls out here). For security leaders, the priority is to embed checks in the same workflows that tools like Opal enable, so that velocity and visibility move together rather than in conflict.

What Does This Mean For Your Business?

For Google, the global expansion of Opal signals a growing confidence in the idea that AI-powered app creation can be simplified without losing too much control. It also highlights a clear ambition to (thankfully for many) make natural language the next user interface for software development, i.e. simplifying and democratising software development. Whether that ambition holds depends on how effectively Google can balance accessibility with governance. As more non-developers begin building tools that act on live data, the risk of inconsistency, bias and poor security hygiene rises. That is where the lessons from Black Duck’s research become most relevant. The warning is that automation alone does not guarantee safety, and that speed without embedded checks will always carry hidden costs.

For UK businesses, the wider rollout offers some cautious hope. It shows what could soon be possible for teams wanting to automate small tasks or prototype new ideas without waiting for developer time. However, it’s also a reminder that security, compliance and auditability can’t really be left behind. Firms that already use low-code or AI-assisted systems may now want to consider how no-code tools like Opal might fit within existing frameworks for risk management and data governance. The most successful adopters will likely be those that integrate these tools responsibly, pairing innovation with oversight.

Other stakeholders will also be watching closely – regulators may seek to understand how accountability works when the code itself is generated, while competitors will be under pressure to match Google’s blend of speed and transparency. For users, the immediate value lies in creativity and productivity, but long-term trust will depend on how reliably these mini-apps behave and how safely they handle information. What Opal ultimately represents is a shift towards a more participatory form of software creation, where almost anyone can build, test and share ideas. The challenge now is ensuring that such openness develops alongside the same rigour that businesses and users expect from any other form of technology.

A fake Android VPN app has been caught stealing users’ money by giving hackers full control of their phones.

Researchers discovered the malicious app, Modpro IP TV + VPN (also known as Mobdro Pro IP TV + VPN), spreading through unofficial websites. Once installed, it drops a banking trojan called Klopatra, which has infected over 3,000 devices in Spain and Italy.

Klopatra exploits Android’s Accessibility Services to read screens, capture logins, and move money while users sleep. Apparently, it uses “Hidden VNC” to hide its actions and has evolved through more than 40 versions since March 2025, linked to a Turkish-speaking criminal group.

Experts warn that free VPN and IPTV apps can hide malware or weak privacy controls. Users who sideload apps, i.e. install them outside the Play Store, risk bypassing Google’s protections.

Businesses should block sideloaded apps, keep Android devices updated, and train staff to recognise risky downloads. Also, strong permission policies and mobile security tools remain key to stopping such attacks.

MIT scientists say a new carbon-cement “concrete battery” has advanced dramatically, now storing ten times the energy it did just two years ago.

The Breakthrough Explained

The innovation comes from researchers at the Massachusetts Institute of Technology (MIT), who have been working on what they call electron-conducting carbon concrete, or ec³. This new type of concrete blends cement, water, ultra-fine carbon black, and electrolytes to create a conductive network within the structure. That network allows the concrete itself to store and release energy like a supercapacitor, effectively turning ordinary building materials into energy storage units.

Tenfold Increase In Energy Storage

Their new study, published in the journal Proceedings of the National Academy of Sciences, shows a tenfold increase in energy storage compared with earlier versions. The researchers say they achieved this by refining the electrolyte composition and altering how it is introduced during mixing. The result is a more efficient, denser electrical nanostructure that significantly boosts storage capacity.

Who Developed It and Why?

The work has been led by what’s known as MIT’s Electron-Conducting Carbon-Cement (ec³) Hub and the MIT Concrete Sustainability Hub. Key researchers are reported to include Associate Professor Admir Masic and research scientist Damian Stefaniuk, supported by a multidisciplinary team of engineers and materials scientists.

According to Masic, the vision behind ec³ is not simply to create another battery alternative, but to rethink how existing materials can help solve global energy challenges. For example, as Masic said in MIT’s announcement about the breakthrough, “Concrete is already the world’s most-used construction material, so why not take advantage of that scale to create other benefits?”.

Embedding Storage Into Construction Materials

The motivation to create the battery lies in the growing global need for affordable, sustainable energy storage. For example, as renewable energy sources like solar and wind expand, there remains the problem of what to do when generation stops, e.g. at night, or when the wind is calm. Embedding storage directly into construction materials, therefore, could be a way to help solve this, removing the need for separate battery systems that rely on scarce materials such as lithium and cobalt.

How It Works

Technically speaking, the material that it’s made from functions as a structural supercapacitor rather than a chemical battery. Supercapacitors store energy electrostatically, which means they can charge and discharge rapidly and endure far more cycles than traditional batteries. The carbon black particles form a continuous conductive web throughout the hardened cement, and the electrolyte fills the pores, allowing ions to flow and charge to build up across the internal surfaces.

Used Microscopy Techniques To Design It

This nanonetwork (the tiny, interconnected structure that carries electrical charge) was designed using advanced microscopy techniques at MIT, i.e., powerful imaging tools were used to see materials at the nanoscale. This then revealed a fractal-like (branch-like) web pattern surrounding the pores. Understanding this structure helped the team identify how to adjust the electrolyte to improve charge flow. The team then switched from soaking the concrete in the electrolyte after it hardened to mixing it directly in from the start, ensuring uniform distribution and better conductivity.

Tenfold Improvement in Power

In the team’s 2023 version, about 45 cubic metres of ec³ concrete were needed to store enough energy to power a typical household for one day. However, the new version needs only around five cubic metres, which is the equivalent volume of a single basement wall.

The improved material can now store more than 2 kilowatt-hours per cubic metre, meaning a cubic block the size of a large household refrigerator can power an actual fridge for a day. This level of storage density, while still lower than lithium-ion batteries, represents a major step towards practical, large-scale use.

Built An Arch From It

The MIT team also demonstrated how the technology could function structurally and electrically at the same time by building a small arch made of ec³. The arch supported its own weight while powering an LED light. Interestingly, when weight was added, the LED flickered, suggesting that such structures could also act as self-monitoring sensors, detecting stress or damage in real time.

Potential Uses and Real-World Applications

The most immediate possible uses for this material could include homes and buildings with integrated solar power systems. For example, instead of relying on external battery packs, the building’s own walls or floors could store excess energy for later use.

Beyond buildings, the team envisions roads and car parks capable of charging electric vehicles, pavements that can heat themselves in icy weather, and bridge structures that both bear loads and store renewable energy. In Japan, for example, ec³ slabs have already been used to heat pavements in Sapporo, suggesting possible future roles in cold-climate infrastructure.

As co-author of the research report, James Weaver explained, “By combining modern nanoscience with an ancient building block of civilisation, we’re opening a door to infrastructure that doesn’t just support our lives, it powers them.”

