Author: Eternity Lab

As Apple faces losing control over the App Store in the US, the company published a press release revealing that it stopped over $2 billion in potentially fraudulent transactions and blocked nearly 2 million risky app submissions from reaching users in 2024.

While it’s always interesting to see the company’s efforts to prevent fraud on the App Store, Cupertino is fighting hard to maintain control of its lucrative marketplace. A judge in California has required Apple to let developers offer third-party payment options outside the App Store and to allow Fortnite back on the platform.

Apple says that, according to its annual App Store fraud analysis, it has “protected users by preventing over $9 billion in fraudulent transactions” since 2008. The company also shared a breakdown of its efforts to fight fraud on the App Store:

Account Fraud: In 2024, the company terminated more than 146,000 developer accounts over fraud concerns and rejected an additional 139,000 developer enrollments, preventing bad actors from submitting their apps. Apple also rejected over 711 million customer account creations and deactivated nearly 129 million accounts last year, stopping risky and malicious accounts from spamming or manipulating ratings and reviews.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

App Review: Apple relies on an App Store Review team to ensure submitted apps aren’t fraudulent. On average, the team reviews nearly 150,000 app submissions each week. App Review combines human review and automated processes to detect and take action on apps suspected of potentially harming users. Over 7.7 million apps were reviewed in 2024, and more than 1.9 million were rejected for failing to meet the company’s standards.

Discovery Fraud: In 2024, Apple processed over 1.2 billion ratings and reviews and removed more than 143 million fraudulent ones. That same year, the company also removed over 7,400 apps from App Store charts and nearly 9,500 deceptive apps from appearing in search results.

Payment and Credit Card Fraud: Last year, Apple identified nearly 4.7 million stolen credit cards and banned over 1.6 million accounts from transacting again. Alongside its antifraud measures, Apple provides developers with tools like Apple Pay and StoreKit, which are used by over 420,000 apps to offer users a secure way to make purchases on the App Store.

The company is also offering a new customer support article for the first time that provides information about the tools and resources available to help users on the App Store.

Wrap up

While Apple does a good job with App Store reviews and fraud prevention, the system isn’t perfect. Every now and then, BGR reports on a fraudulent app that makes its way to the store. But the company wants users (and governments across the globe) to know that even if the system has flaws, it’s probably still better than leaving it to others to manage.

After all, Apple keeps telling users the App Store is a “place you can trust.” Still, future fraud reports could look very different as governments push the company to open up its marketplace and support third-party stores or payment systems.

Source

In less than two weeks, Apple will hold its WWDC 2025 keynote. Along with unveiling new features for iOS 19, iPadOS 19, macOS 16, watchOS 12, tvOS 19, and visionOS 3, Apple could also use the event to introduce new products.

There aren’t many rumors about possible hardware announcements at WWDC 2025, but Apple has introduced new products at previous events.

Here’s a quick refresher on what Apple has unveiled at past WWDCs:

• WWDC 2024: No new hardware was introduced.
• WWDC 2023: Apple Vision Pro, 15-inch MacBook Air with the M2 chip, Mac Studio with M2 Max and M2 Ultra, and Mac Pro with M2 Ultra.
• WWDC 2022: M2 MacBook Air.
• WWDC 2021: No new hardware was introduced.
• WWDC 2020: No new hardware was introduced. Apple did offer developers a Mac mini with an A12Z Bionic chip, ahead of the first M1 Macs later that year.

Apple doesn’t usually debut new products at WWDC, but when it does, there can be a lot to see. Here are the devices most likely to be revealed:

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

AirTag 2

Image source: José Adorno for BGR

Apple’s long-rumored AirTag refresh may finally be on the way. With fewer accessories available and analysts pointing to a new Precision Find chip, we might see AirTag 2 announced during the WWDC 2025 keynote.

• Here are the features expected for AirTag 2

Apple’s Smart Display (aka HomePad)

Amazon’s Echo Show 8 in action. Image source: Christian de Looper for BGR

Apple is expected to launch its first smart display later this year. The device will be similar to an Amazon Echo Show.

According to Bloomberg, Apple’s smart home device will have a 6-inch screen and “look like a square iPad.” Placing two iPhones side by side gives a rough idea of its size. It will include a camera above the screen, a rechargeable battery, and internal speakers. The display is expected to come in black and silver options.

While the device will rely heavily on Apple Intelligence, Cupertino might preview it at WWDC 2025, with a release planned for later.

New cases and bands

Image source: José Adorno for BGR

As usual, Apple is expected to refresh its lineup of cases and Apple Watch bands at the WWDC 2025 keynote. New summer colors are likely to be introduced.

What about new Macs?

Image source: Apple Inc.

The only Mac still waiting for an update is the Mac Pro. It’s unclear if Apple will reveal a new version at WWDC 2025, though rumors suggest an M5 Ultra version might arrive next year. The other M5 Macs are expected as soon as the second half of the year.

Wrap up

BGR will keep reporting on any other products Apple might unveil at WWDC. Even if no new hardware is announced, several devices are expected later this year.

Source

Apple’s WWDC 2025 is just a few weeks away, and there’s reason to be excited. Apple is rumored to give the iPhone a big redesign via iOS 19. The same goes for the iPad and Mac.

Rumors say Apple wants a more uniform design experience across the board. iOS 19, iPadOS 19, and macOS 16 will be even more similar than before. The new design should be inspired by visionOS.

Apple Intelligence will be the big elephant in the room, as Apple will somehow have to address this year’s big misfire while also moving forward with new AI features.

