The European Union has announced details of new mandatory labels for smartphones and tablets sold in the bloc, which include ratings for energy efficiency, durability, and repairability. From a report: Hardware will also have to meet new "ecodesign requirements" to be sold in the EU, including a requirement to make spare parts available for repair.

The labels, which will be required for any devices that go on sale from June 20th onwards, are similar to existing ones for home appliances and TVs. They display the product's energy efficiency rating, on a scale from A to G, along with battery life, the number of charge cycles the battery is rated for, letter grades for durability and repairability, and any applicable IP rating for protection from dust and water.

Apple was fined 500 million euros ($570 million) on Wednesday and Meta 200 million euros, as European Union antitrust regulators handed out the first sanctions under landmark legislation aimed at curbing the power of Big Tech. From a report: The EU fines could stoke tensions with U.S. President Donald Trump who has threatened to levy tariffs against countries that penalise U.S. companies. WSJ adds more details: The commission also issued cease-and-desist orders that could have a bigger impact than the fines. One order targets Apple's App Store and the other takes aim at Meta's use of personalized ads -- important revenue streams for each company.

[...] The EU's action against Meta focuses on the company's effort to get users to agree to seeing personalized ads on Instagram and Facebook -- its main source of revenue. The commission ordered Meta to stop requiring users to either agree to those ads or pay for a subscription. It said it was still evaluating whether a "less-personalized ads" option that Meta introduced last fall complies with that order, raising the specter of further changes.

The Apple case deals with the company's App Store rules. The commission said Apple had failed to comply with an obligation to allow app developers to inform customers, free of charge, of alternative ways to purchase digital products.

The European Union is determined to enforce its full digital rule book no matter who is in charge of companies such as X, Meta, Apple and Tiktok or where they are based, Commission President Ursula von der Leyen told Politico. From a report: "That's why we've opened cases against TikTok, X, Apple, Meta just to name a few. We apply the rules fairly, proportionally, and without bias. We don't care where a company's from and who's running it. We care about protecting people," Politico quoted von der Leyen as saying on Sunday. The EU's Digital Markets Act has been strongly criticised by the administration of U.S. President Donald Trump.

An anonymous reader shares a report: Members of the European Parliament were offered special pouches to protect digital devices from espionage and tampering for a visit to Hungary this week, a sign of rising spying fears within Europe.

Five lawmakers from the Parliament's civil liberties committee traveled to Hungary on Monday for a three-day visit to inspect the EU member country's progress on democracy, the rule of law and fundamental rights.

One lawmaker on the trip confirmed to POLITICO that the Parliament officials joining the delegation were offered Faraday bags -- special metal-lined pouches that block electromagnetic signals -- by the Parliament's services and were also advised to be cautious about using public Wi-Fi networks or charging facilities.

Meta said the company plans to start using data collected from its users in the European Union to train its AI systems. Engadget reports: Starting this week, the tech giant will begin notifying Europeans through email and its family of apps of the fact, with the message set to include an explanation of the kind of data it plans to use as part of the training. Additionally, the notification will link out to a form users can complete to opt out of the process. "We have made this objection form easy to find, read, and use, and we'll honor all objection forms we have already received, as well as newly submitted ones," says Meta.

The company notes it will only use data it collects from public posts and Meta AI interactions for training purposes. It won't use private messages in its training sets, nor any interactions, public or otherwise, made by users under the age of 18. As for why the company wants to start using EU data now, it claims the information will allow it to fine tune its future models to better serve Europeans. "We believe we have a responsibility to build AI that's not just available to Europeans, but is actually built for them. That's why it's so important for our generative AI models to be trained on a variety of data so they can understand the incredible and diverse nuances and complexities that make up European communities," Meta states.

"That means everything from dialects and colloquialisms, to hyper-local knowledge and the distinct ways different countries use humor and sarcasm on our products. This is particularly important as AI models become more advanced with multi-modal functionality, which spans text, voice, video, and imagery."