Long-Term Cost and Energy Savings

For developers and facility managers, this technology could offer long-term cost and energy savings. Buildings made from ec³ materials might one day store solar power onsite without additional space or equipment. Large commercial facilities could reduce their reliance on grid energy, avoiding peak-time tariffs.

Manufacturers and contractors may also find new business opportunities in producing and deploying ec³ at scale. If production methods prove cost-effective, this could redefine energy infrastructure for corporate campuses, logistics centres, and industrial sites. The ability to integrate energy storage invisibly into standard construction materials could lower project complexity and improve sustainability credentials for companies focused on ESG goals.

Battery Makers

For now, ec³ is not positioned to replace high-performance lithium-ion batteries. This is because its energy density is still much lower, making it unsuitable for mobile devices or vehicles. However, its potential lies in stationary storage, particularly where space and material costs are already accounted for.

That said, battery firms could see it as complementary rather than competitive, e.g., part of hybrid systems that combine concrete supercapacitors for daily cycling with conventional batteries for bulk storage. The concept challenges the assumption that batteries must always be separate physical units, hinting at a future where storage is embedded in the fabric of our cities.

Environmental and Sustainability Factors

It shouldn’t be forgotten here that cement production is responsible for around 7 to 8 per cent of global CO₂ emissions. For ec³ to be genuinely sustainable, therefore, its energy benefits must outweigh the embodied carbon from cement and the added materials such as carbon black and electrolytes. The MIT researchers argue that multifunctional materials can deliver a net reduction by serving multiple roles, i.e. structural, electrical, and possibly even carbon-sequestering.

There is also the issue of durability – concrete structures often last decades, so the embedded energy system must remain stable over similar timeframes. The MIT team is currently studying how environmental conditions such as moisture, temperature, and mechanical stress affect performance over time.

Not Alone

MIT is not alone in exploring energy-storing construction materials. For example, researchers at Chalmers University of Technology in Sweden have developed a rechargeable cement-based battery using metal electrodes and carbon fibre layers, though its energy density is far lower than ec³’s latest version. Also, a team at Washington University in St. Louis has demonstrated “energy-storing bricks” that use a conductive polymer coating to create supercapacitor-like properties.

These parallel projects point to a wider movement towards multifunctional building materials that blur the line between structure and infrastructure. However, MIT’s progress in scaling up storage capacity and integrating the technology into load-bearing concrete sets it apart.

Challenges and Criticisms

Despite the excitement, experts point to several hurdles that the MIT team still need to address. The material’s energy density remains modest compared with lithium-ion batteries, meaning large volumes are required to store meaningful amounts of power. The use of organic electrolytes such as acetonitrile also raises safety and flammability concerns, especially in residential settings.

Cost and manufacturing complexity are further issues. Producing carbon-rich, electrolyte-infused concrete at commercial scale will demand new supply chains, mixing standards, and quality controls. The economic viability depends on achieving costs comparable to conventional concrete, something that remains uncertain.

Critics also note that while supercapacitors excel at rapid charging and long life, they generally suffer from self-discharge and limited total storage time. The MIT team will need to demonstrate consistent long-term performance before industry adoption can begin.

For now, the research remains at laboratory and small-prototype scale, but the tenfold leap in capacity is a meaningful milestone. If the next steps confirm durability, cost efficiency, and safety, the humble concrete block could become one of the most unexpected innovations in sustainable energy to date.

What Does This Mean For Your Organisation?

If proven reliable and scalable, this breakthrough could reshape how the built environment contributes to global sustainability targets. Embedding energy storage directly into the concrete of homes, offices, and transport infrastructure would mean that the same materials already used in construction could also support renewable energy systems, lowering costs and improving resilience. The practical implications extend far beyond academia, giving architects, engineers, and developers a new tool to design buildings that generate, store, and use power autonomously.

For UK businesses, the potential lies in efficiency and reputation. Construction firms and materials suppliers could benefit from being early adopters of multifunctional concretes that reduce carbon impact and add operational value. Facilities managers could also gain from a future where energy-storing walls or car parks reduce dependence on grid supply and shield companies from fluctuating electricity prices. As sustainability reporting becomes a central requirement for both investors and regulators, technologies like ec³ could offer measurable advantages in meeting ESG and net zero commitments.

Governments and regulators are likely to be very interested in this energy storage idea. For example, the possibility of embedding large-scale energy storage into existing infrastructure aligns well with national energy transition goals, but it also raises questions about building codes, safety standards, and lifecycle performance. Clear regulation and industrial partnerships would be needed before ec³ can move from prototype to construction site. Battery manufacturers, meanwhile, will need to assess whether to compete or collaborate. For many, hybrid systems combining traditional battery units with concrete-based supercapacitors could prove to be the most viable commercial path.

From a sustainability standpoint, the real test will come when energy gains are balanced against embodied carbon costs. Cement’s emissions footprint remains substantial, and researchers must demonstrate that the functional value of ec³ outweighs that environmental cost. Even so, the concept of a building material that can both support and store power captures a rare intersection of practicality and vision. If MIT’s concrete battery continues to perform as projected, it could help redefine how energy storage, architecture, and sustainability intersect in the decades ahead.

Get back to basics with this simple six point formula for creating effective prompts. This video tutorial gives a simple, usable framework to help you get the most out of your AI.

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Need a quick way to communicate an idea, instruction, or point, or just send a basic sketch map? Use Outlook’s “Draw” feature to sketch your thoughts and enhance communication with visual aids, simplify complex ideas, speed up communications, and add a personal touch.

How to Use:

– Open a new email or reply.
– Click the “Draw” tab.
– Select a pen, pencil, or highlighter.
– Draw or sketch your message.

Bonus: The recipient can click on the sketch and download it, allowing them to save, edit, or share the visual content, ensuring they have a clear understanding and can reference it later.

Tips:

– Use different colours and line weights.
– Erase or delete drawings as needed.
– Combine drawings with text.

Give it a try and see how drawing in Outlook can boost your communication!

OpenAI has reportedly reached a $500 billion valuation after completing a $6.6 billion secondary share sale involving current and former employees.

Share Sale

The transaction, finalised on 2 October, allows OpenAI workers and alumni to sell their equity stakes to a group of institutional investors including Thrive Capital, SoftBank, Dragoneer Investment Group, Abu Dhabi’s MGX, and T. Rowe Price. The valuation, based on the deal pricing, makes OpenAI the most valuable privately held company in the world, thereby even overtaking Elon Musk’s SpaceX.

What The Transaction Involved

Unlike a traditional fundraising round where capital is injected into the business, this was a secondary share sale, meaning the money went directly to eligible employees and former employees who had held equity for at least two years. The move provided liquidity without OpenAI going public, while still attracting long-term investors to increase their exposure.

