Governance
India Bets on AI Detection. Every Regulator Should Watch What Happens Next
(Mahsa Alimardani, Jacobo Castellanos, Bruna Santos – Tech Policy Press) In late December, a blurry video captured a protester facing down security forces in Tehran. Someone used AI editing tools to sharpen the image and make it more shareable. The Iranian regime pointed to the visible AI artifacts and dismissed the photo as fabricated. The moment was real, verified from multiple angles and by independent fact-checkers, but without any record of what was edited and what the original showed, the regime’s narrative stuck. An Israeli Persian-language account then shared the edited version, enabling the regime to spin a broader conspiracy narrative that the protests themselves were manufactured by a foreign enemy. As documented in The Atlantic, the case illustrates what happens when there is no verifiable record of how content was made and enforcement depends entirely on detecting manipulation after the fact. Detection produced a binary answer that AI was involved, but that collapsed the difference between an image fabricated entirely by AI and an authentic photo sharpened using AI tools. A provenance record showing what was changed and what the original source was would have made it far harder to dismiss the documentation outright. On Friday, February 20, just as India wraps its AI Impact Summit in New Delhi, India’s IT Amendment Rules 2026 on synthetically generated information (SGI) or synthetic audio-visual content will come into force, and they risk replicating this problem at the level of national regulation. – https://www.techpolicy.press/india-bets-on-ai-detection-every-regulator-should-watch-what-happens-next/
The Aadhaar Paradox – Domestic Failures and Global Success
(Shruti Trikanad – Tech Policy Press) India’s biometric identity system, Aadhaar, is increasingly held up as a defining example of successful digital governance in the Global South. As the world’s largest biometric identity system, it is framed as proof that population-scale digital infrastructure can be deployed cheaply, efficiently, and at speed. In recent years, Aadhaar has been positioned not merely as a national identification system, but as the foundational layer of India’s “Digital Public Infrastructure” (DPI)— a modular, interoperable set of digital rails that other countries can adopt to modernize welfare delivery and financial inclusion, and achieve digital sovereignty India’s leadership has actively promoted this model on international platforms, presenting Aadhaar as a transferable success story. India’s G20 presidency in 2022 and this week’s AI Impact Summit, hosted by India, offer an opportunity to demonstrate that Aadhaar and the various DPI solutions designed to work with it position India for digital success globally. This essay argues that Aadhaar’s global appeal has been carefully constructed by foregrounding technological scale and efficiency while managing, minimizing, and selectively erasing its domestic contestations. – https://www.techpolicy.press/the-aadhaar-paradox-domestic-failures-and-global-success/
Why AI Sovereignty Depends on Interoperability Standards
(Eileen Donahoe, Konstantinos Komaitis – Tech Policy Press) As leaders and stakeholders from across the world convene at India’s AI Impact Summit, ‘AI sovereignty’ has emerged as a shared concern across advanced and emerging economies alike. The debate is no longer about whether states should retain control over the artificial intelligence systems that shape their societies, but about how that control can be exercised in a deeply interconnected technological ecosystem. As AI becomes embedded in public services, critical infrastructure, and security systems, the protocols that govern how systems connect, operate, and are overseen increasingly determine where power lies. These standards decide who bears risk, who can intervene when systems fail, and who can exit when values or priorities change. In the AI era, sovereignty is exercised less through territorial control than through infrastructure design. Political authority now runs through the AI stack: compute, data, models, interfaces, orchestration layers, and APIs. When these layers are tightly coupled to proprietary platforms, sovereignty is quietly hollowed out. When they are open and interoperable, it is preserved through choice. – https://www.techpolicy.press/why-ai-sovereignty-depends-on-interoperability-standards/
Funders Must Rethink How to Lead Through Tech-Inflected Uncertainty
(Michelle Shevin, Charley Johnson – Tech Policy Press) 2025 forced leaders in public interest technology to confront what has always been true: uncertainty is unavoidable. Political upheaval, climate instability, and technological “disruption” all point in the same direction: we are in a moment of rapid and unpredictable change. Philanthropic leaders, especially those focused on tech policy, feel this acutely. They work in complex, evolving systems but rely on tools and practices designed for certainty and control. The craft of making grants — including the practices and tools funders use to develop strategies, shape proposals, and measure impact — is dominated by if-then thinking, causal theories of change, fixed goals, long-term planning, discrete measurement, and attempts to catalogue ‘what happened’ and assess ‘impact.’