The European Commission is issuing burner phones and basic laptops to some US-bound staff to avoid the risk of espionage [non-paywalled source], a measure traditionally reserved for trips to China. Financial Times: Commissioners and senior officials travelling to the IMF and World Bank spring meetings next week have been given the new guidance, according to four people familiar with the situation. They said the measures replicate those used on trips to Ukraine and China, where standard IT kit cannot be brought into the countries for fear of Russian or Chinese surveillance.

"They are worried about the US getting into the commission systems," said one official. The treatment of the US as a potential security risk highlights how relations have deteriorated since the return of Donald Trump as US president in January. Trump has accused the EU of having been set up to "screw the US" and announced 20 per cent so-called reciprocal tariffs on the bloc's exports, which he later halved for a 90-day period.

At the same time, he has made overtures to Russia, pressured Ukraine to hand over control over its assets by temporarily suspending military aid and has threatened to withdraw security guarantees from Europe, spurring a continent-wide rearmament effort. "The transatlantic alliance is over," said a fifth EU official.

Military chiefs at Nato have been warned of global internet blackouts following a string of suspected Russian attacks on subsea cables. From a report: Telecoms companies including Vodafone, O2 owner Telefonica and Orange have written to UK, EU and Nato officials warning that a rise in sabotage incidents was putting critical services at risk. In an open letter, they wrote: "The repercussions of damage to subsea cables extend far beyond Europe, potentially affecting global internet and power infrastructure, international communications, financial transactions and critical services worldwide."

It comes after a spike in incidents relating to fibre optic cables on seabeds that carry huge volumes of data, voice and internet traffic between countries. More than 500 cables carry around 95pc of all international data, while their remote location makes them difficult and costly to monitor. At least 11 subsea cables have been damaged in the Baltic Sea since October 2023 and similar outages have been reported in the North Sea.

The incidents have fuelled fears of sabotage by hostile actors, with more than 50 Russian ships observed in areas of high cable density in the Baltic Sea. The UK is monitoring the Russian spy ship Yantar amid concerns that it is mapping critical underwater infrastructure. Concerns have also been raised about Chinese sabotage following a number of incidents around Taiwan.

"U.S. stock market futures plunged on Sunday evening," reports Yahoo Finance, "after the new U.S. tariff policy began collecting duties over the weekend..."

The EU will vote on $28 billion in retaliatory tariffs Wednesday, Reuters reports. (And those tariffs will be approved unless "a qualified majority of 15 EU members representing 65% of the EU's population oppose it. They would enter force in two stages, a smaller part on April 15 and the rest a month later.")

But France's Economy and Finance Minister has an idea: more strictly regulating how data is used by America's Big Tech companies. Politico EU reports/A>: "We may strengthen certain administrative requirements or regulate the use of data," Lombard said in an interview with Le Journal Du Dimanche. He added that another option could be to "tax certain activities," without being more specific.

A French government spokesperson already said last week that the EU's retaliation against U.S. tariffs could include "digital services that are currently not taxed." That suggestion was fiercely rejected by Ireland, which hosts the European headquarters of several U.S. Big Tech firms...

Technology is seen as a possible area for Europe to retaliate. The European Union has a €157 billion trade surplus in goods, which means it exports more than it imports, but it runs a deficit of €109 billion in services, including digital services. Big Tech giants like Apple, Microsoft, Amazon, Google and Meta dominate many parts of the market in Europe.
Amid the market turmoil, what about cryptocurrencies, often seen as a "proxy" for the level of risk felt by investors? In the 10 weeks after October 6, the price of Bitcoin skyrocketed 67% to $106,490 by December 10th. But by January 30th it had started dropping again, and now sits at $77,831 — still up 22% for the last six months, but down nearly 27% over the last 10 weeks. Yet even after all that volatility, Bitcoin suddenly fell again more than 6% on Sunday, reports Reuters, "as markets plunged amid tariff tensions. Ether, the second largest cryptocurrency, fell more than 10% on Sunday."

