The EU's European Data Protection Board oversees its privacy-protecting GDPR policies.

Earlier this week, TechCrunch reported that nearly two dozen civil society groups and nonprofits wrote the Board an open letter "urging it not to endorse a strategy used by Meta that they say is intended to bypass the EU's privacy protections for commercial gain."

Meta's strategy is sometimes called "Pay or Okay," writes long-time Slashdot reader AmiMoJo : Meta offers users a choice: "consent" to tracking, or pay over €250/year to use its sites without invasive monetization of personal data.
Meta prefers the phrase "subsccription for no ads," and told TechCrunch it makes them compliant with EU laws: A raft of complaints have been filed against Meta's implementation of the pay-or-consent tactic since it launched the "no ads" subscription offer last fall. Additionally, in a notable step last month, the European Union opened a formal investigation into Meta's tactic, seeking to find whether it breaches obligations that apply to Facebook and Instagram under the competition-focused Digital Markets Act. That probe remains ongoing.
The letter to the Board called for "robust protections that prioritize data subjects' agency and control over their information." And Wednesday the board issued its first decision:

"[I]n most cases, it will not be possible for [social media services] to comply with the requirements for valid consent, if they confront users only with a choice between consenting to processing of personal data for behavioural advertising purposes and paying a fee." The EDPB considers that offering only a paid alternative to services which involve the processing of personal data for behavioural advertising purposes should not be the default way forward for controllers. When developing alternatives, large online platforms should consider providing individuals with an 'equivalent alternative' that does not entail the payment of a fee. If controllers do opt to charge a fee for access to the 'equivalent alternative', they should give significant consideration to offering an additional alternative. This free alternative should be without behavioural advertising, e.g. with a form of advertising involving the processing of less or no personal data.
EDPB Chair, Anu Talus added: "Controllers should take care at all times to avoid transforming the fundamental right to data protection into a feature that individuals have to pay to enjoy."

Adult content companies Pornhub, Stripchat and XVideos will have to do risk assessment reports and take measures to address systemic risks linked to their services to comply with new EU online content rules, the European Commission said on Friday. From a report: The three companies were designated as very large online platforms last December under the Digital Services Act (DSA) which requires them to do more to remove illegal and harmful content on their platforms. Pornhub and Stripchat will have to comply with these DSA obligations, among the strictest, on April 21 and XVideos on April 23, the EU executive said. "These specific obligations include submitting risk assessment reports to the Commission, putting in place mitigation measures to address systemic risks linked to the provision of their services," it said in a statement.

AltStore PAL has become one of the first alternative app marketplaces to launch in the European Union. Developed by Riley Testut, AltStore PAL is marketed as an open-source project designed to distribute apps from independent developers. MacRumors reports: At launch, it features two apps, including Testut's Delta game emulator and clipboard manager app Clip. Delta is also being simultaneously released in the App Store outside of the European Union, but it looks like EU customers will need to download it from AltStore. Testut says that once AltStore PAL is "running smoothly," third-party app developers will be able to submit their apps for distribution outside of the App Store. The app marketplace is designed to be decentralized with no directory, so developers will need to self-promote their apps and direct users to their websites to install an app through AltStore.

Distributing apps through AltStore is free of charge, but it is worth noting that apps that see more than one million first annual installs will need to pay Apple an 0.50 euro Core Technology Fee. App marketplaces have to pay the fee for every install with no free allowance, so AltStore is charged 0.50 euros each time it is installed. To afford the fee, Testut is charging 1.50 euros per year for AltStore PAL access. Testut has been working on AltStore PAL since Apple announced plans to support alternative app marketplaces in iOS 17.4. It is open to all apps, but Testut says that it makes the most sense for "smaller, indie apps that otherwise couldn't exist due to App Store rules." AltStore PAL is equipped with Patreon integration to allow developers to monetize their apps. Developers can offer their apps to just their patrons, and this method of distribution also allows for a sub-1 million cap on those who can subscribe to use an app.

Pablo Escobar, the name of the late Colombian drug kingpin, can't be registered as a trademark in the European Union after judges said that approving his brother's bid would go against "principles of morality." From a report: The public "associate that name with drug trafficking and narco-terrorism and with the crimes and suffering resulting therefrom, rather than with his possible good deeds in favor of the poor in Colombia," the EU's General Court in Luxembourg said on Wednesday. Trademarking the name is "counter to the fundamental values and moral standards prevailing within Spanish society," the court said.