However, the “SiriGPT” version of ChatGPT, or an Apple chatbot of its own, might not be unveiled at the show even if it’s supposed to come to iOS 19 at some point in the distant future. A new repot says that Apple is still working on fixing its AI strategy, which involves a more cautious approach to announcing new features.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

Apple detailed an incredibly Siri experience at WWDC 2024, saying the assistant will have access to on-device data for better responses and be able to perform actions in apps. The feature would not be ready by September 2024 but would be released during the iOS 18 cycle.

Apple sold the iPhone 16 as Apple Intelligence-ready phones.

Then, a few months ago, Apple had to admit that the Siri experience it wanted to offer iPhone users with supported hardware would not be ready this year. It might take a while for that Siri variant to come out. It was a rare, humiliating misfire from a company not known to announce features that take longer to ship.

Soon after Apple said the Siri AI versions unveiled at WWDC 2024 would not be available on the iPhone, iPad, and Mac in 2025, we started learning more details about the inner workings of Apple’s AI teams, which showed the various issues Apple has been dealing with internally.

A new report from Bloomberg (via The Verge) indicates that Apple is still fixing its AI strategy and roadmap as it struggles to catch up with rivals.

The report notes that Apple execs, including Craig Federighi, were reluctant to invest in AI because they didn’t see the endgame. That uncertainty is not common at Apple, which knows exactly where it’s heading with its products.

Apple AI chief John Giannandrea supposedly believed people didn’t want AI chatbots, and iPhone users might develop tools like ChatGPT. He was obviously wrong, and I say that as a longtime iPhone user who is also a longtime ChatGPT user. I can’t go back to using the internet without a chatbot on hand, and that includes Apple devices.

I’d love a Siri LLM that can do what ChatGPT does, but I’ll have to wait for that to happen.

Due to Apple’s delays in investing in AI, including buying the expensive GPUs needed for development and actually developing a working SiriGPT, we’ll have to wait longer for Apple to deliver one.

Gurman said in his blog that Apple won’t spend time at WWDC 2025 talking about significant upgrades to Siri, whether it’s the ChatGPT-like experience or the features Apple announced last year.

That’s actually not a bad idea, considering what happened last year. Apple shouldn’t make the same mistake twice, allowing marketing to get ahead of development. Instead, Apple should announce new AI capabilities for Siri whenever it’s ready, whether it’s last year’s experience or ChatGPT-like functionality.

Remember that everyone else in the genAI space releases new AI products and upgrades when they’re ready. Those launches are spread throughout the year and won’t always coincide with big developer events. Take this week’s Google I/O 2025 event that will probably be dedicated to AI announcements. Google will lay the groundwork for various new products, but it’ll continue to upgrade Gemini between this year’s I/O edition and the next.

The Bloomberg report says that Apple continues to work on the Siri LLM version, but it’s building the Siri chatbot from scratch. Apple wanted to give the curent version of Siri ChatGPT abilities, but those efforts failed. The Siri chatbot is supposedly coming from an AI team in Zurich.

Training the Siri chatbot will involve collecting user data from iPhones using a differential privacy technology that doesn’t remove user data from the iPhone. Instead, Apple will compare fake training data with language on the iPhone (like the Mail app) on-device. The synthesized data will go back to Apple for training.

Apple is supposedly considering collecting online data with the Siri model to improve its chatbot abilities. This would turn the Siri AI into an online AI search engine of sorts, similar to Perplexity.

None of this is official, of course. But I’m certain Apple has what it takes to catch up to rivals in the AI race, no matter how long it takes or whether it makes any big Siri announcements next month.

If Apple manages to bring the Siri LLM to iOS 19 before WWDC 2026, I’m sure the company will host some sort of special events to announce its own chatbot. But will Apple actually catch up to ChatGPT, Gemini, and everyone else by next year? That seems hardly likely.

Source

Artificial intelligence (AI) relies on vast amounts of data.

Enterprises that take on AI projects, especially for large language models (LLMs) and generative AI (GenAI), need to capture large volumes of data for model training as well as to store outputs from AI-enabled systems.

That data, however, is unlikely to be in a single system or location. Customers will draw on multiple data sources, including structured data in databases and often unstructured data. Some of these information sources will be on-premises and others in the cloud.

To deal with AI’s hunger for data, system architects need to look at storage across storage area networks (SAN), network attached storage (NAS), and, potentially, object storage.

In this article, we look at the pros and cons of block, file and object storage for AI projects and the challenges of finding the right blend for organisations.

AI’s data mountain

The current generation of AI projects are rarely, if ever, characterised by a single source of data. Instead, generative AI models draw on a wide range of data, much of it unstructured. This includes documents, images, audio and video and computer code, to name a few.

Everything about generative AI is about understanding relationships. You have the source data still in your unstructured data, either file or object, and your vectorised data sitting on block Patrick Smith, Pure Storage

When it comes to training LLMs, the more data sources the better. But, at the same time, enterprises link LLMs to their own data sources, either directly or through retrieval augmented generation (RAG) that improves the accuracy and relevance of results. That data might be documents but can include enterprise applications that hold data in a relational database.

“A lot of AI is driven by unstructured data, so applications point at files, images, video, audio – all unstructured data,” says Patrick Smith, field chief technology officer EMEA at storage supplier Pure Storage. “But people also look at their production datasets and want to tie them to their generative AI projects.”

This, he adds, includes adding vectorisation to databases, which is commonly supported by the main relational database suppliers, such as Oracle.

NAS and SAN

For system architects who support AI projects, this raises the question of where best to store data. The simplest option would be to leave data sources as they are, but this is not always possible.

This could be because data needs further processing, the AI application needs to be isolated from production systems, or current storage systems lack the throughput the AI application requires.

In addition, vectorisation usually leads to large increases in data volumes – a 10 times increase is not untypical – and this puts more demands on production storage.

