China has introduced new regulations limiting the use of facial recognition technology, banning its mandatory use and restricting its deployment in private spaces such as hotel rooms and public bathrooms. The new rules, issued by the Cyberspace Administration of China (CAC) and the Ministry of Public Security, aim to enhance personal privacy protections and reduce the risks of data leaks.

While the regulations do not completely prohibit facial recognition, organizations wishing to deploy it must conduct a personal information protection impact assessment and obtain user consent before collecting biometric data. However, government agencies may be exempt, leaving room for continued state surveillance.

The new rules emphasize the need for strict security measures to protect biometric data. Organizations using facial recognition must:

• Encrypt all biometric data to prevent unauthorized access.
• Conduct audits to ensure proper security practices are in place.
• Seek explicit user consent before collecting facial scans.

Additionally, facial recognition is now banned in certain public and private spaces, including:

• Hotel rooms
• Public bathrooms
• Dressing rooms
• Public toilets

Despite these restrictions, the regulations allow researchers and AI algorithm training activities to continue using facial images, raising concerns about whether citizens’ data could still be collected without their consent.

While the Chinese government has not explicitly stated whether it will adhere to these rules, Beijing has historically used facial recognition technology for surveillance, particularly in monitoring ethnic minorities and political dissidents. This suggests that government-led surveillance programs may remain unaffected by the new law.

Zoho’s Ulaa Named India’s Most Patriotic Browser

In an effort to reduce reliance on foreign technology, India has named Zoho’s Ulaa browser the winner of its Web Browser Development Challenge, a competition launched in 2023 to create a homegrown alternative to popular international browsers.

The Indian government’s goal is to develop a browser that uses a root certificate issued by India’s Controller of Certifying Authorities, ensuring local users are not dependent on foreign security certificates.

The Competition and Its Winners

• Zoho’s Ulaa browser secured first place, winning a ₹1 Crore ($115,000) prize.
• Two startups, Team PING and Team Ajna, were named first and second runners-up.

While the Indian government has not yet mandated Ulaa’s adoption, it is unclear whether it will push domestic device manufacturers to integrate the browser into their products. This could be challenging, as major Indian mobile provider Jio has a close partnership with Google, having co-developed a custom version of Android for its low-cost smartphones.

Volt Typhoon-Linked Cyber Gang Targets Taiwan’s Infrastructure

A new cyber threat group, UAT-5918, has launched attacks on Taiwan’s critical infrastructure, targeting sectors such as telecommunications, healthcare, and information technology. The Cisco Talos security team identified the group’s tactics as similar to those used by China-backed Volt Typhoon and Flax Typhoon crews, suggesting a state-sponsored operation.

How UAT-5918 Operates

• The group exploits known, unpatched vulnerabilities in systems.
• It deploys web shells and open-source hacking tools to establish long-term access.
• After infiltrating a network, it moves laterally, stealing sensitive corporate and government data.

The Taiwanese government has long accused China of cyber espionage, with previous attacks targeting military, financial, and industrial sectors. Security experts warn that UAT-5918’s focus on infrastructure suggests an attempt to disrupt Taiwan’s essential services in the event of heightened geopolitical tensions.

Elon Musk’s X Reportedly Sues India Over Content Takedown Laws

Social media giant X (formerly Twitter) has reportedly filed a lawsuit against the Indian government, challenging laws that allow authorities to censor online content.

India’s Strict Content Moderation Laws

India’s government has defended its policies, arguing that some content threatens national security. However, critics claim the government has:

• Used these laws to silence dissent.
• Ordered takedowns of posts about mass protests against government policies.
• Restricted free speech and political expression.

The lawsuit, first reported by Reuters, argues that India’s regulations violate constitutional rights to free speech. It remains to be seen how Indian courts will rule on the case, but X’s legal challenge reflects growing tensions between tech companies and global governments over content moderation.

Japan has introduced a new cybersecurity bill that shifts its defense strategy to “active defense,” including the possibility of offensive cyber operations against foreign adversaries.

What the Bill Proposes

• The Japanese government will have the authority to launch cyberattacks against external threats.
• Critical infrastructure operators (e.g., power grids, railways) will be required to share cybersecurity data with the government.

Public Concerns and Government Assurances

• Some lawmakers worry that the bill will allow the government to intrude on citizens’ privacy.
• Japan’s Digital Minister Masaaki Taira insists the bill includes safeguards and is in line with international norms.

If passed, the law would mark a major shift in Japan’s cybersecurity policy, giving its government the power to proactively neutralize cyber threats instead of just defending against them.

The Australian Strategic Policy Institute (ASPI), a government-funded think tank, has accused Chinese state-backed trolls of harassing its researchers after publishing studies critical of China.

According to ASPI’s executive director Justin Bassi, staff members have faced:

• Online harassment and abuse from pro-China accounts.
• Threats and intimidation, especially targeting female researchers.
• Misinformation campaigns falsely claiming ASPI has halted its China research.

China has long dismissed ASPI’s work as propaganda, while Australia has increasingly pushed back against Beijing’s influence operations. The harassment of ASPI staff highlights the growing tensions between China and Western-aligned institutions.

From China’s facial recognition ban to India’s tech sovereignty push and Japan’s shift toward offensive cyber operations, governments worldwide are redefining their digital policies in response to privacy concerns, cyber threats, and geopolitical conflicts.

While some of these measures aim to enhance national security, others raise questions about privacy, surveillance, and free speech. As global tensions rise, expect further legal battles, policy shifts, and cybersecurity developments in the months ahead.