Bluesky has blocked access to its service in Mississippi rather than comply with a new state law requiring age verification for all social media users. TechCrunch reports: In a blog post published on Friday, the company explains that, as a small team, it doesn't have the resources to make the substantial technical changes this type of law would require, and it raised concerns about the law's broad scope and privacy implications. Mississippi's HB 1126 requires platforms to introduce age verification for all users before they can access social networks like Bluesky. On Thursday, U.S. Supreme Court justices decided to block an emergency appeal that would have prevented the law from going into effect as the legal challenges it faces played out in the courts. As a result, Bluesky had to decide what it would do about compliance.

Instead of requiring age verification before users could access age-restricted content, this law requires age verification of all users. That means Bluesky would have to verify every user's age and obtain parental consent for anyone under 18. The company notes that the potential penalties for noncompliance are hefty, too -- up to $10,000 per user. Bluesky also stresses that the law goes beyond child safety, as intended, and would create "significant barriers that limit free speech and disproportionately harm smaller platforms and emerging technologies." To comply, Bluesky would have to collect and store sensitive information from all its users, in addition to the detailed tracking of minors. This is different from how it's expected to comply with other age verification laws, like the U.K.'s Online Safety Act (OSA), which only requires age checks for certain content and features.

Mississippi's law blocks anyone from using the site unless they provide their personal and sensitive information. The company notes that its decision only applies to the Bluesky app built on the AT Protocol. Other apps may approach the decision differently.

An anonymous reader quotes a report from the BBC: A lawyer representing the online message board 4chan says it won't pay a proposed fine by the UK's media regulator as it enforces the Online Safety Act. According to Preston Byrne, managing partner of law firm Byrne & Storm, Ofcom has provisionally decided to impose a 20,000-pound fine "with daily penalties thereafter" for as long as the site fails to comply with its request. "Ofcom's notices create no legal obligations in the United States," he told the BBC, adding he believed the regulator's investigation was part of an "illegal campaign of harassment" against US tech firms.

"4chan has broken no laws in the United States -- my client will not pay any penalty," Mr Byrne said. Ofcom began investigating 4chan over whether it was complying with its obligations under the UK's Online Safety Act. Then in August, it said it had issued 4chan with "a provisional notice of contravention" for failing to comply with two requests for information. Ofcom said its investigation would examine whether the message board was complying with the act, including requirements to protect its users from illegal content. "American businesses do not surrender their First Amendment rights because a foreign bureaucrat sends them an email," law firms Byrne & Storm and Coleman Law wrote. "Under settled principles of US law, American courts will not enforce foreign penal fines or censorship codes. If necessary, we will seek appropriate relief in US federal court to confirm these principles."

The statement calls on the Trump administration to intervene and protect American businesses from "extraterritorial censorship mandates."

India has moved a legislation to ban online money gaming due to rising instances of addiction, money laundering and financial frauds through these apps. From a report: A bill passed in the lower house of Parliament on Wednesday seeks to prohibit promotion and operation of gaming apps that require users to pay money for the chance to win cash. The move threatens India's $3.8 billion gaming industry that has drawn global investors and also fostered homegrown fantasy sports betting apps such as Dream11, Games24X7 and Mobile Premier League.

"People lose their life's savings in online money gaming," India's Minister for Information and Broadcasting Ashwini Vaishnaw told lawmakers in New Delhi. He said the government intends to curb the addiction and financial harm that comes with online money gaming, but will promote e-sports and social gaming.