This means that storage needs to be flexible and needs to be able to scale, and AI project data handling requirements differ during each stage. Training demands large volumes of raw data, inference – running the model in production – might not require as much data but needs higher throughput and minimal latency.

Enterprises tend to keep the bulk of their unstructured data on file access NAS storage. NAS has the advantages of being relatively low cost and easier to manage and scale than alternatives such as direct-attached storage (DAS) or block access SAN storage.

Structured data is more likely to be block storage. Usually this will be on a SAN, although direct attached storage might be sufficient for smaller AI projects.

Here, achieving the best performance – in terms of IOPS and throughput from the storage array – offsets the greater complexity of NAS. Enterprise production systems, such as enterprise resource planning (ERP) and customer relationship management (CRM), will use SAN or DAS to store their data in database files. So, in practice, data for AI is likely to be drawn data from SAN and NAS environments.

“AI data can be stored either in NAS or SAN. It’s all about the way the AI tools want or need to access the data,” says Bruce Kornfeld, chief product officer at StorMagic. “You can store AI data on a SAN, but AI tools won’t typically read the blocks. They’ll use a type of file access protocol to get to the block data.”

It is not necessarily the case that one protocol will better than the other. It depends very much on the nature of the data sources and on the output of the AI system

For a primarily document or image-based AI system, NAS might be fast enough. For an application such as autonomous driving or surveillance, systems might use a SAN or even high-speed local storage.

Again, data architects will also need to distinguish between training and inference phases of their projects and consider whether the overhead of moving data between storage systems outweighs performance benefits, especially in training.

Enter object storage

This has led some organisations to look at object storage as a way of unifying data sources for AI. Object storage is increasingly in use with enterprises, and not just in cloud storage – on-premise object stores are gaining market share too.

Object has some advantages for AI, not least its flat structure and global name space, (relatively) low management overheads, ease of expansion and low cost.

Performance, however, has not been a strength for object storage. This has tended to make it more suited to tasks such as archiving than applications that demand low latency and high levels of data throughput.

Suppliers are working to close the performance gap, however. Pure Storage and NetApp sell storage systems that can handle file and object and, in some cases, block too. These include Pure’s FlashBlade, and hardware that runs NetApp’s OnTap storage operating system. These technologies give storage managers the flexibility to use the best data formats, without creating silos tied to specific hardware.

Others, such as Hammerspace, with its Hyperscale NAS, aim to squeeze additional performance out of equipment that runs the network file system (NFS). This, they argue, prevents bottlenecks where storage fails to keep up with data-hungry graphics processing units (GPUs).

Ticking all the boxes

But until better-performing object storage systems become more widely available, or more enterprises move to universal storage platforms, AI is likely to use NAS, SAN, object and even DAS in combination.

That said, the balance between the elements is likely to change during the lifetime of an AI project, and as AI tools and their applications evolve.

At Pure, Smith has seen requests for new hardware for unstructured data, while block and vector database requirements are being met for most customers on existing hardware.

“Everything about generative AI is about understanding relationships,” he says. “You have the source data still in your unstructured data, either file or object, and your vectorised data sitting on block.”

Source

Just the other day, I wrote about how Apple had a few tricks up its sleeve to make the iPhone 17 Air feature great battery life despite its ultra-thin design. Now, blog Naver news aggregator yeux1122 corroborates that the iPhone 17 Air could actually have decent battery life.

According to a Taiwanese supplier source, the iPhone 17 Air will be incredibly thin (5.5mm), weigh very little (about 145g), and feature a 2,800 mAh battery capacity. That’s similar to the iPhone 12, which has up to 2,815 mAh.

If this turns out to be accurate, a 2025 iPhone might struggle to handle new features without compromising battery life. But the leaker suggests the capacity could increase by 15 to 20% thanks to a possible high-density battery cell.

If Apple can push the battery capacity up to 3,360 mAh in the iPhone 17 Air, it would bring it in line with the iPhone 15, which is great.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

Putting that together with recent leaks, it seems possible that Apple could deliver an ultra-thin device with solid battery life. While I’d still prefer the new battery tech in an iPhone 17 Pro Max, this means users open to trying something different won’t have to deal with too many compromises.

You can also expect these other battery improvements for the iPhone 17 Air:

• Apple proprietary chips: Apple improved the iPhone 16e’s battery life thanks to the new cellular modem, the C1 chip. Apple is expected to use its own C1 processor, Wi-Fi modem, and A19 chip. By skipping third-party components, the company can offer tighter hardware and software integration, which should help battery performance.
• ProMotion technology: After years of keeping Always-On Display and ProMotion exclusive to Pro models, Apple will bring these features to the iPhone 17 and iPhone 17 Air models. If the rumors are accurate, the devices will benefit from dynamic refresh rates that use less battery.
• AI features: Bloomberg‘s Mark Gurman reports that Apple is working on an AI-driven feature to save battery life. While it’s unclear if this will roll out with iOS 19, it could be a great way to tackle any potential battery concerns with the iPhone 17 Air.

There’s also a rumor that Apple is working on a new Smart Battery Case accessory. These have been popular in the past, even among Pro Max users.

All things considered, the iPhone 17 Air looks like a solid new option for Apple fans who want an ultra-thin phone that harkens back to the good old days of the iPhone 6.

Source

The UK government has announced that its artificial intelligence (AI) suite, Humphrey, is being trialled by a number of local councils.

Its AI tool, Minute, takes notes in meetings, and was recently used in one chaired by prime minister Keir Starmer.

Part of Humphrey, the package of AI tools built to help civil servants deliver for ministers and the public more effectively, uses generative AI to turn meetings into notes and provides tools for correcting summaries. The government found that early tests using Minute showed officials saved an hour of admin per one-hour meeting.