An anonymous reader quotes a report from Techdirt: Walled Culture has been following closely Italy's poorly designed Piracy Shield system. Back in December we reported how copyright companies used their access to the Piracy Shield system to order Italian Internet service providers (ISPs) to block access to all of Google Drive for the entire country, and how malicious actors could similarly use that unchecked power to shut down critical national infrastructure. Since then, the Computer & Communications Industry Association (CCIA), an international, not-for-profit association representing computer, communications, and Internet industry firms, has added its voice to the chorus of disapproval. In a letter (PDF) to the European Commission, it warned about the dangers of the Piracy Shield system to the EU economy [...]. It also raised an important new issue: the fact that Italy brought in this extreme legislation without notifying the European Commission under the so-called "TRIS" procedure, which allows others to comment on possible problems [...].

As well as Italy's failure to notify the Commission about its new legislation in advance, the CCIA believes that: this anti-piracy mechanism is in breach of several other EU laws. That includes the Open Internet Regulation which prohibits ISPs to block or slow internet traffic unless required by a legal order. The block subsequent to the Piracy Shield also contradicts the Digital Services Act (DSA) in several aspects, notably Article 9 requiring certain elements to be included in the orders to act against illegal content. More broadly, the Piracy Shield is not aligned with the Charter of Fundamental Rights nor the Treaty on the Functioning of the EU -- as it hinders freedom of expression, freedom to provide internet services, the principle of proportionality, and the right to an effective remedy and a fair trial.

Far from taking these criticisms to heart, or acknowledging that Piracy Shield has failed to convert people to paying subscribers, the Italian government has decided to double down, and to make Piracy Shield even worse. Massimiliano Capitanio, Commissioner at AGCOM, the Italian Authority for Communications Guarantees, explained on LinkedIn how Piracy Shield was being extended in far-reaching ways (translation by Google Translate, original in Italian). [...] That is, Piracy Shield will apply to live content far beyond sports events, its original justification, and to streaming services. Even DNS and VPN providers will be required to block sites, a serious technical interference in the way the Internet operates, and a threat to people's privacy. Search engines, too, will be forced to de-index material. The only minor concession to ISPs is to unblock domain names and IP addresses that are no longer allegedly being used to disseminate unauthorized material. There are, of course, no concessions to ordinary Internet users affected by Piracy Shield blunders. In the future, Italy's Piracy Shield will add:
- 30-minute blackout orders not only for pirate sports events, but also for other live content;
- the extension of blackout orders to VPNs and public DNS providers;
- the obligation for search engines to de-index pirate sites;
- the procedures for unblocking domain names and IP addresses obscured by Piracy Shield that are no longer used to spread pirate content;
- the new procedure to combat piracy on the #linear and "on demand" television, for example to protect the #film and #serietv.

An anonymous reader quotes a report from Ars Technica: Europol has shut down one of the largest dark web pedophile networks in the world, prompting dozens of arrests worldwide and threatening that more are to follow. Launched in 2021, KidFlix allowed users to join for free to preview low-quality videos depicting child sex abuse materials (CSAM). To see higher-resolution videos, users had to earn credits by sending cryptocurrency payments, uploading CSAM, or "verifying video titles and descriptions and assigning categories to videos."

Europol seized the servers and found a total of 91,000 unique videos depicting child abuse, "many of which were previously unknown to law enforcement," the agency said in a press release. KidFlix going dark was the result of the biggest child sexual exploitation operation in Europol's history, the agency said. Operation Stream, as it was dubbed, was supported by law enforcement in more than 35 countries, including the United States. Nearly 1,400 suspected consumers of CSAM have been identified among 1.8 million global KidFlix users, and 79 have been arrested so far. According to Europol, 39 child victims were protected as a result of the sting, and more than 3,000 devices were seized.