Up To $10.3 Billion

OpenAI had reportedly authorised up to $10.3 billion worth of stock for sale, though around two-thirds of that was ultimately sold. According to various reports, e.g. by the likes of Bloomberg and CNBC, the lower participation rate is being viewed internally as a sign of confidence in the company’s future, with many employees choosing to hold onto their equity at the new, higher valuation.

Second Of Its Kind This Year

This is the second major employee-focused share sale OpenAI has conducted in under a year. For example, a previous deal in November 2024 saw SoftBank purchase around $1.5 billion of stock from OpenAI employees.

Why It Matters And Why Now

The $500 billion valuation represents quite a significant increase from OpenAI’s last primary funding round in early 2025, which raised $40 billion at a $300 billion valuation. Many of the same investors returned for the latest deal, thereby appearing to reinforce their commitment to the company’s long-term growth.

The timing appears to reflect multiple overlapping objectives for OpenAI. For example:

Keeping hold of top AI talent, as companies like Meta and Google DeepMind continue to offer extremely high salaries to attract researchers. Meta reportedly hired at least seven senior OpenAI engineers earlier this year, with offers reaching into nine figures.

Giving employees a way to cash out some of their shares without OpenAI having to go public. Other large tech firms like Stripe, Databricks, and SpaceX have used similar share sales to reward staff while staying private.

Showing that investors are still backing the company, even at a much higher valuation than earlier this year. The sale actually gives OpenAI a fresh benchmark and highlights continued demand from long-term backers as it pushes ahead with major infrastructure plans.

Growing Fast But Spending Aggressively

Even though OpenAI is currently growing fast, it is also spending aggressively. For example, the company reported $4.3 billion in revenue in the first half of 2025 alone, but is also understood to have burned through $2.5 billion in cash over the same period.

It’s worth noting that much of this is being invested in the systems and infrastructure needed to run and train its AI models at scale. OpenAI has reportedly committed to spending $300 billion over five years on Oracle cloud services, and recently signed a letter of intent with Nvidia for an even larger strategic deal. According to Nvidia CEO Jensen Huang, the partnership will involve building 10 gigawatts of AI infrastructure capacity and could be worth up to $100 billion.

These numbers are unmatched by any other AI company and significantly exceed OpenAI’s current revenues and reserves. However, the scale of the infrastructure plan is seen as necessary if the company is to maintain its lead in large language models, video AI (such as the recently launched Sora 2), and enterprise platform offerings.

Microsoft, Governance, And Control

The share sale comes shortly after OpenAI announced a non-binding memorandum of understanding with Microsoft, its largest strategic partner, to support the company’s proposed conversion into a Public Benefit Corporation (PBC). If approved, this would move OpenAI’s for-profit operations into a new corporate structure in which its original non-profit would hold a controlling stake and retain final say on its mission and direction.

Chairman Bret Taylor described the change as a way to preserve OpenAI’s founding principles while enabling long-term commercial success. As he wrote in a public statement, “OpenAI started as a nonprofit, remains one today, and will continue to be one”. It seems that the new structure is designed to align the business’s growth with public-interest goals, but the transition still needs to be ratified by regulators and stakeholders, and is not yet legally confirmed.

This uncertainty means the governance model remains a point of concern for some observers. In particular, it raises questions about investor rights, accountability, and how decisions are made when commercial and ethical priorities diverge.

Competitors

The valuation is bound to send a strong message to the broader AI sector. For example, at $500 billion, OpenAI is now worth more than SpaceX, and far ahead of rivals such as Anthropic, xAI, Cohere, and Mistral. While this provides a benchmark for others raising capital, it’s also likely to intensify pressure across the market.

Clearly, companies building competing foundation models now face an even more aggressive funding environment. Talent retention and access to compute resources are already competitive, and OpenAI’s ability to reward employees with liquidity and attract deep-pocketed investors could make those gaps wider.

At the same time, other AI players may benefit from investor interest spilling over. Several large funding rounds have taken place in 2025 already, and OpenAI’s valuation may increase attention on smaller but promising firms developing more specialised or safety-focused models.

Business Users And Partners

For enterprise users of OpenAI’s product, including ChatGPT Enterprise, the API platform, and integrations via Microsoft Azure, the sale is more than symbolic. For example, if infrastructure build-outs proceed as planned, customers could see faster development of new model capabilities, better service availability, and reduced latency. The ongoing partnerships with Microsoft and Oracle also suggest continued alignment between OpenAI’s roadmap and enterprise delivery platforms.

However, the sheer scale of OpenAI’s commitments and its growing dependence on just a few suppliers and investors looks likely to introduce complexity. Many of its largest deals now involve overlapping roles. For example, Nvidia is both a supplier of hardware and a major investor, while Microsoft is both a partner and a platform.

This has already attracted attention from regulators concerned about market concentration and fair access to compute. Antitrust scrutiny of vertical integration in AI is increasing, particularly in the US and Europe.

Benefits And Tensions

Of course, the share sale offers immediate financial benefits to those who helped build OpenAI in its early stages. For example, many current and former employees have now been able to realise part of their equity gains without waiting for an IPO.

For investors, the transaction provides greater access to a company widely seen as the frontrunner in general-purpose AI. SoftBank, Thrive Capital, and other returning backers have all increased their exposure despite the steep rise in valuation since earlier in the year.

Strategic partners also stand to gain from closer alignment. Microsoft, in particular, stands to benefit from continued integration of OpenAI’s models across its Azure cloud services, Office products, and developer tools.

That said, many challenges remain. For example, the company’s rapid growth, mounting costs, structural complexity, and competition for talent all present ongoing risks. With no confirmed path to IPO, and no public financial statements, some analysts are also questioning how sustainable a $500 billion valuation will prove if revenue growth slows or infrastructure plans are delayed.

Others have also highlighted the potential conflict between mission and commercial goals, especially as the company works to convert its structure while navigating regulatory and competitive headwinds.

What Does This Mean For Your Business?

OpenAI’s record-breaking share sale and resulting valuation are likely to send a clear message to investors, rivals, regulators, and customers alike. At $500 billion, the company is now operating at a scale where its decisions carry weight well beyond the AI sector. While the transaction did not raise new capital for OpenAI directly, it has strengthened relationships with major long-term investors, helped reward and retain key staff, and established a new private market benchmark that will likely influence how other companies in the space are valued and funded.

The scale of the valuation is also likely to shape expectations, particularly around delivery of OpenAI’s ambitious infrastructure commitments and the pace of future product development. The company is positioning itself as a central player in the next wave of general-purpose computing, but its ability to deliver depends heavily on partnerships that now blend commercial, financial, and strategic interests in complex ways. That convergence may enable faster execution, but it also increases the concentration of influence and raises questions about resilience and independence.