The Department for Science, Innovation and Technology (DSIT) said Minute can help speed up actions after planning meetings, allowing officers to focus on the task at hand rather than paperwork, and make informed decisions to get homes built. It’s currently being trialled by 25 local councils.

Among the ways it’s being used is to help streamline burdensome admin tasks in the planning process as part of the government’s plans to build 1.5 million homes by 2030.

Lords minister for housing and local government Sharon Taylor said: “Local councils are on the frontline of housing delivery, and we’re backing them with cutting-edge AI technology like Minute so officers can spend less time buried in admin and more time helping to get Britain building.

“This is alongside our landmark reforms to deliver 1.5 million homes, including the Planning and Infrastructure Bill, which will get working people and families into secure homes and boost economic growth right across the country,” she said.

Minute can also be used to take notes in meetings between social care workers and their supervisors, allowing workers to focus on offering more support instead of being bogged down by bureaucracy.  

The Minute trial ties in with a broader government initiative to help local councils use technology to improve essential services they are responsible for delivering to local residents. To fulfil one of the actions in the 50-point AI Opportunities Plan of Action, which was published in January, the government has also introduced an AI Knowledge Hub for sharing examples of how local councils are using technology so others can learn from them – such as an AI assistant that speeds up the reporting of fly-tipping and graffiti in central London.

In 2024, a Local Government Association (LGA) survey found that the majority of councils who took part in the poll (85%) were using or exploring how they would use AI. The areas where most respondents had realised benefits from using AI were staff productivity (35%), service efficiencies (32%) and cost savings (22%).

However, the LGA reported that the five biggest barriers to deploying AI identified by respondents were a lack of funding (64%), a lack of staff capabilities (53%), a lack of staff capacity (50%), a lack of sufficient governance and a lack of clear use cases (41% each).

The government’s own State of digital government review, published earlier this year, reported that each of the 320 local authorities in England negotiate technology contracts with big tech companies independently – when many are buying exactly the same tools – making this spending much less effective. The trials with AI-based tools built on Humphrey and the AI Knowledge Hub represent an attempt by the government to reduce the barriers to deploying AI across the public sector.

AI and digital government minister Feryal Clark said: “From parking permits and planning permission, local councils handle some of the services that impact our daily lives most. For too long, they have been left to fend for themselves when keeping up with rapid innovations in AI and digital technology – when we know it has huge potential to help solve many of the challenges they face.

She added that the government was going to work with local councils to help them buy and build the technology they need to deliver Labour’s Plan for Change and support their local communities more effectively. 

Source

AirPods Max is one of Apple’s weirdest products. First introduced in late 2020, it was the company’s first attempt to produce high-end headphones. At the time, AirPods Max was a revolutionary product because it offered AirPods’ magical features, an unparalleled high-end finish, and the company’s shiny H1 audio chips.

While AirPods Max is my favorite headphone pair to date, Apple customers were hesitant to buy one due to the high price. That said, some of those who did had another complaint: how heavy these headphones are.

AirPods Max weighs 13.6 ounces (386.2 grams) and is definitely a heavy product. While they’ve never caused me discomfort, many people report neck pain after prolonged use. This might soon change.

According to analyst Ming-Chi Kuo, Apple is finally working on a lighter version of AirPods Max. While the analyst is careful not to call it a second-generation product, it seems Apple might be ready to upgrade its most expensive headphones.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

AirPods may not see significant updates until 2026 (aligning with my earlier prediction that IR camera-equipped AirPods would enter mass production in 2026). A lighter version of the AirPods Max is expected to enter mass production in 2027.AirPods可能要到2026年才會有顯著更新…

— 郭明錤 (Ming-Chi Kuo) (@mingchikuo) May 18, 2025

This report comes a few months after Bloomberg‘s Mark Gurman suggested Apple had no concrete plans to update the headphones beyond a slight USB-C tweak with new colors in late 2024. Fortunately, it seems Cupertino might have changed its mind.

What’s notable about Kuo’s report is that a true second-generation product could take up to seven years to develop. Still, Apple will likely upgrade the headphones by then with a new (unannounced) H3 or H4 chip. This lighter version could also address another common issue: the Smart Case.

While AirPods Pro 3 is expected to launch later this year, Kuo says AirPods will only get more interesting in 2026 when the company plans to add an IR camera to them. Rumors suggest Apple wants to include this feature to support Apple Intelligence and add new health capabilities.

Source

Mobile operator Three UK recently completed the first stage of a “landmark” trial resulting in the UK’s first deployment of open radio access network (Open RAN) technology in a dense urban environment, building on earlier trials that had taken place in rural locations.

The trial is part of the Small Cells ORAN in Dense Areas (Sconda) project, a partnership between Three UK, Mavenir, AWTG, Freshwave, PI Works, the Scotland 5G Centre and Accenture, with the support of Glasgow City Council and financial backing by the Department for Science, Innovation and Technology (DSIT).

Sconda seeks to address the unique technical and commercial challenges of urban areas and will be the first in the world to integrate Open RAN and traditional RAN in a high-density, high-demand environment handling live traffic.

The project will see the creation, integration, optimisation and delivery of an Open RAN network in Glasgow City Centre, integrated with the existing Three UK Core Network and operating alongside its traditional RAN. Sconda will create a small cell densification layer in high-demand urban hotspots to offload the macro traffic and provide a better customer experience.

The Glasgow trial was designed to test the viability of deploying Open RAN in a complex city setting. The centre of Scotland’s largest city was selected to assess how the technology performs in busy, high-traffic areas, where integration with existing infrastructure and multiple technologies presents additional complexity.