Apple is opening up web distribution for iOS apps targeting users in the European Union starting Tuesday. Developers who opt in -- and who meet Apple's criteria, including app notarization requirements -- will be able to offer iPhone apps for direct download to EU users from their own websites. From a report: It's a massive change for a mobile ecosystem that otherwise bars so-called "sideloading." Apple's walled garden stance has enabled it to funnel essentially all iOS developer revenue through its own App Store in the past. But, in the EU, that moat is being dismantled as a result of new regulations that apply to the App Store and which the iPhone maker has been expected to comply with since early last month. In March, Apple announced that a web distribution entitlement would soon be coming to its mobile platform as part of changes aimed at complying with the bloc's Digital Markets Act (DMA). The pan-EU regulation puts a set of obligations on in-scope tech giants that lawmakers hope will level the competitive playing field for platforms' business users, as well as protecting consumers from Big Tech throwing its weight around.

Meta plans to "temporarily" shut down Threads in Turkey from April 29, in response to an interim injunction prohibiting data sharing with Instagram. TechCrunch reports: The Turkish Competition Authority (TCA), known as Rekabet Kurumu, noted on March 18 that its investigations found that Meta was abusing its dominant market position by combining the data of users who create Threads profiles with that of their Instagram account -- without giving users the choice to opt in. [...] In the buildup to April 29, everyone using Threads in Turkey will receive a notification about the impending closure, and they will be given a choice to either delete or deactivate their profile. The latter of these options means a user's profile can be resurrected when and if Threads is available in the country again. "We disagree with the interim order, we believe we are in compliance with all Turkish legal requirements, and we will appeal," Meta wrote in the blog post today. "The TCA's interim order leaves us with no choice but to temporarily shut down Threads in Turkiye. We will continue to constructively engage with the TCA and hope to bring Threads back to people in Turkiye as quickly as possible."

Top takeaways from Stanford's new AI Index Report [PDF]:
1. AI beats humans on some tasks, but not on all. AI has surpassed human performance on several benchmarks, including some in image classification, visual reasoning, and English understanding. Yet it trails behind on more complex tasks like competition-level mathematics, visual commonsense reasoning and planning.
2. Industry continues to dominate frontier AI research. In 2023, industry produced 51 notable machine learning models, while academia contributed only 15. There were also 21 notable models resulting from industry-academia collaborations in 2023, a new high.
3. Frontier models get way more expensive. According to AI Index estimates, the training costs of state-of-the-art AI models have reached unprecedented levels. For example, OpenAI's GPT-4 used an estimated $78 million worth of compute to train, while Google's Gemini Ultra cost $191 million for compute.
4. The United States leads China, the EU, and the U.K. as the leading source of top AI models. In 2023, 61 notable AI models originated from U.S.-based institutions, far outpacing the European Union's 21 and China's 15.
5. Robust and standardized evaluations for LLM responsibility are seriously lacking. New research from the AI Index reveals a significant lack of standardization in responsible AI reporting. Leading developers, including OpenAI, Google, and Anthropic, primarily test their models against different responsible AI benchmarks. This practice complicates efforts to systematically compare the risks and limitations of top AI models.
6. Generative AI investment skyrockets. Despite a decline in overall AI private investment last year, funding for generative AI surged, nearly octupling from 2022 to reach $25.2 billion. Major players in the generative AI space, including OpenAI, Anthropic, Hugging Face, and Inflection, reported substantial fundraising rounds.
7. The data is in: AI makes workers more productive and leads to higher quality work. In 2023, several studies assessed AI's impact on labor, suggesting that AI enables workers to complete tasks more quickly and to improve the quality of their output. These studies also demonstrated AI's potential to bridge the skill gap between low- and high-skilled workers. Still, other studies caution that using AI without proper oversight can lead to diminished performance.
8. Scientific progress accelerates even further, thanks to AI. In 2022, AI began to advance scientific discovery. 2023, however, saw the launch of even more significant science-related AI applications -- from AlphaDev, which makes algorithmic sorting more efficient, to GNoME, which facilitates the process of materials discovery.
9. The number of AI regulations in the United States sharply increases. The number of AIrelated regulations in the U.S. has risen significantly in the past year and over the last five years. In 2023, there were 25 AI-related regulations, up from just one in 2016. Last year alone, the total number of AI-related regulations grew by 56.3%.
10. People across the globe are more cognizant of AI's potential impact -- and more nervous. A survey from Ipsos shows that, over the last year, the proportion of those who think AI will dramatically affect their lives in the next three to five years has increased from 60% to 66%. Moreover, 52% express nervousness toward AI products and services, marking a 13 percentage point rise from 2022. In America, Pew data suggests that 52% of Americans report feeling more concerned than excited about AI, rising from 37% in 2022.