Police identified suspects through payment data after seizing the server. Despite cryptocurrencies offering a veneer of anonymity, cops were apparently able to use sophisticated methods to trace transactions to bank details. And in some cases cops defeated user attempts to hide their identities -- such as a man who made payments using his mother's name in Spain, a local news outlet, Todo Alicante, reported. It likely helped that most suspects were already known offenders, Europol noted. Arrests spanned the globe, including 16 in Spain, where one computer scientist was found with an "abundant" amount of CSAM and payment receipts, Todo Alicante reported. Police also arrested a "serial" child abuser in the US, CBS News reported.

The European Commission has announced its intention to join the ongoing debate about lawful access to data and end-to-end encryption while unveiling a new internal security strategy aimed to address ongoing threats. From a report: ProtectEU, as the strategy has been named, describes the general areas that the bloc's executive would like to address in the coming years although as a strategy it does not offer any detailed policy proposals. In what the Commission called "a changed security environment and an evolving geopolitical landscape," it said Europe needed to "review its approach to internal security."

Among its aims is establishing Europol as "a truly operational police agency to reinforce support to Member States," something potentially comparable to the U.S. FBI, with a role "in investigating cross-border, large-scale, and complex cases posing a serious threat to the internal security of the Union." Alongside the new Europol, the Commission said it would create roadmaps regarding both the "lawful and effective access to data for law enforcement" and on encryption.

An anonymous reader quotes a report from Reuters: German software company SAP overtook Danish healthcare company Novo Nordisk as Europe's largest company by market capitalization on Monday. At 0900 GMT, SAP had a market cap of $340 billion, slightly more than Novo Nordisk, according to Reuters calculations using LSEG Workspace data. SAP is Europe's largest software maker, providing business application software used by companies for finance, sales, supply chain and other functions.

Its shares have surged in recent years, in part due to optimism that its cloud business will be a major beneficiary of recent investment in generative artificial intelligence. While SAP shares are up 7% so far in 2025, underperforming the broader European STOXX 600 index, which is up 8.3% year-to-date, they have clocked a total return of 160% since the end of 2022, far outperforming the STOXX 600's 28%. In contrast, Novo Nordisk shares have underperformed the market in recent months after data from trials of its experimental next-generation obesity drug Cagrisema disappointed investors.

Meta is considering a paid subscription in the UK that would remove advertisements from its platform. The BBC reports: Under the plans, people using the social media sites could be asked to pay for an ad-free experience if they do not want their data to be tracked. Meta already provides ad-free subscriptions for Facebook and Instagram users in the EU, starting from euros (5 pounds) a month. A spokesperson for the firm said the company was "exploring the option" of offering a similar service in the UK.

They said the firm was "engaging constructively" with the UK data watchdog about the subscription service, following a consultation in 2024. The Information Commissioner's Office previously said it expected Meta to consider data protection concerns before it launched an ad-free subscription. Meta says personalized advertising allows its platforms to be free at the point of access.

Guidance issued by the regulator in January states that users must be presented with a genuine free choice. Social media platforms such as Meta heavily rely on ad revenues, and the company says personalised advertising allows its platforms to be free. Advertising accounted for more than 96% of its revenue in its latest quarterly financial results.

Long-time Slashdot reader invisik reminds us that the "fish doorbell" is still going strong, according to the Associated Press. "Now in its fifth year, the site has attracted millions of viewers from around the world with its quirky mix of slow TV and ecological activism." The central Dutch city of Utrecht installed a "fish doorbell" on a river lock that lets viewers of an online livestream alert authorities to fish being held up as they make their springtime migration to shallow spawning grounds. The idea is simple: An underwater camera at Utrecht's Weerdsluis lock sends live footage to a website. When somebody watching the site sees a fish, they can click a button that sends a screenshot to organizers. When they see enough fish, they alert a water worker who opens the lock to let the fish swim through.
"Much of the time, the screen is just a murky green with occasional bubbles, but sometimes a fish swims past. As the water warms up, more fish show up..."