The women-only dating-advice app Tea "has been hit with 10 potential class action lawsuits in federal and state court," NBC News reported last week, "after a data breach led to the leak of thousands of selfies, ID photos and private conversations online." The suits could result in Tea having to pay tens of millions of dollars in damages to the plaintiffs, which could be catastrophic for the company, an expert told NBC News... One of the suits lists the right-wing online discussion board 4chan and the social platform X as defendants, alleging that they allowed bad actors to spread users' personal information.
But meanwhile, a new competing app for men called "TeaOnHer" has already been launched. And it was also found to have enormous security flaws, reports TechCrunch, that "exposed its users' personal information, including photos of their driver's licenses and other government-issued identity documents..." [W]hen we looked at the TeaOnHer's public internet records, it had no meaningful information other than a single subdomain, appserver.teaonher.com. When we opened this page in our browser, what loaded was the landing page for TeaOnHer's API (for the curious, we uploaded a copy here)... It was on this landing page that we found the exposed email address and plaintext password (which wasn't that far off from "password") for [TeaOnHer developer Xavier] Lampkin's account to access the TeaOnHer "admin panel"... This API landing page included an endpoint called /docs, which contained the API's auto-generated documentation (powered by a product called Swagger UI) that contained the full list of commands that can be performed on the API [including administrator commands to return user data]...

While it's not uncommon for developers to publish their API documentation, the problem here was that some API requests could be made without any authentication — no passwords or credentials were needed...

The records returned from TeaOnHer's server contained users' unique identifiers within the app (essentially a string of random letters and numbers), their public profile screen name, and self-reported age and location, along with their private email address. The records also included web address links containing photos of the users' driver's licenses and corresponding selfies. Worse, these photos of driver's licenses, government-issued IDs, and selfies were stored in an Amazon-hosted S3 cloud server set as publicly accessible to anyone with their web addresses. This public setting lets anyone with a link to someone's identity documents open the files from anywhere with no restrictions...

The bugs were so easy to find that it would be sheer luck if nobody malicious found them before we did. We asked, but Lampkin would not say if he has the technical ability, such as logs, to determine if anyone had used (or misused) the API at any time to gain access to users' verification documents, such as by scraping web addresses from the API. In the days since our report to Lampkin, the API landing page has been taken down, along with its documentation page, and it now displays only the state of the server that the TeaOnHer API is running on as "healthy."
The flaws were discovered while TeaOnHer was the #2 free app in the Apple App Store, the article points out. And while these flaws "appear to be resolved," the article notes a larger issue. "Shoddy coding and security flaws highlight the ongoing privacy risks inherent in requiring users to submit sensitive information to use apps and websites,"

And TeaOnHer also had another authentication issue. A female reporter at Cosmopolitan also noted Friday that TeaOnHer "lets you browse through profiles before your verifications are complete. So literally anyone (like myself) can read reviews..."

A federal judge struck down California's strict anti-deepfake election law, citing Section 230 protections rather than First Amendment concerns. Politico reports: [Judge John Mendez] also said he intended to overrule a second law, which would require labels on digitally altered campaign materials and ads, for violating the First Amendment. [...] The first law would have blocked online platforms from hosting deceptive, AI-generated content related to an election in the run-up to the vote. It came amid heightened concerns about the rapid advancement and accessibility of artificial intelligence, allowing everyday users to quickly create more realistic images and videos, and the potential political impacts. But opponents of the measures ... also argued the restrictions could infringe upon freedom of expression.

The original challenge was filed by the creator of the video, Christopher Kohls, on First Amendment grounds, with X later joining the case after [Elon Musk] said the measures were "designed to make computer-generated parody illegal." The satirical right-wing news website the Babylon Bee and conservative social media site Rumble also joined the suit. Mendez said the first law, penned by Democratic state Assemblymember Marc Berman, conflicted with the oft-cited Section 230 of the federal Communications Decency Act, which shields online platforms from liability for what third parties post on their sites. "They don't have anything to do with these videos that the state is objecting to," Mendez said of sites like X that host deepfakes.

But the judge did not address the First Amendment claims made by Kohls, saying it was not necessary in order to strike down the law on Section 230 grounds. "I'm simply not reaching that issue," Mendez told the plaintiffs' attorneys. [...] "I think the statute just fails miserably in accomplishing what it would like to do," Mendez said, adding he would write an official opinion on that law in the coming weeks. Laws restricting speech have to pass a strict test, including whether there are less restrictive ways of accomplishing the state's goals. Mendez questioned whether approaches that were less likely to chill free speech would be better. "It's become a censorship law and there is no way that is going to survive," Mendez added.