The UK is starting to draft regulations to govern AI, focusing on the most powerful language models which underpin OpenAI's ChatGPT, Bloomberg News reported Monday, citing people familiar with the matter. From the report: Policy officials at the Department for Science, Innovation and Technology are in the early stages of devising legislation to limit potential harms caused by the emerging technology, according to the people, who asked not to be identified discussing undeveloped proposals. No bill is imminent, and the government is likely to wait until France hosts an AI conference either later this year or early next to launch a consultation on the topic, they said.

Prime Minister Rishi Sunak, who hosted the first world leaders' summit on AI last year and has repeatedly said countries shouldn't "rush to regulate" AI, risks losing ground to the US and European Union on imposing guardrails on the industry. The EU passed a sweeping law to regulate the technology earlier this year, companies in China need approvals before producing AI services and some US cities and states have passed laws limiting use of AI in specific areas.

An anonymous reader quotes a report from Ars Technica: Influential US Senator Sherrod Brown (D-Ohio) has called on U.S. President Joe Biden to ban electric vehicles from Chinese brands. Brown calls Chinese EVs "an existential threat" to the U.S. automotive industry and says that allowing imports of cheap EVs from Chinese brands "is inconsistent with a pro-worker industrial policy." Brown's letter to the president (PDF) is the most recent to sound alarms about the threat of heavily subsidized Chinese EVs moving into established markets. Brands like BYD and MG have been on sale in the European Union for some years now, and last October, the EU launched an anti-subsidy investigation into whether the Chinese government is giving Chinese brands an unfair advantage.

The EU probe won't wrap until November, but another report published this week found that government subsidies for green technology companies are prevalent in China. BYD, which now sells more EVs than Tesla, has benefited from almost $4 billion (3.7 billion euro) in direct help from the Chinese government in 2022, according to a study by the Kiel Institute. Last month, the EU even started paying extra attention to imports of Chinese EVs, issuing a threat of retroactive tariffs that could start being imposed this summer. Chinese EV imports to the EU have increased by 14 percent since the start of its investigation, but they have yet to really begin in the U.S., where there are a few barriers in their way. Chinese batteries make an EV ineligible for the IRS's clean vehicle tax credit, for one thing. And Chinese-made vehicles (like the Lincoln Nautilus, Buick Envision, and Polestar 2) are already subject to a 27.5 percent import tax.

But Chinese EVs are on sale in Mexico already, and that has American automakers worried. Last year, Ford CEO Jim Farley said he saw Chinese automakers "as the main competitors, not GM or Toyota." And in January, Tesla CEO Elon Musk said he believed that "if there are no trade barriers established, they will pretty much demolish most other car companies in the world." [...] It's not just the potential damage to the U.S. auto industry that has prompted this letter. Brown wrote that he is concerned about the risk of China having access to data collected by connected cars, "whether it be information about traffic patterns, critical infrastructure, or the lives of Americans," pointing out that "China does not allow American-made electric vehicles near their official buildings." At the end of February, the Commerce Department also warned of the security risk from Chinese-connected cars and revealed it has launched an investigation into the matter. "When the goal is to dominate a sector, tariffs are insufficient to stop their attack on American manufacturing," Brown wrote. "Instead, the Administration should act now to ban Chinese EVs before they destroy the potential for the U.S. EV market. For this reason, no solution should be left off the table, including the use of Section 421 (China Safeguard) of the Trade Act of 1974, or some other authority."