For weeks Signal has been one of the three most-downloaded apps in the Netherlands, according to a local news site. And now "Higher education institutions in the Netherlands have been looking for an alternative," according to DUB (an independent news site for the Utrecht University community): Employees of the Utrecht University of Applied Sciences (HU) were recently advised to switch to Signal. Avans University of Applied Sciences has also been discussing a switch...The National Student Union is concerned about privacy. The subject was raised at last week's general meeting, as reported by chair Abdelkader Karbache, who said: "Our local unions want to switch to Signal or other open-source software."
Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'."
WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location."

WhatsApp is required by law to share this information with authorities during an investigation...

[U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms...
The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal."

The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist."

Thanks to long-time Slashdot reader united_notions for sharing the article.

The latest Facebook whistleblower, a former international lawyer, "cannot grant any of the nearly 100 interview requests she has received from journalists from print and broadcast news outlets in the United States and the United Kingdom," reports the Washington Post (citing "a person familiar with the matter").

That's because of an independent arbiter's ruling that "also bars her from talking with lawmakers in the U.S., London and the EU, according to a legal challenge she lodged against the ruling..." On March 12, an emergency arbiter — a dispute resolution option outside the court system — sided with Meta by ruling that the tech giant might reasonably convince a court that Wynn-Williams broke a non-disparagement agreement she entered as she was being fired by the company in 2017. The arbiter also said that while her publisher Macmillan appeared for the hearing on Meta's motion, Wynn-Williams did not despite having received due notice. The arbiter did not make any assessments about the book's veracity, but Meta spokespeople argued that the ruling meant that "Sarah Wynn Williams' false and defamatory book should never have been published."

Wynn-Williams this week filed an emergency motion to overturn the ruling, arguing that she didn't receive proper notice of the arbitration proceedings to the email accounts Meta knows she uses, according to a copy of the motion seen by The Post. Wynn-Williams further alleged that her severance agreement including the non-disparagement provisions are unenforceable, arguing that it violates laws that protect whistleblowers from retaliation, among other points. In a statement, legal representatives for Wynn-Williams said they were "confident in the legal arguments and look forward to a swift restoration of Ms. Wynn-Williams' right to tell her story."
That book — Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism — is currently #1 on the New York Times best-seller list (and #3 on Amazon.com's best-selling books list). And the incident prompted an article by Wired editor at large Steven Levy titled "Meta Tries to Bury a Tell-All Book." ("Please pause for a moment to savor the irony," Levy writes. "Meta, the company that recently announced an end to fact-checking in posts seen by potentially millions of people, is griping that an author didn't fact-check with them?")

And this led to a heated exchange on X.com between the Wired editor at large and Meta's Chief Technology Officer Andrew Bozworth:

Steven Levy: Meta probably realizes that all-out war on this book will only help its sales. But they are furious that an insider--who signed an NDA!--is going White Lotus on them, showing what it's like on the inside.

Meta CTO Bozworth: Except that it is full of lies, Steven. Shame on you.

Steven Levy: Boz, it would be helpful if Meta called out what it believes are the factual inaccuracies, especially in cases where it calls the book "defamatory."

Meta CTO Bozworth: Sorry you don't get to make up a bunch of stories and then put the burden on the person you lied about. Read the accounts from former employees who have gone through several of the anecdotes and said flatly they did not happen as written and then extrapolate.

Steven Levy: I would love for Sheryl, Mark and Joel to speak out on those anecdotes and give their sides of the story. They are the key subjects of those stories and their direct denial of specific incidents would matter.

Meta CTO Bozworth: Did you read what I wrote? I'm sure you would love to have more fuel for your "nobody wants you to read this" headline, but that's a total bullshit expectation. It isn't unreasonable to expect a journalist like you to do basic diligence. I'm sure you have our comms email!

Steven Levy: Believe me I was in touch with your comms people...