The specific Glasgow City Centre location chosen was identified as a current hotspot for Three customers, both in footfall and mobile traffic. The project will handle live traffic from Three customers, aiming to provide improvement in both coverage and capacity. The project will further look to enable automation of network performance within the challenging radio environment of Glasgow city centre.

The trial results are encouraging and provide a strong foundation for further scaling and optimisation of Open RAN in cities Iain Milligan, Three UK

It will also aim to demonstrate how Open RAN can be deployed, integrated and managed within the wider Three network in Glasgow, and evaluate how Open RAN compares with the quality and capacity of a traditional RAN network.

By installing compact Open RAN-compliant small cells on street furniture, Three UK said it has delivered “impressive results”. Specifically, the company revealed that both 4G and 5G speeds doubled at peak times, with 5G speeds reaching up to 520Mbps. The improved performance is also said to help ease congestion on surrounding network sites by increasing overall capacity.

Following the successful trial of 18 live sites in Glasgow, the project will now move into its final deployment phase, expanding to a total of 34 Open RAN small cell sites across the city centre.

Commenting on the Glasow trial, Three UK chief network officer Iain Milligan said: “This is the UK’s first Open RAN trial to tackle the real-world complexity of a dense urban environment. Urban deployments bring a different level of technical and operational challenge compared to rural environments. We’ve had to navigate integration with legacy systems, security layers and evolving software – all while delivering measurable improvements for customers. The trial results are encouraging and provide a strong foundation for further scaling and optimisation of Open RAN in cities.”

Source

During his recent visit to Brussels, Microsoft chief Brad Smith committed his company to defending European interests from ‘geopolitical volatility’, including the impact of potential US administration interventions.

Suggesting that Microsoft is ‘critically dependent on sustaining the trust of customers, countries, and government across Europe’, anyone leaving his session with EU leaders should have reasonably felt buoyed up by his words; but might also have sensibly awaited evidence of the commitments being applied in practice before relying upon them.

If so, the news that the International Criminal Court (ICC) chief prosecutor and his staff have had their Microsoft email and services cancelled in direct response to US government sanctions might come as an unwelcome reality check.

According to media reports, ICC chief prosecutor Karim Khan had his Microsoft email and other services suspended after the US applied sanctions in February to all ICC staff in response to their investigations into key Israeli politicians.

The circumstances of the situation that gave rise to those sanctions are outside the scope of this article, and largely irrelevant to the problems these service suspensions indicate, however.

Regardless of the ‘why’, what the service suspensions demonstrate is that Microsoft has the means (and when it comes down to it also possess the will) to do the US government’s bidding and disrupt services to any party deemed to be unacceptable.

This is almost exactly contrary to the assurances Brad Smith so very recently gave.

The disconnection of prosecutor Khan is a mouse-click heard around the world, and will undoubtedly give anyone using or currently considering the adoption of Microsoft cloud technologies pause for thought.

By disconnecting the ICC staff in this way, Microsoft has done themselves some serious damage, and how much may take some time yet to become clear.

Immediately after the disconnection became public, the Dutch government and public bodies are reported to have accelerated their examination of non-Microsoft and EU-located alternative services.

Meanwhile, several suppliers have indicated an uptick in requests for backup of key data to protect against possible Microsoft disconnections.

Press coverage in Germany suggests these concerns are rippling out to them also, whilst the Nordics and France have long made clear that they see a future that is distinctly less Azure in colour.

The likelihood or otherwise of further disconnections is unclear, and for most users it should be considered very unlikely that Microsoft will start switching off services for no good reason.

With 25% of Microsoft’s global revenues coming from European customers, it is unlikely to act rashly to damage that market, and can generally be counted on to be sensible and not commit commercial suicide – so most customers should not be worried.

Nonetheless much of the damage to the confidence of public sector bodies might well have already been done.

Governments like to be in control of their own destiny and that extends to digital services and data.

When a key supplier they have relied upon for many years shows themselves to be subject to the whims and foibles of a foreign government – friendly or otherwise – most public sector buyers intuitively know it’s time to find an alternative provider “just-in-case”. Having a plan B option is just common sense.

The big problem for Microsoft is that in the IT sector “just-in-case” or plan B options, often become strategic plan A directions of travel. And a trickle of departures can quite soon become a flood. Governments are herd animals – when one turns they all tend to follow.

I’m not by any measure suggesting we are going to see an overnight exodus. Even if that was technically feasible (which it isn’t in most cases), these organisations are a bit concerned, not panicked.

However, these previously affirmed Microsoft user groups are now openly talking about the need for alternatives to the Redmond cloud provider, and that should have Microsoft worried.

Concerns that US hyperscalers might be subjected to pressure from US authorities to disclose information have existed for some time but have been broadly assuaged by repeated promises and commitments from Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft that they would resist such requests and protect their customers.

When it has come to the acid test, however, many clearly feel that Microsoft has failed, and that instead of protecting the ICC as a key pillar of the global legal community, instead acted as an instrument of US policy.

To restore his own email access, prosecutor Khan reportedly turned to Proton Mail, the Swiss end-to-end encrypted mail service beloved of whistleblowers and other digital refugees.

Proton Mail operate under its own constraints and obligations to disclose information to the Swiss government on demand, but this is limited to IP address info, rather than email payloads, which it is generally accepted they cannot access.

In doing so it’s likely that Mr Khan has had to forgo some user functionality and ease of use – but he may feel that’s a small price to pay to protect his office and role from US government influence.

That might be a choice others have to make in the months and years to come, since regardless of their choice of cloud provider, the lesson here is that we cannot always trust them to rigorously and strongly protect our data or our services, despite what they may say, or how often they do so.

In this case, Microsoft’s actions sadly speak a lot louder than Mr Smith’s words.