The Chinese government "has embarked on an all-out drive to transform the technology from a remote concept to a newfangled reality, with applications on factory floors and in hospitals and government offices..." reports the Washington Post.

"[E]xperts say Beijing is pursuing an alternative playbook in an attempt to bridge the gap" with America: "aggressively pushing for the adoption of AI across the government and private sector." DeepSeek has been put to work over the last six months on a wide variety of government tasks. Procurement documents show military hospitals in Shaanxi and Guangxi provinces specifically requesting DeepSeek to build online consultation and health record systems. Local government websites describe state organs using DeepSeek for things like diverting calls from the public and streamlining police work. DeepSeek helps "quickly discover case clues and predict crime trends," which "greatly improves the accuracy and timeliness of crime fighting," a city government in China's Inner Mongolia region explained in a February social media post. Anti-corruption investigations — long a priority for Chinese leader Xi Jinping — are another frequent DeepSeek application, in which models are deployed to comb through dry spreadsheets to find suspicious irregularities. In April, China's main anti-graft agency even included a book called "Efficiently Using DeepSeek" on its official book recommendation list...

Alfred Wu, an expert on China's public governance at the National University of Singapore, said Beijing has disseminated a "top-down" directive to local governments to use AI. This is motivated, Wu said, by a desire to improve China's AI prowess amid a fierce rivalry with Washington by providing models access to vast stores of government data.

But not everyone is convinced that China has the winning hand, even as it attempts to push AI application nationwide. For one, China's sluggish economy will impact the AI industry's ability to grow and access funding, said Scott Singer [an expert on China's AI sector at the Carnegie Endowment for International Peace, who was attending the conference]... Others point out that local governments trumpeting their usage of DeepSeek is more about signaling than real technology uptake. Shen Yang, a professor at Tsinghua University's school of artificial intelligence, said DeepSeek is not being used at scale in anti-corruption work, for example, because the cases involve sensitive information and deploying new tools in these investigations requires long and complex approval processes.

An anonymous reader quotes a report from TorrentFreak: Efforts to introduce pirate site blocking to the United States continue with the introduction of the "Block BEARD" bill (PDF) in the Senate. The bipartisan proposal, backed by Senators Tillis, Coons, Blackburn, and Schiff, aims to create a new legal mechanism to combat foreign piracy websites. Block BEARD is similar to the previously introduced House bill "FADPA", but doesn't directly mention DNS resolvers. [...] The site-blocking proposal seeks to amend U.S. copyright law, enabling rightsholders to request federal courts to designate online locations as a "foreign digital piracy site". If that succeeds, courts can subsequently order U.S. service providers to block access to these sites.

Pirate site designation would be dependent on rightsholders showing that they are harmed by a site's activities, that reasonable efforts had been made to notify the site's operator, and that a reasonable investigation confirms the operator is not located within the United States. Additionally, rightsholders must show that the site is primarily designed for piracy, has limited commercial purpose, or is intentionally marketed by its operator to promote copyright-infringing activities. If the court classifies a website as a foreign pirate site, rightsholders can go back to court to request a blocking order. At this stage, the court will determine whether it is technically and practically feasible for ISPs to block the site, and consider any potential harm to the public interest. The granted orders would stay in place for a year with the option to extend if necessary. If blocked sites switch to new locations, the court can also amend blocking orders to include new IP addresses and domain names.

The Block BEARD bill broadly applies to service providers as defined in section 512(k)(1)(A) of the DMCA. This is a broad definition that applies to residential ISPs, but also to search engines, social media platforms, and DNS resolvers. Service providers with fewer than 50,000 subscribers are explicitly excluded, and the same applies to venues such as coffee shops, libraries, and universities that offer internet access to visitors. Unlike the FADPA bill introduced by Representative Lofgren earlier this year, the Senate bill does not specifically mention DNS resolvers. Block BEARD does not mention VPNs, but its broad definition of "service provider" could be interpreted to include them. The proposal states that providers have the option to contest their inclusion in a blocking order. Once an order is issued, they would have the freedom to choose their own blocking techniques. There are no transparency requirements mentioned in the bill, so if and how the public is informed is unclear.