For UK businesses, the implications are already being felt. For example, many are now embedding OpenAI-powered tools into internal workflows, customer services, and development environments via Microsoft Azure, GitHub Copilot, or ChatGPT Enterprise. As OpenAI expands its model range and infrastructure footprint, UK firms could benefit from improved access, better availability, and deeper integrations with mainstream business software. However, they also face growing dependencies on a relatively narrow set of providers. With regulators in both the UK and Europe now examining the market power of foundation model developers, these relationships may soon come under greater scrutiny.

What comes next will depend not just on OpenAI’s growth but also on how it navigates governance reform, revenue pressure, regulatory demands, and increasing competition from well-funded challengers. The share sale has delivered liquidity, signalled strength, and reinforced investor appetite, but it also raises the stakes. As the company continues to scale, each strategic decision is likely to face greater scrutiny, both from those building with its tools and those watching what its influence means for the wider market.

BT has committed to delivering full 5G Standalone coverage to 99 per cent of the UK population by the end of the decade, laying out a detailed plan that raises pressure on rivals and calls for regulatory support to finish the job.

Announced At Connected Britain 2025

BT’s announcement came during Connected Britain 2025 (a UK telecoms and connectivity conference), where the company’s chief security and networks officer Howard Watson confirmed that its mobile division EE is targeting 99 per cent population coverage for what it now brands “5G+” by 2030. The goal, Watson said, puts EE at least four years ahead of rival networks.

“To make the benefits of this technology clearer for customers, we’ll use the term 5G+ rather than the technical industry shorthand 5G SA or 5G Standalone,” he wrote in a company blog published the same week. “It’s the same game-changing network, but in language that’s simple and relatable.”

Aligns With Government’s Ambition

The commitment aligns with a UK government ambition, first outlined in 2023, for Standalone 5G in all populated areas by 2030. However, BT made clear that achieving this level of nationwide service would depend on cooperation from ministers to speed planning decisions, reduce costs, and improve access to spectrum.

Speaking at the same event, BT Group CEO Allison Kirkby described the telecoms sector as facing “peak government-inflicted costs” due to high spectrum licence fees, business rates and compliance charges. She called for reforms to enable faster and more cost-effective mobile infrastructure deployment.

What Is “Standalone 5G” And Why Does It Matter Now?

Unlike the earlier wave of 5G services launched across the UK, which used 5G radio access layered onto legacy 4G infrastructure, Standalone 5G (or 5G SA) uses a fully independent 5G core. This delivers significantly lower latency, better uplink performance, and allows for network slicing, which is a method of reserving parts of the network for critical services such as emergency communications, remote surgery, or live industrial control.

Voice over 5G (also known as VoNR, or Voice over New Radio) is another key feature. EE has already rolled this out on compatible handsets, allowing calls to remain on the 5G network instead of switching down to 4G or 3G.

100 Times More Capacity Than 4G

Watson said EE’s 5G+ network has been engineered to deliver up to 100 times more capacity than 4G, unlocking bandwidth for high-traffic areas such as city centres, stadiums and transport hubs.

In terms of progress, it seems that by August 2025, EE had already crossed the halfway mark, with Standalone 5G covering more than 34 million people. That number is expected to rise to over 41 million by spring 2026, with new cities added each quarter. EE only declares a location “live” once its outdoor coverage exceeds 95 per cent, a move the company says ensures a more reliable user experience.

The Technology Behind It

BT’s 5G+ plan relies on three major infrastructure changes, which are:

1. EE has deployed more than 1,500 outdoor small cells across the UK, including 500 in the past 12 months alone. These units improve coverage and capacity in busy or difficult-to-serve areas by offloading traffic from macro base stations.

2. The company is rolling out Ericsson’s AIR 3284 radio units, which support triple-band FDD (frequency division duplexing) and massive MIMO (multiple-input, multiple-output) capability. These radios are the first of their kind in Europe and offer four times greater uplink capacity than standard 5G radios, making them particularly useful for business applications involving video upload, conferencing, and real-time data feeds.

3. EE is using Advanced RAN Coordination (ARC), a new Ericsson system that allows base stations up to 50 kilometres apart to share capacity dynamically. According to BT, this has improved average download speeds by up to 20 per cent in test locations.

The company says hundreds more high-capacity radio units and coordination nodes will be deployed before 2030.

Competition

BT’s announcement comes amid growing competitive pressure in the UK mobile market. For example, Virgin Media O2 (VMO2) claims to have the UK’s largest 5G SA network, now reaching over 70 per cent of the population, and recently unveiled its first “Giga Site” in Paddington, combining low, mid and high band spectrum with dual-band Nokia massive MIMO. The company says the site is capable of delivering more than 10 Gbps throughput, and it plans to build 1,000 more across the country during 2026.

Meanwhile, Vodafone and Three completed their merger in June, forming VodafoneThree, which has pledged £11 billion in investment over the next ten years to deliver one of the most advanced mobile networks in Europe. This includes upgrades to support Standalone 5G and spectrum sharing across the newly combined business.

BT’s 99 per cent target is, therefore, not just an infrastructure roadmap, but is also designed to send a strategic signal to customers, investors and government that the company intends to retain a leadership position in UK mobile quality.

What Makes 5G SA So Different?

For consumers, the benefits of 5G SA are likely to be most visible in terms of more consistent service, reduced latency, and fewer signal dropouts in busy locations. For example, faster call setup times using VoNR and fewer video buffering events are some of the everyday improvements EE expects to deliver.

However, for business customers, the advantages are more substantial. For example, network slicing can provide guaranteed quality of service for critical applications, while improved uplink performance supports use cases such as remote diagnostics, live video monitoring, and industrial automation.

It’s worth noting here that EE has already trialled network slicing in some public settings, including at Belfast’s Christmas Market in 2023, where a dedicated slice ensured that payment systems remained reliable during peak visitor hours.

BT is also keen to highlight the role 5G SA could play in transforming public services, especially in transport. For example, railways and remote areas have long posed challenges for mobile coverage due to signal obstructions and infrastructure limitations. BT says targeted interventions, such as using smart coordination, small cells and new spectrum, will be required to solve these persistent gaps.

What Needs To Happen For The 2030 Target To Be Met?

While BT says it does not require direct subsidies to hit its 99 per cent target, it argues that the final stages of rollout will be difficult without regulatory support. The company is, therefore, calling on the UK government to:

– Reform planning rules to make it easier and faster to deploy infrastructure.

– Increase spectrum availability, especially in high-demand frequency bands.

– Remove or reduce annual spectrum licence fees, which BT says penalise operators for ongoing investment.