Source

Essex Police has not properly considered the potentially discriminatory impacts of its live facial recognition (LFR) use, according to documents obtained by Big Brother Watch and shared with Computer Weekly.

While the force claims in an equality impact assessment (EIA) that “Essex Police has carefully considered issues regarding bias and algorithmic injustice”, privacy campaign group Big Brother Watch said the document – obtained under Freedom of Information (FoI) rules – shows it has likely failed to fulfil its public sector equality duty (PSED) to consider how its policies and practices could be discriminatory.

The campaigners highlighted how the force is relying on false comparisons to other algorithms and “parroting misleading claims” from the supplier about the LFR system’s lack of bias.

For example, Essex Police said that when deploying LFR, it will set the system threshold “at 0.6 or above, as this is the level whereby equitability of the rate of false positive identification across all demographics is achieved”.

However, this figure is based on the National Physical Laboratory’s (NPL) testing of NEC’s Neoface V4 LFR algorithm deployed by the Metropolitan Police and South Wales Police, which Essex Police does not use.

Instead, Essex Police has opted to use an algorithm developed by Israeli biometrics firm Corsight, whose chief privacy officer, Tony Porter, was formerly the UK’s surveillance camera commissioner until January 2021.

Highlighting testing of the Corsight_003 algorithm conducted in June 2022 by the US National Institute of Standards and Technology (NIST), the EIA also claims it has “a bias differential FMR [False Match Rate] of 0.0006 overall, the lowest of any tested within NIST at the time of writing, according to the supplier”.

However, looking at the NIST website, where all of the testing data is publicly shared, there is no information to support the figure cited by Corsight, or its claim to essentially have the least biased algorithm available.

A separate FoI response to Big Brother Watch confirmed that, as of 16 January 2025, Essex Police had not conducted any “formal or detailed” testing of the system itself, or otherwise commissioned a third party to do so.

Essex Police’s lax approach to assessing the dangers of a controversial and dangerous new form of surveillance has put the rights of thousands at risk Jake Hurfurt, Big Brother Watch

“Looking at Essex Police’s EIA, we are concerned about the force’s compliance with its duties under equality law, as the reliance on shaky evidence seriously undermines the force’s claims about how the public will be protected against algorithmic bias,” said Jake Hurfurt, head of research and investigations at Big Brother Watch.

“Essex Police’s lax approach to assessing the dangers of a controversial and dangerous new form of surveillance has put the rights of thousands at risk. This slapdash scrutiny of their intrusive facial recognition system sets a worrying precedent.

“Facial recognition is notorious for misidentifying women and people of colour, and Essex Police’s willingness to deploy the technology without testing it themselves raises serious questions about the force’s compliance with equalities law. Essex Police should immediately stop their use of facial recognition surveillance.”

The need for UK police forces deploying facial recognition to consider how their use of the technology could be discriminatory was highlighted by a legal challenge brought against South Wales Police by Cardiff resident Ed Bridges.

In August 2020, the UK Court of Appeal ruled that the use of LFR by the force was unlawful because the privacy violations it entailed were “not in accordance” with legally permissible restrictions on Bridges’ Article 8 privacy rights; it did not conduct an appropriate data protection impact assessment (DPIA); and it did not comply with its PSED to consider how its policies and practices could be discriminatory.

The judgment specifically found that the PSED is a “duty of process and not outcome”, and requires public bodies to take reasonable steps “to make enquiries about what may not yet be known to a public authority about the potential impact of a proposed decision or policy on people with the relevant characteristics, in particular for present purposes race and sex”.

Big Brother Watch said equality assessments must rely on “sufficient quality evidence” to back up the claims being made and ultimately satisfy the PSED, but that the documents obtained do not demonstrate the force has had “due regard” for equalities.

Academic Karen Yeung, an interdisciplinary professor at Birmingham Law School and School of Computer Science, told Computer Weekly that, in her view, the EIA is “clearly inadequate”.

She also criticised the document for being “incoherent”, failing to look at the systemic equalities impacts of the technology, and relying exclusively on testing of entirely different software algorithms used by other police forces trained on different populations: “This does not, in my view, fulfil the requirements of the public sector equality duty. It is a document produced from a cut-and-paste exercise from the largely irrelevant material produced by others.”

Essex Police responds

Computer Weekly contacted Essex Police about every aspect of the story.

“We take our responsibility to meet our public sector equality duty very seriously, and there is a contractual requirement on our LFR partner to ensure sufficient testing has taken place to ensure the software meets the specification and performance outlined in the tender process,” said a spokesperson.

“There have been more than 50 deployments of our LFR vans, scanning 1.7 million faces, which have led to more than 200 positive alerts, and nearly 70 arrests.

“To date, there has been one false positive, which, when reviewed, was established to be as a result of a low-quality photo uploaded onto the watchlist and not the result of bias issues with the technology. This did not lead to an arrest or any other unlawful action because of the procedures in place to verify all alerts. This issue has been resolved to ensure it does not occur again.”

The spokesperson added that the force is also committed to carrying out further assessment of the software and algorithms, with the evaluation of deployments and results being subject to an independent academic review.

“As part of this, we have carried out, and continue to do so, testing and evaluation activity in conjunction with the University of Cambridge. The NPL have recently agreed to carry out further independent testing, which will take place over the summer. The company have also achieved an ISO 42001 certification,” said the spokesperson. “We are also liaising with other technical specialists regarding further testing and evaluation activity.”

However, the force did not comment on why it was relying on the testing of a completely different algorithm in its EIA, or why it had not conducted or otherwise commissioned its own testing before operationally deploying the technology in the field.

Computer Weekly followed up Essex Police for clarification on when the testing with Cambridge began, as this is not mentioned in the EIA, but received no response by time of publication.