An anonymous reader quotes a report from Reuters: Australia said on Wednesday it will add YouTube to sites covered by its world-first ban on social media for teenagers, reversing an earlier decision to exempt the Alphabet-owned video-sharing site and potentially setting up a legal challenge. The decision came after the internet regulator urged the government last month to overturn the YouTube carve-out, citing a survey that found 37% of minors reported harmful content on the site, the worst showing for a social media platform.

"I'm calling time on it," Prime Minister Anthony Albanese said in a statement highlighting that Australian children were being negatively affected by online platforms, and reminding social media of their social responsibility. "I want Australian parents to know that we have their backs." The decision broadens the ban set to take effect in December. YouTube says it is used by nearly three-quarters of Australians aged 13 to 15, and should not be classified as social media because its main activity is hosting videos. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens. It's not social media," a YouTube spokesperson said by email.

Brian Krebs writes via KrebsOnSecurity: Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working in partnership with popular social media personalities, such as Mr. Beast, who recently launched a gaming business called Beast Games. The ads invariably state that by using a supplied "promo code," interested players can claim a $2,500 credit on the advertised gaming website.

The gaming sites all require users to create a free account to claim their $2,500 credit, which they can use to play any number of extremely polished video games that ask users to bet on each action. At the scam website gamblerbeast[.]com, for example, visitors can pick from dozens of games like B-Ball Blitz, in which you play a basketball pro who is taking shots from the free throw line against a single opponent, and you bet on your ability to sink each shot. The financial part of this scam begins when users try to cash out any "winnings." At that point, the gaming site will reject the request and prompt the user to make a "verification deposit" of cryptocurrency -- typically around $100 -- before any money can be distributed. Those who deposit cryptocurrency funds are soon asked for additional payments. However, any "winnings" displayed by these gaming sites are a complete fantasy, and players who deposit cryptocurrency funds will never see that money again. Compounding the problem, victims likely will soon be peppered with come-ons from "recovery experts" who peddle dubious claims on social media networks about being able to retrieve funds lost to such scams. [...]

[T]hreat hunting platform Silent Push reveals at least 1,270 recently-registered and active domains whose names all invoke some type of gaming or wagering theme. Here is a list of all domains that Silent Push found were using the scambling network's chat API.

Proton VPN reported a 1,400 percent hourly increase in signups over its baseline Friday — the day the UK's age verification law went into effect. For UK users, "apps with explicit content must now verify visitors' ages via methods such as facial recognition and banking info," notes Mashable: Proton VPN previously documented a 1,000 percent surge in new subscribers in June after Pornhub left France, its second-biggest market, amid the enactment of an age verification law there... A Proton VPN spokesperson told Mashable that it saw an increase in new subscribers right away at midnight Friday, then again at 9 a.m. BST. The company anticipates further surges over the weekend, they added. "This clearly shows that adults are concerned about the impact universal age verification laws will have on their privacy," the spokesperson said... Search interest for the term "Proton VPN" also saw a seven-day spike in the UK around 2 a.m. BST Friday, according to a Google Trends chart.
The Financial Times notes that VPN apps "made up half of the top 10 most popular free apps on the UK's App Store for iOS this weekend, according to Apple's rankings." Proton VPN leapfrogged ChatGPT to become the top free app in the UK, according to Apple's daily App Store charts, with similar services from developers Super Unlimited and Nord Security also rising over the weekend... Data from Google Trends also shows a significant increase in search queries for VPNs in the UK this weekend, with up to 10 times more people looking for VPNs at peak times...

"This is what happens when people who haven't got a clue about technology pass legislation," Anthony Rose, a UK-based tech entrepreneur who helped to create BBC iPlayer, the corporation's streaming service, said in a social media post. Rose said it took "less than five minutes to install a VPN" and that British people had become familiar with using them to access the iPlayer outside the UK. "That's the beauty of VPNs. You can be anywhere you like, and anytime a government comes up with stupid legislation like this, you just turn on your VPN and outwit them," he added...