BT also wants regulators to take a more active role in addressing persistent coverage gaps along rail corridors, coastlines and other difficult environments.

Without these changes, the risk is that operators focus investment in profitable urban zones, while rural and hard-to-reach areas are left behind.

Challenges and Objections

Covering the last few per cent of the population is expected to be the most difficult and expensive part of the rollout. For example, rural areas often require long backhaul connections, more masts per user, and careful navigation of local planning restrictions.

Planning objections to new masts or small cells can also delay urban densification, where building height rules and community resistance frequently limit placement.

Device support is another potential issue. While most flagship smartphones now support Standalone 5G, it should be noted that not all models do, and ensuring features like VoNR and slicing work reliably across different hardware and software environments adds complexity for both operators and enterprise customers.

There is also some scepticism from some users who feel that previous 5G announcements have overpromised and underdelivered. Indeed, it seems that independent benchmarking studies have repeatedly found UK 5G performance to be well below that of other European countries. In this context, EE’s decision to rebrand its network as “5G+” rather than simply “5G SA” is likely an attempt to distance the new offer from earlier disappointments.

Even so, rivals are unlikely to stand still. For example, Virgin Media O2 continues to expand its footprint and spectrum holdings, having recently acquired 78.8 MHz of additional spectrum from Vodafone. VodafoneThree, with its larger combined scale, is also expected to accelerate deployments and extend its reach into rural regions.

What Does This Mean For Your Business?

Delivering 5G Standalone to 99 per cent of the UK population by 2030 would represent a major upgrade in national mobile infrastructure, with clear practical benefits for users and businesses alike. For companies relying on fast, low-latency connections to run logistics systems, cloud platforms or video services, the ability to access reliable standalone 5G in more locations could support better performance, more automation and greater service resilience.

For BT, the 99 per cent target seems to set out a clear intention to lead on mobile quality and capacity, not just coverage. The wider deployment of high-performance radios, small cells and core upgrades also gives the company a way to differentiate itself from rivals and reinforce its role in supporting essential digital services. For the government, the message is that planning delays, spectrum costs and regulatory friction are now a real constraint on further progress. If ministers want mobile operators to finish the job in rural areas, rail corridors and harder-to-reach environments, those barriers will need to be addressed.

That said, the challenges are still pretty substantial. For example, extending full standalone coverage to the last few per cent of the population will require continued investment, cooperative local planning, and more progress on handset compatibility across different devices.

OpenAI has launched Sora 2, a powerful new AI model for generating realistic video and audio, alongside a companion app called Sora that functions as a short-form video platform in the style of TikTok.

Cameos

The app, now live in the US and Canada, allows users to create, share, and remix AI-generated videos featuring themselves and their friends through a feature called “cameos”.

OpenAI’s Move Into Social Apps

This marks OpenAI’s most significant step yet into the consumer social media space. While its ChatGPT platform has seen widespread adoption for productivity, the launch of the Sora app brings the company into direct competition with TikTok, Instagram Reels, and Meta’s new “Vibes” AI video feed.

Makes Short, Realistic Videos

The Sora app, available now for iOS on an invite-only basis, is designed around the idea of co-creation. For example, users can ask (prompt) Sora 2 to generate short, realistic videos with audio, then choose to insert themselves or others into the scenes using cameos. A one-time video and audio recording is required to activate this feature, verifying both identity and likeness.

Once uploaded, users can choose who may include their cameo in videos and revoke permission at any time. OpenAI says the app is designed to prioritise creativity and collaboration, rather than passive consumption. “We think a social app built around this ‘cameos’ feature is the best way to experience the magic of Sora 2,” the company stated in its launch blog.

What Can Sora 2 Do?

Sora 2 builds on the original Sora model released in February 2024, offering major improvements in physical realism and control. For example, the system now better obeys the laws of physics and can simulate complex multi-step actions, such as backflips, Olympic gymnastics, and buoyancy-based movements. It can also handle failure more realistically. For example, as OpenAI explains, “In Sora 2, if a basketball player misses a shot, it will rebound off the backboard,” thereby contrasting with earlier models that might teleport the ball into the hoop to satisfy a prompt.

The model can also generate sound effects and dialogue that synchronise with the visuals, and it supports different styles such as cinematic or anime. Sora 2 is also better at keeping things the same from one part of a video to the next, so people, objects, and scenes look consistent and don’t suddenly change or disappear.

Crucially, Sora 2 allows direct injection of real-world people or objects into generated videos. This is the basis for the cameos feature, which lets users appear in AI videos with recognisable facial likenesses and voices after completing the verification process.

A Social App Built Around AI Creativity

Inside the Sora app, users can browse a TikTok-style vertical feed where all content is generated by Sora 2. The feed’s algorithm is powered by OpenAI’s own language models and incorporates user activity, location, and engagement signals. Users can opt out of sharing data from their ChatGPT history, and parental controls allow for the disabling of infinite scroll, personalisation, and direct messaging.

The Sora feed has a different set of priorities than many existing social platforms. For example, according to OpenAI, the app has been explicitly designed to maximise creativity over time spent. Videos from friends or creators users have interacted with are prioritised, and content is recommended based on what the system believes users may want to remix or be inspired by.

OpenAI is also keen to highlight the fact that many early testers inside the company described the experience as a new way to communicate, i.e. beyond texts, emojis, and even voice notes. As the team says, “We all had a blast with it. It kind of felt like a natural evolution of communication”.

Safety And Moderation

It should be noted that the app includes several layers of moderation and safety, particularly around the use of likenesses, minors, and synthetic content. Videos with cameos include visible watermarks and embedded provenance data using C2PA standards. Also, only users with explicit permission can create content featuring another person’s cameo, and content involving under-18s is subject to stricter controls.

OpenAI says that a dedicated moderation team will review flagged videos, especially in cases involving bullying or misuse of likeness, and that it has developed a “new class of recommender algorithms” that can be instructed via natural language and will regularly poll users about their wellbeing to inform feed adjustments.

Reassuringly, it seems that parents will also have access to management tools via ChatGPT’s parental control features, which allow them to restrict viewing time and disable certain app capabilities.

Growing Interest

Despite being invite-only, the Sora app quickly topped the iOS App Store in the US following launch. According to Appfigures, it saw around 164,000 downloads in its first two days, suggesting strong early interest in AI-generated social video.

For individual users, the draw is clear, i.e. Sora offers a fast, no-equipment way to create and share realistic, creative videos. For businesses, Sora 2 may open up new workflows for marketing, campaign testing, training content, and generating creative ideas, all using synthetic media that’s watermarked and traceable.