‘Misleading’ testing claims

Although Essex Police and Corsight claim the facial recognition algorithm in use has “a bias differential FMR of 0.0006 overall, the lowest of any tested within NIST at the time of writing”, there is no publicly available data on NIST’s website to support this claim.

Drilling down into the demographic split of false positive rates shows, for example, that there is a factor of 100 more false positives in West African women than for Eastern European men.

While this is an improvement on the previous two algorithms submitted for testing by Corsight, other publicly available data held by NIST undermines Essex Police’s claim in the EIA that the “algorithm is identified by NIST as having the lowest bias variance between demographics”.

Looking at another metric held by NIST – FMR Max/Min, which refers to the ratio between demographic groups that give the most and least false positives – it essentially represents how inequitable the error rates are across different age groups, sexes and ethnicities.

In this instance, smaller values represent better performance, with the ratio being an estimate of how many times more false positives can be expected in one group over another.

According to the NIST webpage for “demographic effects” in facial recognition algorithms, the Corsight algorithm has an FMR Max/Min of 113(22), meaning there are at least 21 algorithms that display less bias. For comparison, the least biased algorithm according to NIST results belongs to a firm called Idemia, which has an FMR Max/Min of 5(1).

However, like Corsight, the highest false match rate for Idemia’s algorithm was for older West African women. Computer Weekly understands this is a common problem with many of the facial recognition algorithms NIST tests because this group is not typically well-represented in the underlying training data of most firms.

Computer Weekly also confirmed with NIST that the FMR metric cited by Corsight relates to one-to-one verification, rather than the one-to-many situation police forces would be using it in.

This is a key distinction, because if 1,000 people are enrolled in a facial recognition system that was built on one-to-one verification, then the false positive rate will be 1,000 times larger than the metrics held by NIST for FMR testing.

“If a developer implements 1:N (one-to-many) search as N 1:1 comparisons, then the likelihood of a false positive from a search is expected to be proportional to the false match for the 1:1 comparison algorithm,” said NIST scientist Patrick Grother. “Some developers do not implement 1:N search that way.”

Commenting on the contrast between this testing methodology and the practical scenarios the tech will be deployed in, Birmingham Law School’s Yeung said one-to-one is for use in stable environments to provide admission to spaces with limited access, such as airport passport gates, where only one person’s biometric data is scrutinised at a time.

“One-to-many is entirely different – it’s an entirely different process, an entirely different technical challenge, and therefore cannot typically achieve equivalent levels of accuracy,” she said.

Computer Weekly contacted Corsight about every aspect of the story related to its algorithmic testing, including where the “0.0006” figure is drawn from and its various claims to have the “least biased” algorithm.

“The facts presented in your article are partial, manipulated and misleading,” said a company spokesperson. “Corsight AI’s algorithms have been tested by numerous entities, including NIST, and have been proven to be the least biased in the industry in terms of gender and ethnicity. This is a major factor for our commercial and government clients.”

However, Corsight was either unable or unwilling to specify which facts are “partial, manipulated or misleading” in response to Computer Weekly’s request for clarification.

Computer Weekly also contacted Corsight about whether it has done any further testing by running N one-to-one comparisons, and whether it has changed the system’s threshold settings for detecting a match to suppress the false positive rate, but received no response on these points.

While most facial recognition developers submit their algorithms to NIST for testing on an annual or bi-annual basis, Corsight last submitted an algorithm in mid-2022. Computer Weekly contacted Corsight about why this was the case, given that most algorithms in NIST testing show continuous improvement with each submission, but again received no response on this point.

Homeland Security testing

The Essex Police EIA also highlights testing of the Corsight algorithm conducted in 2022 by the Department of Homeland Security (DHS), claiming it demonstrated “Corsight’s capability to perform equally across all demographics”.

However, Big Brother Watch’s Hurfurt highlighted that the DHS study focused on bias in the context of true positives, and did not assess the algorithm for inequality in false positives.

This is a key distinction for the testing of LFR systems, as false negatives where the system fails to recognise someone will likely not lead to incorrect stops or other adverse effects, whereas a false positive where the system confuses two people could have more severe consequences for an individual.

The DHS itself also publicly came out against Corsight’s representation of the test results, after the firm claimed in subsequent marketing materials that “no matter how you look at it, Corsight is ranked #1. #1 in overall recognition, #1 in dark skin, #1 in Asian, #1 in female”.

Speaking with IVPM in August 2023, DHS said: “We do not know what this claim, being ‘#1’ is referring to.” The department added that the rules of the testing required companies to get their claims cleared through DHS to ensure they do not misrepresent their performance.

In its breakdown of the test results, IVPM noted that systems of multiple other manufacturers achieved similar results to Corsight. The company did not respond to a request for comment about the DHS testing.

Computer Weekly contacted Essex Police about all the issues raised around Corsight testing, but received no direct response to these points from the force.

Key equality impacts not considered

While Essex Police claimed in its EIA that it “also sought advice from their own independent Data and Digital Ethics Committee in relation to their use of LFR generally”, meeting minutes obtained via FoI rules show that key impacts had not been considered.

For example, when one panel member questioned how LFR deployments could affect community events or protests, and how the force could avoid the technology having a “chilling presence”, the officer present (whose name has been redacted from the document) said “that’s a pretty good point, actually”, adding that he had “made a note” to consider this going forward.

The EIA itself also makes no mention of community events or protests, and does not specify how different groups could be affected by these different deployment scenarios.

Elsewhere in the EIA, Essex Police claims that the system is likely to have minimal impact across age, gender and race, citing the 0.6 threshold setting, as well as NIST and DHS testing, as ways of achieving “equitability” across different demographics. Again, this threshold setting relates to a completely different system used by the Met and South Wales Police.