. Artificial intelligence complicates this dynamic further. Companies are selling the narrative that AI is “changing everything” so that their solution — all-purpose answer machines — hits the mark. But generative AI tools don’t manage uncertainty, they collapse uncertainty and complexity into a neat interface. The answer offered is a flattened facsimile of reality. Generative AI as it is currently configured only obscures uncertainty and plays into our human desire for control. This is the challenge philanthropic leaders — and, indeed, the broader public interest technology community — must confront at this moment: how to adapt amidst uncertainty in an organizational context that doesn’t tolerate it, and within a broader system that makes it harder to see clearly. We propose that public interest technology leaders should stop viewing uncertainty as a problem to solve and instead see it as a reality to navigate in relationship with one another. This requires a mindset shift —from an if-then approach that presumes control and predictability to one that embraces uncertainty, adaptivity, and attunement. And, it requires a more strategic shift that we characterize within philanthropy as an evolution from grant craft to systems craft. Ultimately, this moment requires leaders to build what we and others call relational infrastructure — with one another and the organizations and communities they support — to sense, act, and adapt together. We focus here on philanthropic leaders because their decisions significantly impact the choices organizations can make and the approaches they can pursue, but much of the below applies to organizations stewarding responsible and public interest technology, and technology policy more broadly. – https://www.techpolicy.press/funders-must-rethink-how-to-lead-through-techinflected-uncertainty/
Geostrategies
AI Impact Summit – From Davos to New Delhi, Rupture of Global Order Tests AI Governance
(Alison Gillwald – Tech Policy Press) While the focus of the latest geopolitical and geoeconomic machinations is on more traditional notions of power, territorial sovereignty, and securing access to oil and trade, this is merely the backdrop for a struggle for dominance over advanced, data-driven technologies and the critical resources required to develop and deploy them. A close reading of the Trump administration’s new National Security Strategy (NSS), for example, reveals that ‘strategic assets’ being referred to are data infrastructures and artificial intelligence systems. And in response to such US posturing on its doorstep, Canada Prime Minister Mark Carney is pushing for “sovereign AI” to maintain control over technology within national borders, investing heavily in computational infrastructure traditionally supplied by the US, while collaborating with international partners to advance AI safety and security. Carney recently struck a trade deal with China, the US’s biggest AI rival. Through a new Office of Digital Transformation, artificial intelligence is now a cornerstone of Canadian economic policy aimed at driving productivity and industrial innovation. This is the important context for the Davos discourse, couched in references to the Cold War era, the end of the international order, and alarm about the possible deployment of dual-use AI technology in warfare. No mention there of the amplification of inequality by general-purpose AI technology cutting across all aspects of the economy and society, and little reference not only to the uneven impacts of harms on marginalized communities but also to the unprecedented opportunities associated with advanced data-driven technologies—some of the issues which will be reflected at least to some degree in the Global South focus of AI Impact Summit taking place this week in New Delhi. – https://www.techpolicy.press/from-davos-to-new-delhi-rupture-of-global-order-tests-ai-governance/
AI Impact Summit – Microsoft will invest $50B in “Global South” to bridge AI divide
(Justinas Vainilavičius – Cybernews) Artificial intelligence (AI) usage in North America, Europe, and other regions of the so-called Global North is currently twice as high as in Global South countries, which risk missing out on “the biggest opportunity of the 21st century,” Microsoft has warned. Microsoft said it is on pace to invest $50 billion by the end of the decade to help bring AI to countries across the Global South, announcing the plan at the India AI Impact Summit in New Delhi on February 18th. The Global South refers to developing, emerging, or lower-income countries, mostly in the southern hemisphere, as opposed to wealthier, more industrialized nations of the Global North. – https://cybernews.com/ai-news/microsoft-global-south-ai-divide/
AI Impact Summit – How the global effort to keep AI safe went off the rails
(Pieter Haeck, Tom Bristow and Océane Herrero – Politico) It started as an elite political conversation in an English country house to rein in this generation’s most powerful technology. Now it’s a business dealmaking free-for-all in an Indian megacity. The annual global artificial intelligence summit, which takes place in New Delhi this week, has grown from 150 to 35,000 delegates in less than three years. In the process, the original motivation for the summit — as a global conversation to agree on safeguards to keep AI technology in check — has been relegated to quiet corners of the gathering. – https://www.politico.eu/article/how-the-global-effort-to-keep-ai-safe-went-off-the-rails/
Security and Surveillance
Docs reveal significant increase in ICE data stored on Microsoft cloud: What info is it collecting?