It’s no surprise, therefore, that the model is already being explored for potential commercial uses. With this in mind, ChatGPT Pro users can access a higher-quality version called Sora 2 Pro on sora.com, and an API is planned, which would allow integration with third-party tools and platforms.

However, the move into social territory has also brought new scrutiny. Deepfake concerns, synthetic voice misuse, and intellectual property violations are all emerging challenges. OpenAI has already faced criticism from rights holders about the model’s ability to generate copyrighted characters or likenesses without permission. CEO Sam Altman recently responded on X (formerly Twitter), saying the company will move towards an opt-in model for characters and explore revenue sharing with rights holders.

Competitors And The AI Market

By launching its own social platform, OpenAI is taking a risk by entering a space dominated by highly entrenched players. That said, even though Meta’s “Vibes” feed, launched a week earlier, performs similar functions inside its Meta AI app, Sora goes further by integrating first-party video generation with a standalone app, a social graph, and content provenance controls.

Google is also moving rapidly in this space with Veo 3, which may bring advanced video generation tools to YouTube. However, OpenAI’s decision to bundle generation, remixing, social sharing, and personalised feeds into one app gives it a distinct early advantage.

Some would say, however, that the bigger prize here is data. For example, with Sora, OpenAI can gain access to a stream of video-based user interactions that could help refine future models, and reinforce its competitive position in the multimodal AI arms race.

Criticisms And Limitations

Although OpenAI has taken steps to address known risks, the Sora app is not without controversy. For example, some experts have raised concerns about likeness abuse, moderation gaps, and legal grey areas around synthetic content. Others are questioning whether the app’s feed algorithm, even if not optimised for time spent, could still encourage addictive behaviour.

Questions have also been raised about monetisation. For example, OpenAI says the app is free for now and that the only current revenue plan is charging for extra video generations during high demand. However, given the costs involved, a longer-term model will be needed. Sam Altman has indicated that monetisation will be transparent and designed to align with user wellbeing, but the details remain unclear.

As with other AI content tools, regulatory challenges will likely follow. For example, EU regulators, privacy watchdogs, and copyright bodies are expected to monitor Sora closely, especially if it expands into new regions or gains widespread use among teens and creators.

What Does This Mean For Your Business?

What happens next will depend on how well OpenAI manages the tensions between innovation, safety, and long-term sustainability. Sora has been built to showcase Sora 2’s technical strengths, but its future will depend just as much on how responsibly it operates as a platform. The company’s decision to emphasise provenance, permissions, and moderation from the outset suggests it has learned from previous criticism, but the real tests will come as usage scales and more complex edge cases arise.

For UK businesses, Sora introduces a fast, low-friction way to prototype video content, develop ideas, and test audience engagement using synthetic media. Creative agencies, marketers, educators and internal comms teams may all find practical value in exploring what this kind of AI generation can offer. That said, legal departments, compliance leads and brand managers will need to engage early. Controls around likeness, IP, and data use must be fully understood before models like Sora 2 are deployed commercially, especially in regulated sectors.

Broadly speaking, this release positions OpenAI not just as a model developer but as a direct provider of consumer experiences. This puts it on a collision course with existing social media and content platforms, and means its moderation policies, data practices and monetisation plans will face far more public and regulatory scrutiny. If OpenAI can maintain trust while building momentum, Sora could redefine how people create and interact with video. If not, it risks repeating the mistakes of the platforms it seeks to improve upon.

The UK government has reportedly issued a fresh order instructing Apple to enable access to encrypted iCloud backups for British users, narrowing an earlier demand that had sought global access.

The New Order

According to reports in the Financial Times, the Home Office served Apple with a new Technical Capability Notice (TCN) in early September requesting a mechanism to access encrypted cloud backups for UK citizens. TCNs are formal notices issued under the Investigatory Powers Act 2016, a law that grants UK authorities the power to compel technology companies to make technical modifications to support lawful access to data.

The September notice reportedly differs from an earlier version issued in January by limiting the demand to British users only. The original order had requested access to encrypted iCloud data for users globally. At the time, that broader approach prompted some diplomatic and legal pushback, particularly from the United States.

How This One Differs From January’s Demand

The first TCN issued by the UK government sought a capability to unlock encrypted iCloud backups for any Apple user, regardless of nationality, if the user had enabled Apple’s Advanced Data Protection (ADP) feature. ADP is an optional setting that allows iCloud backups and other key data to be protected with end-to-end encryption, meaning not even Apple can decrypt the data.

That earlier order triggered an international dispute, with senior figures in the US government accusing the UK of overreach. In August, US Director of National Intelligence Tulsi Gabbard told the FT that the UK had “agreed to drop” its demand that would have affected US citizens’ protected data.

This latest September order appears to be a UK-only version that avoids direct infringement on US users’ rights, but the technical implications are still contested.

Apple’s Position

Apple has repeatedly rejected the idea of building a backdoor into any of its systems. For example, as the company said in a statement responding to the latest reports: “As we have said many times before, we have never built a back door or master key to any of our products or services and we never will”.

Blocked

Since February, Apple has actually blocked new users in the UK from enabling Advanced Data Protection, and has said existing users will eventually be required to disable it to continue using iCloud. A company support page confirms that ADP remains unavailable in the UK, although it is still offered in other regions, including the US and the EU.

ADP expands the categories of iCloud data protected by end-to-end encryption from 14 to 23, e.g. covering device backups, Photos, Notes and more. Without it, Apple holds the encryption keys, allowing the company to comply with valid legal requests for data access. With ADP, only the user has the key, and data can only be decrypted on that user’s trusted devices.

What The Home Office Says

The Home Office has not confirmed the existence of the order. In a statement, a government spokesperson said: “We do not comment on operational matters, including, for example, confirming or denying the existence of any such notices. We will always take all actions necessary at the domestic level to keep UK citizens safe.”

In reality, UK officials have consistently argued that encrypted technologies (and apps) can obstruct investigations into serious crimes, terrorism, and child sexual abuse, and that investigative capabilities must evolve in line with technological change.

The Legal Process And The Secrecy Fight

Apple has challenged aspects of the January TCN through the Investigatory Powers Tribunal (IPT), which is a specialist UK court that hears complaints about surveillance powers. In April, the IPT ruled against the Home Office’s attempt to keep the proceedings entirely secret, confirming Apple as the complainant and the Home Secretary as the respondent.

Campaign groups including Privacy International and Liberty have also mounted linked legal challenges, arguing that forcing Apple to weaken its encryption undermines users’ privacy and security. Those cases were due to be heard early next year, but the revised September order may now restart parts of the legal process.