For each protected characteristic, the EIA has a section on “mitigating” actions that can be taken to reduce adverse impacts.

While the “ethnicity” section again highlights the National Physical Laboratory’s testing of a completely different algorithm, most other sections note that “any watchlist created will be done so as close to the deployment as possible, therefore hoping to ensure the most accurate and up-to-date images of persons being added are uploaded”.

However, Yeung noted that the EIA makes no mention of the specific watchlist creation criteria beyond high-level “categories of images” that can be included, and the claimed equality impacts of that process.

For example, it does not consider how people from certain ethnic minority or religious backgrounds could be disproportionally impacted as a result of their over-representation in police databases, or the issue of unlawful custody image retention whereby the Home Office is continuing to hold millions of custody images illegally in the Police National Database (PND).

While the ethics panel meeting minutes offer greater insight into how Essex Police is approaching watchlist creation, the custody image retention issue was also not mentioned.

Responding to Computer Weekly’s questions about the meeting minutes and the lack of scrutiny of key issues related to UK police LFR deployments, an Essex Police spokesperson said: “Our polices and processes around the use of live facial recognition have been carefully scrutinised through a thorough ethics panel.”

Proportionality and necessity: the Southend ‘intelligence’ case

Instead, the officer present explained how watchlists and deployments are decided based on the “intelligence case”, which then has to be justified as both proportionate and necessary.

On the “Southend intelligence case”, the officer said deploying in the town centre would be permissible because “that’s where the most footfall is, the most opportunity to locate outstanding suspects”.

They added: “The watchlist [then] has to be justified by the key elements, the policing purpose. Everything has to be proportionate and strictly necessary to be able to deploy… If the commander in Southend said, ‘I want to put everyone that’s wanted for shoplifting across Essex on the watchlist for Southend’, the answer would be no, because is it necessary? Probably not. Is it proportionate? I don’t think it is. Would it be proportionate to have individuals who are outstanding for shoplifting from the Southend area? Yes, because it’s local.”

However, the officer also said that, on most occasions, the systems would be deployed to catch “our most serious offenders”, as this would be easier to justify from a public perception point of view. They added that, during the summer, it would be easier to justify deployments because of the seasonal population increase in Southend.

“We know that there is a general increase in violence during those months. So, we don’t need to go down to the weeds to specifically look at grievous bodily harm [GBH] or murder or rape, because they’re not necessarily fuelled by a spike in terms of seasonality, for example,” they said.

“However, we know that because the general population increases significantly, the level of violence increases significantly, which would justify that I could put those serious crimes on that watchlist.”

Commenting on the responses given to the ethics panel, Yeung said they “failed entirely to provide me with confidence that their proposed deployments will have the required legal safeguards in place”.

According to the Court of Appeal judgment against South Wales Police in the Bridges case, the force’s facial recognition policy contained “fundamental deficiencies” in relation to the “who” and “where” question of LFR.

“In relation to both of those questions, too much discretion is currently left to individual police officers,” it said. “It is not clear who can be placed on the watchlist, nor is it clear that there are any criteria for determining where AFR [automated facial recognition] can be deployed.”

Yeung added: “The same applies to these responses of Essex Police force, failing to adequately answer the ‘who’ and ‘where’ questions concerning their proposed facial recognition deployments.

“Worse still, the court stated that a police force’s local policies can only satisfy the requirements that the privacy interventions arising from use of LFR are ‘prescribed by law’ if they are published. The documents were obtained by Big Brother Watch through freedom of information requests, strongly suggesting that these even these basic legal safeguards are not being met.”

Yeung added that South Wales Police’s use of the technology was found to be unlawful in the Bridges case because there was excessive discretion left in the hands of individual police officers, allowing undue opportunities for arbitrary decision-making and abuses of power.

Every decision … must be specified in advance, documented and justified in accordance with the tests of proportionality and necessity. I don’t see any of that happening Karen Yeung, Birmingham Law School

“Every decision – where you will deploy, whose face is placed on the watchlist and why, and the duration of deployment – must be specified in advance, documented and justified in accordance with the tests of proportionality and necessity,” she said.

“I don’t see any of that happening. There are simply vague claims that ‘we’ll make sure we apply the legal test’, but how? They just offer unsubstantiated promises that ‘we will abide by the law’ without specifying how they will do so by meeting specific legal requirements.”

Yeung further added these documents indicate that the police force is not looking for specific people wanted for serious crimes, but setting up dragnets for a wide variety of ‘wanted’ individuals, including those wanted for non-serious crimes such as shoplifting.

“There are many platitudes about being ethical, but there’s nothing concrete indicating how they propose to meet the legal tests of necessity and proportionality,” she said.

“In liberal democratic societies, every single decision about an individual by the police made without their consent must be justified in accordance with law. That means that the police must be able to justify and defend the reasons why every single person whose face is uploaded to the facial recognition watchlist meets the legal test, based on their specific operational purpose.”

Yeung concluded that, assuming they can do this, police must also consider the equality impacts of their actions, and how different groups are likely to be affected by their practical deployments: “I don’t see any of that.”

In response to the concerns raised around watchlist creation, proportionality and necessity, an Essex Police spokesperson said: “The watchlists for each deployment are created to identify specific people wanted for specific crimes and to enforce orders. To date, we have focused on the types of offences which cause the most harm to our communities, including our hardworking businesses.

“This includes violent crime, drugs, sexual offences and thefts from shops. As a result of our deployments, we have arrested people wanted in connection with attempted murder investigations, high-risk domestic abuse cases, GBH, sexual assault, drug supply and aggravated burglary offences. We have also been able to progress investigations and move closer to securing justice for victims.”

Source