Datacenter power issues in Ireland may be coming to a head amid reports from customers that Amazon is restricting resources users can spin up in that nation, even directing them to other AWS regions across Europe instead. From a report: Energy consumed by datacenters is a growing concern, especially in places such as Ireland where there are clusters of facilities around Dublin that already account for a significant share of the country's energy supply. This may be leading to restrictions on how much infrastructure can be used, given the power requirements. AWS users have informed The Register that there are sometimes limits on the resources that they can access in its Ireland bit barn, home to Amazon's eu-west-1 region, especially with power-hungry instances that make use of GPUs to accelerate workloads such as AI.

"You cannot spin up GPU nodes in AWS Dublin as those locations are maxed out power-wise. There is reserved capacity for EC2 just in case," one source told us. "If you have a problem with that, AWS Europe will point you at spare capacity in Sweden and other parts of the EU." We asked AWS about these issues, but when it finally responded the company was somewhat evasive. "Ireland remains core to our global infrastructure strategy, and we will continue to work with customers to understand their needs, and help them to scale and grow their business," a spokesperson told us. Ireland's power grid operator, EirGrid, was likewise less than direct when we asked if they were limiting the amount of power datacenters could consume.

An anonymous reader quotes a report from Reuters: Independent browser companies in the European Union are seeing a spike in users in the first month after EU legislation forced Alphabet's Google, Microsoft and Apple to make it easier for users to switch to rivals, according to data provided to Reuters by six companies. The early results come after the EU's sweeping Digital Markets Act, which aims to remove unfair competition, took effect on March 7, forcing big tech companies to offer mobile users the ability to select from a list of available web browsers from a "choice screen." [...]

Cyprus-based Aloha Browser said users in the EU jumped 250% in March -- one of the first companies to give monthly growth numbers since the new regulations came in. Founded in 2016, Aloha, which markets itself as a privacy focused alternative to browsers owned by big tech, has 10 million monthly average users and earns money through paid subscriptions, rather than selling ads by tracking users. "Before, EU was our number four market, right now it's number two," Aloha CEO Andrew Frost Moroz said in an interview. Norway's Vivaldi, Germany's Ecosia and U.S.-based Brave have also seen user numbers rise following the new regulation. U.S.-based DuckDuckGo, which has about 100 million users, and its bigger rival, Norway-based Opera (OPRA.O), opens new tab are also seeing growth in users, but said the choice screen rollout is still not complete. "We are experiencing record user numbers in the EU right now," said Jan Standal, vice president at Opera, which counts over 324 million global users.

Under the new EU rules, mobile software makers are required to show a choice screen where users can select a browser, search engine and virtual assistant as they set up their phones. Previously, tech companies such as Apple and Google loaded phones with default settings that included their preferred services, such as the voice assistant Siri for iPhones. Changing these settings required a more complicated process. Apple is now showing up to 11 browsers in addition to Safari in the choice screens curated for each of the 27 countries in the EU, and will update those screens once every year for each country. While DuckDuckGo and Opera are offered in Apple's list, opens new tab in all 27 countries, Aloha is in 26 countries, Ecosia is in 13 and Vivaldi in 8. Google is currently showing browser choices on devices made by the company and said new devices made by other companies running Android operating system will also display choice screen in the coming months. A Google spokesperson said they do not have data on choice screens to share yet.

According to the European Union, Earth has reached its warmest March on record, capping a 10-month streak in which every month set a new temperature record. Reuters reports: Each of the last 10 months ranked as the world's hottest on record, compared with the corresponding month in previous years, the EU's Copernicus Climate Change Service (C3S) said in a monthly bulletin. The 12 months ending with March also ranked as the planet's hottest ever recorded 12-month period, C3S said. From April 2023 to March 2024, the global average temperature was 1.58 degrees Celsius above the average in the 1850-1900 pre-industrial period.

C3S' dataset goes back to 1940, which the scientists cross-checked with other data to confirm that last month was the hottest March since the pre-industrial period. Already, 2023 was the planet's hottest year in global records going back to 1850. El Nino peaked in December-January and is now weakening, which may help to break the hot streak toward the end of the year. But despite El Nino easing in March, the world's average sea surface temperature hit a record high, for any month on record, and marine air temperatures remained unusually high, C3S said. "The main driver of the warming is fossil fuel emissions," said Friederike Otto, a climate scientist at Imperial College London's Grantham Institute. Failure to reduce these emissions will continue to drive the warming of the planet, resulting in more intense droughts, fires, heatwaves and heavy rainfall, Otto said.