Why This Is So Contentious (In Technical Terms)

End-to-end encryption ensures that data is only readable by the intended user. Critics of the UK’s approach say any attempt to introduce a backdoor, no matter how narrowly defined, undermines this principle and creates a new vulnerability. The point made by many critics is that if Apple breaks end-to-end encryption for the UK, it essentially breaks it for everyone and the resulting vulnerability could simply be exploited by all manner of bad actors, e.g. hostile states, cybercriminals and more.

Technical experts also argue that encryption systems can’t be designed with selective access for law enforcement without also weakening defences against broader threats. This has been a long-standing argument in the encryption debate, and is echoed by cryptographers, industry bodies and digital rights advocates.

The US Dimension

The earlier global demand strained relations between the UK and US governments. For example, key figures in President Trump’s administration, including Vice President JD Vance and DNI Tulsi Gabbard, reportedly urged the UK to abandon the request, warning that it could compromise data belonging to US citizens and damage transatlantic privacy agreements.

Also, during President Trump’s state visit to the UK in September, technology cooperation and investment were key topics. Around the same time, two US officials reportedly raised the Apple issue again. However, it’s been reported (by the FT) that the US is no longer pressuring the UK to rescind the latest order, which is most likely due to its narrowed scope.

Users

For now, UK users can’t newly enable Advanced Data Protection and those who already had it enabled before February are expected to lose access to the feature in the coming months. Apple has not set a public deadline, but its statement suggests existing users will eventually need to disable ADP to continue using iCloud services.

As noted earlier, the feature is actually designed to protect user data such as device backups, messages, photos, and documents, all of which are frequently targeted in data breaches. For example, when launching ADP, Apple cited industry research showing that global data breaches exposed more than 1.1 billion records in 2021, with personal data the most common target.

According to Apple’s own security whitepaper, even without ADP, iCloud still uses strong encryption standards and safeguards, but the ability for Apple to decrypt data under lawful request remains. In fact, with ADP enabled, Apple itself can’t access the data, even if compelled by authorities.

Reactions

Privacy groups have condemned the new order as a dangerous precedent. For example, Liberty and Privacy International have both warned that undermining encryption could affect not just privacy but also national security, by creating a mechanism that could be exploited by hostile states and criminal networks.

The UK’s data and security sectors have also expressed concerns that these policies could make the UK less attractive for tech investment. Also, companies required to disable privacy features in one country may be less willing to roll out services there, or may find it harder to meet customer expectations around security and compliance.

How It’s Being Framed

That said, the UK government continues to argue that TCNs are an essential part of modern law enforcement. For example, the Investigatory Powers Act, which came into force in 2016 and is sometimes referred to as the “Snoopers’ Charter” by critics, enables agencies to issue notices requiring companies to maintain technical capabilities to support interception, access, or decryption of data when authorised by a warrant.

Supporters of the law argue that it brings transparency and legal oversight to digital investigations. Opponents, however, say it gives the state too much power to interfere with private systems and sets dangerous global precedents. It’s worth noting here that the UK is one of only a few democracies that can legally issue binding demands to alter product security design.

What Does This Mean For Your Business?

It could be said that the revised order is a tactical retreat rather than a change of position. For example, by narrowing its demand to apply only to British users, the UK government has stepped back from the diplomatic tensions caused by its earlier global request, but the core issue remains basically unchanged. At the heart of this case is whether it’s technically and ethically possible to give law enforcement selective access to encrypted data without weakening protections for everyone.

For UK businesses, the implications are not just theoretical. A climate where privacy features are disabled or restricted by law could make the UK a less competitive market for privacy-conscious users and global technology providers. If firms like Apple are required to re-engineer core security features for one jurisdiction, others may follow suit or withdraw certain services altogether. This not only risks fragmenting digital service offerings but also complicates compliance strategies for businesses handling sensitive customer data.

For campaigners and civil society groups, the revised notice confirms their fears that UK authorities are continuing to seek access to encrypted systems by design. Their argument, echoed by technologists, is that any backdoor (even if limited to one region) introduces a broader vulnerability. Once a system can be compromised by one party, it is inherently more exposed to exploitation by others, whether state-sponsored attackers or criminal groups.

From Apple’s perspective, enabling a backdoor anywhere sets a precedent everywhere. The company has positioned itself as a defender of user privacy and security, and any concession in the UK could undermine that stance globally. Its refusal to offer even a limited workaround suggests it sees this issue not as a local policy dispute but as a line it is unwilling to cross.

Whether or not the Home Office ultimately enforces the order, this case highlights the ongoing tension between national security objectives and the technical realities of encryption. It also raises difficult questions about sovereignty in the digital age, specifically, to what extent one country can demand changes to global technologies that affect millions of users.

The Investigatory Powers Tribunal proceedings and linked legal challenges now take on renewed importance. With the order revised but not withdrawn, courts and campaigners will be watching closely to see how far the UK is willing to go to enforce access, and whether Apple is willing to comply. What happens next will shape the limits of lawful access not just in Britain, but in democratic societies worldwide.

Microsoft has launched a single unified Marketplace bringing together Azure Marketplace and AppSource, offering a central location for cloud services and AI applications integrated directly into the Microsoft ecosystem.

One Destination For AI And Cloud Procurement

On 25 September 2025, Microsoft announced the launch of Microsoft Marketplace, a new platform designed to simplify the way organisations discover, purchase, and deploy software across Microsoft’s cloud services. By combining the previously separate Azure Marketplace and Microsoft AppSource into a single platform, the company aims to give customers a more seamless experience for accessing both Microsoft-built and third-party solutions.

Trusted Source

According to Microsoft, the new Marketplace serves as a “trusted source for cloud solutions, AI apps and agents” that integrates directly with Microsoft Cloud offerings including Azure, Microsoft 365, Dynamics 365, Power Platform, and Microsoft Security.

Supports “Frontier Firms” Idea

The catalogue includes tens of thousands of listings across categories such as data and analytics, productivity and collaboration, and a range of industry-specific solutions. Microsoft says the launch supports its vision of enabling more organisations to become “Frontier Firms”, which is a term it uses to describe businesses that blend AI-driven tools with traditional work to accelerate innovation.

A Focus On AI Agents And Rapid Deployment

A key new component of the Microsoft Marketplace is the AI Apps and Agents category. This area of the Marketplace features more than 3,000 AI tools, including well-known Microsoft offerings like Microsoft 365 Copilot and Azure AI Foundry, alongside partner-developed applications. These agents are designed to automate tasks, enhance decision-making, and unlock operational efficiency across business functions.

Microsoft actually claims these tools can now be provisioned and deployed in under a minute! For example, Siemens, one of the launch partners, stated that it reduced AI app configuration times from 20 minutes to just 1 minute per instance using the Marketplace. The company also reported an eightfold increase in customer adoption through the new platform.