(Konstancija Gasaitytė – Cybernews) An increase in ICE’s budget has enabled the organization to ensure it doesn’t run out of cloud storage. In addition to finding new, technologically advanced ways to conduct its investigations, Immigration and Customs Enforcement (ICE) has also increased its dependence on the Microsoft cloud platform. ICE has increased the amount of data it stores on the Microsoft Azure cloud platform by 3 times in the last 6 months of 2025, according to documents acquired by the Guardian. – https://cybernews.com/security/ice-microsoft-azure-cloud/
AI Assistants Used as Covert Command-and-Control Relays
(Alessandro Mascellino – Infosecurity Magazine) AI assistants with web browsing features can be repurposed as covert command-and-control (C2) channels, allowing malicious traffic to blend into routine enterprise communications. According to new findings from Check Point Research (CPR), platforms including Grok and Microsoft Copilot can be manipulated through their public web interfaces to fetch attacker-controlled URLs and return responses. In effect, the AI service acts as a proxy, relaying commands to infected machines and sending stolen data back out, without requiring an API key or even a registered account. This approach shifts AI from a development aid for attackers into an operational component of malware itself. – https://www.infosecurity-magazine.com/news/ai-assistants-covert-c2-relays/
Why Your Organization Should Start Quantum Preparedness Today (Even If Quantum Computers Are Years Away)
(Moona Ederveen-Schneider – Infosecurity Magazine) Too many industry conversations start like this: “Why should we start preparing now? It sounds really hard”. But adversaries are already preparing. They are already harvesting encrypted data to decrypt it once quantum computers become powerful enough. These “harvest now, decrypt later” attacks are happening today, in secret. If your organization holds data that will still be sensitive in 5, 10, or 20 years, that data is at risk right now. Data retention spans vary dramatically across industries: a decade for financial records, 25+ years for pharmaceutical trials, lifetimes for healthcare, and 75+ years for classified government information. Further, the systems protecting this data or steering industrial plants often take 15-25 years to replace and make them quantum secure. If quantum preparedness is delayed, the quantum threat can manifest with dire consequences: imagine the impact of combining the Ashley Maddison breach, Panama Papers, and Wikileaks, all over the globe, all at the same time. In addition, quantum computing threatens the security of cryptocurrency, blockchain, and digital signatures. Thankfully, quantum preparedness is not the overwhelming technical challenge many assume. The foundations are the same security practices your organization should already be implementing: proper data governance and systematic risk management. – https://www.infosecurity-magazine.com/opinions/why-your-organization-should-start/
Future-Proofing Critical Infrastructure: National Gas CTO Darren Curley on IT/OT Security Integration
(Kevin Poireault – Infosecurity Magazine) As chief technology officer (CTO) of National Gas, Darren Curley oversee the technology strategy of one of the most critical entities in the UK, maintaining Britain’s high-pressure gas transmission system, transporting gas to homes, businesses and power stations through 5000 miles of pipeline. After a 30-plus-year career in IT architecture, Curley joined the company in 2022. He now works alongside National Gas’s CISO, Polly Cameron, to align the cybersecurity strategy across three domains: enterprise IT systems, industrial systems and critical national infrastructure (CNI) systems. – https://www.infosecurity-magazine.com/interviews/national-gas-cto-darren-curley-it/
Record Number of Ransomware Victims and Groups in 2025
(Phil Muncaster – Infosecurity Magazine) Security researchers observed a 30% annual increase in ransomware victims listed on extortion sites last year, with AI helping to lower the barrier to entry for new threat groups. Searchlight Cyber’s new report, Ransomware’s Record Year: Tracking a Volatile Landscape in H2 2025, tracked 7458 victims on dark web leak sites in 2025. These numbers were split virtually 50:50 between the first and second half of the year. To put the annual growth figure in perspective, victim numbers increased by just 13% between 2023 and 2024. – https://www.infosecurity-magazine.com/news/record-number-ransomware-victims/
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
(Pierluigi Paganini – Security Affairs) Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. “Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Machines, tracked as CVE-2026-22769, with a CVSSv3.1 score of 10.0.” reads the report published by Google. “Analysis of incident response engagements revealed that UNC6201, a suspected PRC-nexus threat cluster, has exploited this flaw since at least mid-2024 to move laterally, maintain persistent access, and deploy malware including SLAYSTYLE, BRICKSTORM, and a novel backdoor tracked as GRIMBOLT.”. The vulnerability, tracked as CVE-2026-22769, involves hardcoded credentials and was abused to gain access to VMware backup systems. – https://securityaffairs.com/188176/apt/china-linked-apt-weaponized-dell-recoverpoint-zero-day-since-2024.html
Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign
(Pierluigi Paganini – Security Affairs) Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled in device firmware, hidden inside system apps, or even distributed via official stores like Google Play. Currently used for ad fraud by turning infected phones into click bots, some variants also allow attackers to gain full remote control of compromised devices. After uncovering the Triada backdoor in counterfeit Android firmware, researchers found another firmware-level threat called Keenadu. Like Triada, Keenadu embeds itself into the system during the build process, injects into the Zygote process, and infects every app launched on the device. It acts as a multi-stage loader, enabling full remote control, ad fraud, credential theft, and malicious payload delivery. The researchers reported that some infected firmware was even pushed via OTA updates and built into core system apps. Investigators also linked Keenadu to major Android botnets, including Triada, BADBOX, and Vo1d. – https://securityaffairs.com/188147/malware/keenadu-backdoor-found-preinstalled-on-android-devices-powers-ad-fraud-campaign.html
Doorbell cams, surveillance tech face growing backlash
(Sam Sabin – Axios) Sentiment around widely used home surveillance tools is souring as high-profile cases reveal just how deeply law enforcement can tap the data they generate. Why it matters: What once felt like a personal security upgrade now feels to many like participation in a broader law enforcement apparatus they didn’t sign up for. New AI advancements have made it easier to search, cross-reference and retain massive amounts of video and license plate data, raising the stakes of what once felt like localized neighborhood tools. Driving the news: A Super Bowl ad for Amazon’s Ring doorbell camera touting the ability of the device’s new Search Party feature to locate lost dogs has spurred widespread backlash. – https://www.axios.com/2026/02/17/doorbell-cams-and-surveillance-tech-face-growing-public-backlash