The foundations behind Rust, Python, Apache, Eclipse, PHP, OpenSSL, and Blender announced plans to create "common specifications for secure software development," based on "existing open source best practices."

From the Eclipse Foundation: This collaborative effort will be hosted at the Brussels-based Eclipse Foundation [an international non-profit association] under the auspices of the Eclipse Foundation Specification Process and a new working group... Other code-hosting open source foundations, SMEs, industry players, and researchers are invited to join in as well.

The starting point for this highly technical standardisation effort will be today's existing security policies and procedures of the respective open source foundations, and similar documents describing best practices.

The governance of the working group will follow the Eclipse Foundation's usual member-led model but will be augmented by explicit representation from the open source community to ensure diversity and balance in decision-making. The deliverables will consist of one or more process specifications made available under a liberal specification copyright licence and a royalty-free patent licence... While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation.

The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.
The Apache Foundation notes the working group is forming partly "to demonstrate our commitment to cooperation with and implementation of" the EU's Cyber Resilience Act. But the Eclipse Foundation adds that even before it goes into effect in 2027, they're recognizing open source software's "increasingly vital role in modern society" and an increasing need for reliability, safety, and security, so new regulations like the CRA "underscore the urgency for secure by design and robust supply chain security standards."

Their announcement adds that "It is also important to note that it is similarly necessary that these standards be developed in a manner that also includes the requirements of proprietary software development, large enterprises, vertical industries, and small and medium enterprises." But at the same time, "Today's global software infrastructure is over 80% open source... [W]hen we discuss the 'software supply chain,' we are primarily, but not exclusively, referring to open source."

"We invite you to join our collaborative effort to create specifications for secure open source development," their announcement concludes," promising initiative updates on a new mailing list. "Contribute your ideas and participate in the magic that unfolds when open source foundations, SMEs, industry leaders, and researchers combine forces to tackle big challenges."

The Python Foundation's announcement calls it a "community-driven initiative" that will have "a lasting impact on the future of cybersecurity and our shared open source communities."

While the European Parliament passed a wide-ranging "AI Act" in March, "Leaders from Microsoft, Google, and OpenAI have all called for AI regulations in the U.S.," writes CIO magazine. Even the Chamber of Commerce, "often opposed to business regulation, has called on Congress to protect human rights and national security as AI use expands," according to the article, while the White House has released a blueprint for an AI bill of rights.

But even though the U.S. Congress hasn't passed AI legislation — 16 different U.S. states have, "and state legislatures have already introduced more than 400 AI bills across the U.S. this year, six times the number introduced in 2023." Many of the bills are targeted both at the developers of AI technologies and the organizations putting AI tools to use, says Goli Mahdavi, a lawyer with global law firm BCLP, which has established an AI working group. And with populous states such as California, New York, Texas, and Florida either passing or considering AI legislation, companies doing business across the US won't be able to avoid the regulations. Enterprises developing and using AI should be ready to answer questions about how their AI tools work, even when deploying automated tools as simple as spam filtering, Mahdavi says. "Those questions will come from consumers, and they will come from regulators," she adds. "There's obviously going to be heightened scrutiny here across the board."
There's sector-specific bills, and bills that demand transparency (of both development and output), according to the article. "The third category of AI bills covers broad AI bills, often focused on transparency, preventing bias, requiring impact assessment, providing for consumer opt-outs, and other issues."

One example the article notes is Senate Bill 1047, introduced in the California State Legislature in February, "would require safety testing of AI products before they're released, and would require AI developers to prevent others from creating derivative models of their products that are used to cause critical harms."

Adrienne Fischer, a lawyer with Basecamp Legal, a Denver law firm monitoring state AI bills, tells CIO that many of the bills promote best practices in privacy and data security, but said the fragmented regulatory environment "underscores the call for national standards or laws to provide a coherent framework for AI usage."