To make it easier for businesses to integrate AI into existing workflows, the new Marketplace also embeds selected solutions directly within Microsoft products. For example, Copilot agents are now accessible within the Microsoft 365 experience via an integrated Agent Store, while Teams apps, Azure models, and other tools are available in context where users work.

Streamlining Governance And Spending Management

Microsoft has positioned the Marketplace as a governance-friendly solution. This appears to be because all deployments are managed through a customer’s existing Microsoft Cloud environment and, therefore, IT teams can retain control over access, security, and compliance. Applications and agents installed from the Marketplace follow the organisation’s configured policies, helping to ensure consistency across teams and departments.

This integrated experience may be particularly important for organisations with pre-agreed Microsoft Azure Consumption Commitments (MACCs). Microsoft confirmed that any eligible purchases made through the Marketplace continue to count towards these commitments, allowing finance and procurement teams to optimise spending without risking overspend or compliance issues.

New Commercial Routes For Partners And ISVs

For Microsoft’s partner ecosystem, the Marketplace also opens new sales and distribution channels. For example, the company has expanded integration with major distributors such as Arrow, Crayon, Ingram Micro, Pax8 and TD SYNNEX, enabling them to embed Microsoft Marketplace listings into their own offerings.

Microsoft has also introduced a new feature called “resale enabled offers”, currently in private preview, which allows independent software vendors (ISVs) to authorise their partners to sell Marketplace listings on their behalf through private offers. This model aims to support co-selling strategies and increase the reach of third-party solutions.

According to Nicole Dezen, Microsoft’s Chief Partner Officer, more than six million people visit Microsoft Marketplace every month, and the number of customers purchasing AI products through the platform has recently doubled.

Strategic Context And Timing

The launch of the unified Marketplace is really part of Microsoft’s wider commercial strategy to embed AI into the core of enterprise operations, reduce procurement complexity, and support channel growth. It also arrives at a time when Microsoft is restructuring internally to put greater emphasis on AI execution and developer platforms.

By consolidating its marketplaces, Microsoft is aiming to remove fragmentation for both customers and software vendors, and to present a clearer integration path for AI agents, apps, and cloud services.

Comparison with AWS (And Others)

Microsoft’s move will likely be viewed in the context of Amazon’s Bedrock platform, which offers a catalogue of AI foundation models that can be accessed and deployed via Amazon Web Services. Bedrock is pitched as a simple, scalable way for enterprises to access large language models and build generative AI applications.

While Amazon focuses on model-level choices, Microsoft is emphasising agent-level integration and user experience inside Microsoft 365 and other products. This could give Microsoft an advantage among organisations already embedded in its cloud and productivity tools. However, buyers will still compare vendor flexibility, model variety, and pricing across platforms.

Benefits And Trade-Offs For Customers

For IT and procurement teams, the new Marketplace appears to offer a consolidated, governed route to access thousands of tools without the overhead of managing multiple platforms or bypassing security protocols. End users can gain access to approved apps and agents directly within their day-to-day workflows, thereby speeding up adoption and deployment.

Also, organisations already committed to Microsoft’s ecosystem may find they can deploy new AI tools faster, with fewer integration challenges. Microsoft’s claim of “one-minute deployment” and compatibility with enterprise security policies will appeal to large firms seeking rapid returns from AI investments.

However, some trade-offs remain. For example, the convenience of staying within the Microsoft ecosystem could lead to increased dependency on Microsoft services and commercial agreements, potentially limiting multicloud flexibility over time.

Risks, Challenges, And Criticisms

It’s worth noting here that the launch also raises some concerns around market dominance and vendor lock-in. For example, back in October 2023, the UK’s Competition and Markets Authority concluded a detailed market investigation into cloud infrastructure services, highlighting structural barriers that hinder customer switching and favour the largest providers. While Microsoft has disputed aspects of that ruling, the creation of a unified Marketplace could increase reliance on its platform, reinforcing the very dynamics under review.

Security is another area of possible scrutiny. For example, as organisations adopt AI agents capable of autonomous action, there are growing concerns about how those agents interact with data, tools, and users. Microsoft has acknowledged these risks in its own technical documentation, warning of potential agent failure modes and security misconfigurations linked to the Model Context Protocol (MCP), which underpins many of the agent integrations.

Also, cybersecurity researchers have highlighted risks such as prompt injection, over-permissioned access, and insecure connectors. While Microsoft’s promise of secure provisioning through the Marketplace is intended to mitigate these risks, the responsibility for implementation, governance, and oversight remains with each customer.

Operational complexity may be yet another challenge for Microsoft. While the Marketplace promotes one-click deployment, lifecycle management of AI and cloud apps, such as patching, compatibility checks, and vendor due diligence, remains a resource-intensive task. Organisations will, therefore, need to align their internal processes with Marketplace activity, particularly where data residency, industry-specific compliance, or software licensing is concerned.

Only In The U.S. For Now

Microsoft has also confirmed that the Marketplace is initially available only in the United States, with global rollout to follow. International customers will, therefore, need to monitor catalogue availability, regional billing options, and data handling assurances closely, particularly for regulated sectors or cross-border deployments.

What Does This Mean For Your Business?

UK businesses already using Microsoft 365, Azure, or Dynamics are likely to find immediate benefits in the new Marketplace (when it eventually rolls out here). For example, it simplifies procurement, shortens deployment times, and allows pre-approved AI tools to be delivered directly into users’ daily workflows without disrupting governance or procurement protocols. This could accelerate experimentation with Copilot extensions and industry-specific solutions, especially for organisations that need to show quick returns on AI adoption without introducing additional risk.

For Microsoft’s partners and independent software vendors, the move creates new opportunities and increased competition. With over six million monthly visitors and growing demand for AI solutions, the Marketplace now acts as both a distribution channel and a co-sell platform. Distributors embedding the Microsoft catalogue into their own storefronts could expand access further, although those in the partner ecosystem will need to adapt to Microsoft’s standards, pricing models, and resale mechanics.

For decision-makers, the challenge will be striking the right balance between speed and scrutiny. The promise of one-click AI agents is compelling, but responsibility for integration, oversight, and risk management stays with the customer. Organisations will still need to enforce least-privilege principles, vet vendors, monitor agent activity, and align Marketplace use with broader digital and security strategies. Those operating in regulated sectors may also need to carry out additional reviews to meet legal, contractual, or ethical obligations around data use and automation.

As previously mentioned, the global rollout will be another area to watch. UK organisations outside the United States will be looking closely at how quickly catalogue parity is achieved, whether billing and compliance frameworks are fully localised, and how Marketplace features such as resale enabled offers evolve once out of preview. For now though, the launch appears to mark a major consolidation of Microsoft’s cloud sales platform, one that could reshape how software is bought, sold, and used across the Microsoft ecosystem.