Hungary's Parliament not only voted to ban Pride events. They also voted to "allow authorities to use facial recognition software to identify attenders and potentially fine them," reports the Guardian. [The nationwide legislation] amends the country's law on assembly to make it an offence to hold or attend events that violate Hungary's contentious "child protection" legislation, which bars any "depiction or promotion" of homosexuality to minors under the age of 18. The legislation was condemned by Amnesty International, which described it as the latest in a series of discriminatory measures the Hungarian authorities have taken against LGBTQ+ people...

Organisers said they planned to go ahead with the march in Budapest, despite the law's stipulation that those who attend a prohibited event could face fines of up to 200,000 Hungarian forints [£425 or $549 U.S. dollars].

"Italy is using its Piracy Shield law to go after Google," reports Ars Technica, "with a court ordering the Internet giant to immediately begin poisoning its public DNS servers" to prevent people from reaching pirate streams of football games.

"Italy's communication regulator praises the ruling and hopes to continue sticking it to international tech firms." Spotted by TorrentFreak, AGCOM Commissioner Massimiliano Capitanio took to LinkedIn to celebrate the ruling, as well as the existence of the Italian Piracy Shield. "The Judge confirmed the value of AGCOM's investigations, once again giving legitimacy to a system for the protection of copyright that is unique in the world," said Capitanio. Capitanio went on to complain that Google has routinely ignored AGCOM's listing of pirate sites, which are supposed to be blocked in 30 minutes or less under the law. He noted the violation was so clear-cut that the order was issued without giving Google a chance to respond, known as inaudita altera parte in Italian courts.

Two "groundbreaking research reports" on open source security were announced this week by the Linux Foundation in partnership with the Open Source Security Foundation (OpenSSF) and Linux Foundation Europe. The reports specifically address the EU's Cyber Resilience Act (or CRA) and "highlight knowledge gaps and best practices for CRA compliance."

"Unaware and Uncertain: The Stark Realities of CRA-Readiness in Open Source" includes a survey which found that when it comes to CRA requirements, 62% of respondents were either "not familiar at all" (36%) or "slightly familiar" (26%) — while 51% weren't sure about its deadlines. ("Only 28% correctly identified 2027 as the target year for full compliance," according to one infographic, which adds that CRA "is expected to drive a 6% average price increase, though 53% of manufacturers are still assessing pricing impacts.") Manufacturers, who bear primary responsibility, lack readiness — many [46%] passively rely on upstream security fixes, and only a small portion produce Software Bills of Materials (SBOMs). The report recommends that manufacturers take a more active role in open source security, that more funding and legal support is needed to support security practices, and that clear regulatory guidance is essential to prevent unintended negative impacts on open source development.
The research also provides "an in-depth analysis of how open collaboration can strengthen software security and innovation across global markets," with another report that "examines how three Linux Foundation projects are meeting the CRA's minimum compliance requirements" and "provides insight on the elements needed to ensure leadership in cybersecurity best practices." (It also includes CRA-related resources.)

"These two reports offer actionable conclusions for open source stakeholders to ready themselves for 2027, when the CRA comes into force," according to a Linux Foundation reserach executive cited in the announcement. "We hope that these reports catalyze higher levels of collaboration across the open source community."

European Central Bank Chief Economist Philip Lane warned that Europe must develop a digital euro to counter growing American influence over the continent's financial system [alternative source] amid escalating geopolitical tensions. Lane specifically cited Europe's "current dependence on US payment-card providers Visa and Mastercard, as well as technology companies including PayPal, Apple and Google" as a vulnerability requiring urgent action.

His comments come as President Donald Trump's administration promotes dollar-backed stablecoins worldwide as part of a broader cryptocurrency strategy, alarming European officials. ECB Governing Council member Francois Villeroy de Galhau recently cautioned that "the US risks bringing about the next financial emergency through its support of cryptocurrencies."

"The digital euro is not just about adapting to the digital age. It is about ensuring Europe controls its monetary and financial destiny," Lane told a conference in Ireland, noting that a digital currency would "limit the likelihood of foreign-currency stablecoins gaining a foothold" in Europe.