Thanks to Slashdot reader snydeq for sharing the article.

The European Union and the US plan to enlist AI in the search for replacements to so-called forever chemicals that are prevalent in semiconductor manufacturing, Bloomberg News reported Wednesday, citing a draft statement. From the report: The pledge forms part of the conclusions to this week's joint US-EU Trade and Technology Council taking place in Leuven, Belgium. "We plan to continue working to identify research cooperation opportunities on alternatives to the use of per- and polyfluorinated substances (PFAS) in chips," the statement says. "For example, we plan to explore the use of AI capacities and digital twins to accelerate the discovery of suitable materials to replace PFAS in semiconductor manufacturing," it says.

PFAS, sometimes known as forever chemicals, have been at the center of concerns over pollution in both the US and Europe. They have a wide range of industrial applications but also show up in our bodies, in food and water supplies, and -- as their moniker suggests -- they don't break down for a very long time.

Thawing ice in the Arctic may open up new routes for internet cables that lie at the bottom of the ocean and carry most international data traffic. And more routes matter when underwater infrastructure is at risk of attack. From a report: Baltic Sea gas and telecoms cables were damaged last year, with a Chinese vessel a potential suspect. Red Sea data cables were cut last month after a Yemeni government warning of attacks by Iran-backed Houthi rebels. Over 90 percent of all Europe-Asia traffic flows through the Red Sea route. The problem of critical data relying on only one path is clear. "It's clearly a kind of concentration of several cables, which means that there is a risk that areas will bottleneck," Taneli Vuorinen, the executive vice president at Cinia, a Finland-based company working on an innovative pan-Arctic cable, said.

"In order to meet the increasing demand, there's an increasing pressure to find diversity" of routes, he said. The Far North Fiber project is seeking to offer just that. The 14,500 kilometer long cable will directly link Europe to Japan, via the Northwest Passage in the Arctic, with landing sites in Japan, the United States (Alaska), Canada, Norway, Finland and Ireland. It would have been unthinkable until just a few years ago, when a thick, multiyear layer of ice made navigation impossible. But the Arctic is warming up at a worrying pace with climate change, nearly four times faster than the rest of the world. Sea ice is shrinking by almost 13 percent every decade.

Microsoft will introduce a new version of Microsoft 365 and Office 365 subscription service that excludes Teams, unbundling a suite following scrutiny from the European Union regulator and complaints from rival Slack. From a report: The move follows Microsoft agreeing to sell Office 365 suite sans Microsoft Teams offering in the EU and Switzerland last year. The company introduced Teams as a complimentary offering to the Office 365 suite in 2017. Microsoft has enjoyed an unfair advantage by coupling the two offerings, many businesses have argued. Slack, owned by Salesforce, termed the move "illegal" alleging that Microsoft forced installation of Teams to customers through its market-dominant productivity suite and hid the true cost of the chat and video service.

A CNN opinion piece looks at "the moaning about manual transmission's demise," noting that "it's not just Europeans (literally) clinging on. In the U.S., there's apparently a young (also predominantly male) demographic that is embracing manual driving — championing it as retro, much like Gen Z's affinity to typewriters and vintage cameras.

"They feel there's something authentic about it: a connection between driver and vehicle that automatization cuts out." But CNN's writer argues the case against stick shifts... [Automatic vehicles] chalk up better mileage and drive faster than their stick-shift counterparts. The explanation: automatics select the right gear for the vehicle, usually the highest gear possible. The average manual driver is not always so proficient. In getting the gear right, automatics consume less fuel, save money and emit fewer emissions.

These are among the reasons why it's ever harder to buy a new manual-transmission model of any kind in many countries. In the US, less than 1% of new models have stick shifts (compared to 35% in 1980), according to the Environmental Protection Agency. It's really only sports cars, off-road truck SUVs and a handful of small pickups that still have clutches.... While all gasoline-run cars and trucks are climate killers with stick shifts being the slightly worse of two evils, combustion-engine automatics themselves are on their way out. They are tooling along the highway side-by-side with their stick-and-clutch counterparts toward the junkyard of history. Electric vehicles have gear systems, too: a single speed transmission that transmits energy from the motor to the wheels. But because only one gear exists, there is no switching of gears, neither automatically nor manually...

