Yesterday 331 MEPs voted to bring Chat Control back under an urgency procedure the President should never have allowed. Here is every one of the 415 who did not oppose it, with their voting records and every lobbyist they have met.
A child abuse survivor urges MEPs to reject Chat Control — mass scanning won't protect children, and it breaks the encryption survivors need to safely report abuse.
The US Supreme Court has just ruled the FTC isn't independent of the President - and our entire data deal with America was built on the promise that it was.
Google's AI named Putin and Xi as dangers to the world but went soft on the US president invading Iran - and a German court has just ruled that whatever its AI says, Google said it.
Amazon's Ring Familiar Faces biometrically scans every person who approaches a Ring doorbell, performs the match in Amazon's cloud rather than on the device that could have done it locally, and stores faceprints of non-consenting strangers for up to thirty days. The architectural choice produces two independent breaches: a GDPR exposure the household-activity defence cannot reach, and an avoidable datacentre carbon cost that brings the feature within the conceptual territory of the Environmental Crimes Directive. This piece walks through Articles 5, 6, 9, 13 and 25 GDPR, the Lindqvist, Rynes, Fashion ID and Jehovan todistajat line of CJEU authority, and Directive (EU) 2024/1203, and asks the regulators directly when biometric mass-processing of non-consenting people will be treated as the breach it plainly is.
CIPA wiretapping claims and the new EU Environmental Crimes Directive have one thing in common: they are won and lost on forensic evidence of what a website actually does at runtime. Inbound demand for that evidence has outrun us, so WebSentinel orders are now queued. Here is why both regimes turn on evidence, what that evidence has to prove, and why cookie-banner tooling cannot produce it.
On 27 April 2026 I lodged a formal complaint with Malta's Information and Data Protection Commissioner against Anthropic. The IDPC has now confirmed in writing that no Maltese citizen has any protection under the ePrivacy Directive against any tech company not established in Malta. That is a direct breach of Articles 7 and 47 of the EU Charter, of Article 19(1) TEU, and of Malta's obligations under Directive 2002/58/EC. This piece walks through the IDPC's correspondence in full, the 2009 Phorm precedent in which the European Commission opened infringement proceedings against the United Kingdom for an analogous failure, and why Malta has now made an Article 258 TFEU complaint to the Commission unavoidable.
Every CMP I have looked at in fifteen years sets a cookie before the user has consented to anything. That is a direct breach of Article 5(3) of the ePrivacy Directive, restated by the CJEU in Planet49 (C-673/17), and reinforced by the Belgian decision against the IAB TCF. This piece explains, step by step, what a lawful consent flow actually looks like and why every cookie banner you have ever seen is wrong.
Google Chrome is downloading a 4 GB Gemini Nano model onto users' machines without consent, with no opt-in, no opt-out short of enterprise tooling, and an automatic re-download every time the user deletes it. The pattern is identical to the Anthropic Claude Desktop case I wrote about last month, but the scale is between two and three orders of magnitude larger. This article does the legal analysis and, for the first time, the environmental analysis. The numbers are not small.
Anthropic ignored the Claude Desktop spyware findings. A formal Cease and Desist has now been issued, with 72 hours before criminal and civil complaints follow.
Anthropic's Claude Desktop silently installs a Native Messaging bridge into seven Chromium browsers, including browsers Anthropic's own documentation says it does not support, and browsers the user has not even installed.
A forensic reference to every client-side privacy vulnerability in Google Chrome — fingerprinting, storage tracking, header leaks — and how to detect each.