Road transportation accounts for 15% of the world's greenhouse gas emissions, according to Our World Data, as well as being a huge contributor to the air pollution that claims around nine million deaths a year from respiratory and lung diseases. Transportation noise, though less deadly, also contributes to stress and sleep disorders. Thankfully, there's a convenient way to circumvent these blights: electric vehicles...

But for those aficionados who really can't go without a clutch and gear shifter, Toyota is planning a realistic-feeling fake manual transmission for some EV models. It serves no purpose whatsoever — save to comfort bruised egos.

The European Union has launched investigations into Apple, Meta and Google under its sweeping new digital-competition law, adding to the regulatory scrutiny large U.S. tech companies are facing worldwide. From a report: The suite of probes [Editor's note: the link may be paywalled; official press release here] announced Monday are the first under the EU's Digital Markets Act law, which took effect earlier this month. They come less than a week after the Justice Department sued Apple over allegations it makes it difficult for competitors to integrate with the iPhone, ultimately raising prices for customers. Apple and Google will now face EU scrutiny of how they are complying with rules that say they must allow app developers to inform customers about alternative offers outside those companies' main app stores. The European Commission, the EU's executive arm, said it is concerned about constraints the tech companies place on developers' ability to freely communicate with users and promote their offers.

The bloc will also examine changes that Google made to how its search results appear in Europe. The new digital competition law says companies cannot give their own services preference over similar services that are offered by rivals. Another probe will look at how Apple complies with rules that say users should be able to easily remove software applications and change default settings on their iPhones, as well as how the company shows choice screens that offer alternative search engine and browser options.

Lindsay Clark reports via The Register: The UK Information Commissioner's Office has received a complaint detailing the mismanagement of personal data at the Nursing and Midwifery Council (NMC), the regulator that oversees worker registration. Employment as a nurse or midwife depends on enrollment with the NMC in the UK. According to whistleblower evidence seen by The Register, the databases on which the personal information is held lack rudimentary technical standards and practices. The NMC said its data was secure with a high level of quality, allowing it to fulfill its regulatory role, although it was on "a journey of improvement." But without basic documentation, or the primary keys or foreign keys common in database management, the Microsoft SQL Server databases -- holding information about 800,000 registered professionals -- are difficult to query and manage, making assurances on governance nearly impossible, the whistleblower told us.

The databases have no version control systems. Important fields for identifying individuals were used inconsistently -- for example, containing junk data, test data, or null data. Although the tech team used workarounds to compensate for the lack of basic technical standards, they were ad hoc and known by only a handful of individuals, creating business continuity risks should they leave the organization, according to the whistleblower. Despite having been warned of the issues of basic technical practice internally, the NMC failed to acknowledge the problems. Only after exhausting other avenues did the whistleblower raise concern externally with the ICO and The Register. The NMC stores sensitive data on behalf of the professionals that it registers, including gender, sexual orientation, gender identity, ethnicity and nationality, disability details, marital status, as well as other personal information.

The whistleblower's complaint claims the NMC falls well short of [the standards required under current UK law for data protection and the EU's General Data Protection Regulation (GDPR)]. The statement alleges that the NMC's "data management and data retrieval practices were completely unacceptable." "There is not even much by way of internal structure of the databases for self-documentation, such as primary keys, foreign keys (with a few honorable exceptions), check constraints and table constraints. Even fields that should not be null are nullable. This is frankly astonishing and not the practice of a mature, professional organization," the statement says. For example, the databases contain a unique ten-digit number (or PRN) to identify individuals registered to the NMC. However, the fields for PRNs sometimes contain individuals' names, start with a letter or other invalid data, or are simply null. The whistleblower's complaint says that the PRN problem, and other database design deficiencies, meant that it was nearly impossible to produce "accurate, correct, business critical reports ... because frankly no one knows where the correct data is to be found." A spokesperson for the NMC said the register was "organized and documented" in the SQL Server database. "For clarity, the register of all our nurses, midwives and nursing practitioners is held within Dynamics 365 which is our system of record. This solution and the data held within it, is secure and well documented. It does not rely on any SQL database. The SQL database referenced by the whistleblower relates to our data warehouse which we are in the process of modernizing as previously shared."