Online platforms found in breach of the new UK rules face penalties of up to £18mn or 10 percent of global turnover, whichever is greater... However, opposition to the new rules has grown in recent days. A petition submitted through the UK parliament website demanding that the Online Safety Act be repealed has attracted more than 270,000 signatures, with the vast majority submitted in the past week. Ministers must respond to a petition, and parliament has to consider its topic for a debate, if signatures surpass 100,000.
X, Reddit and TikTok have also "introduced new 'age assurance' systems and controls for UK users," according to the article. But Mashable summarizes the situation succinctly.

"Initial research shows that VPNs make age verification laws in the U.S. and abroad tricky to enforce in practice."

Massive mobile device tracking data has exposed the interconnected network of Myanmar's expanding scam centers, revealing how trafficked workers circulate between compounds despite February crackdowns. Analysis of 4.9 million location records from 11,930 mobile devices between January 2024 and May 2025 showed five devices visited all three major compounds -- Yatai New City, Apolo Park, and Yulong Bay Park -- plus the raided KK Park and Huanya Park facilities.

Workers are forced into romance scams, deceiving victims into believing they're in romantic relationships before extracting money. A South Asian man held six months at KK Park worked 16 hours daily conducting these online deceptions while enduring beatings and electric shocks for poor performance. Nikkei's investigation combined satellite imagery analysis, social media posts from Chinese platform Douyin, and open-source intelligence techniques to document continued construction at eight of 16 suspected sites. Myanmar authorities deported over 66,000 foreign nationals involved in these online fraud operations between October 2023 and June 2025.

Twitter co-founder/Block CEO Jack Dorsey isn't just vibe coding new apps like Bitchat and Sun Day. He's also "invested $10 million in an effort to fund experimental open source projects and other tools that could ultimately transform the social media landscape," reports TechCrunch," funding the projects through an online collective formed in May called "andOtherStuff: [T]he team at "andOtherStuff" is determined not to build a company but is instead operating like a "community of hackers," explains Evan Henshaw-Plath [who handles UX/onboarding and was also Twitter's first employee]. Together, they're working to create technologies that could include new consumer social apps as well as various experiments, like developer tools or libraries, that would allow others to build apps for themselves.

For instance, the team is behind an app called Shakespeare, which is like the app-building platform Lovable, but specifically for building Nostr-based social apps with AI assistance. The group is also behind heynow, a voice note app built on Nostr; Cashu wallet; private messenger White Noise; and the Nostr-based social community +chorus, in addition to the apps Dorsey has already released. Developments in AI-based coding have made this type of experimentation possible, Henshaw-Plath points out, in the same way that technologies like Ruby on Rails, Django, and JSON helped to fuel an earlier version of the web, dubbed Web 2.0.

Related to these efforts, Henshaw-Plath sat down with Dorsey for the debut episode of his new podcast, revolution.social with @rabble... Dorsey believes Bluesky faces the same challenges as traditional social media because of its structure — it's funded by VCs, like other startups. Already, it has had to bow to government requests and faced moderation challenges, he points out. "I think [Bluesky CEO] Jay [Graber] is great. I think the team is great," Dorsey told Henshaw-Plath, "but the structure is what I disagree with ... I want to push the energy in a different direction, which is more like Bitcoin, which is completely open and not owned by anyone from a protocol layer...."

Dorsey's initial investment has gotten the new nonprofit up and running, and he worked on some of its initial iOS apps. Meanwhile, others are contributing their time to build Android versions, developer tools, and different social media experiments. More is still in the works, says Henshaw-Plath.

"There are things that we're not ready to talk about yet that'll be very exciting," he teases.

Reddit has begun verifying users' ages in the UK to restrict access to "certain mature content" for minors, complying with the UK's Online Safety Act. The BBC reports: Reddit, known for its online communities and discussions, said that while it does not want to know who its audience is: "It would be helpful for our safety efforts to be able to confirm whether you are a child or an adult." Ofcom, the UK regulator, said: "We expect other companies to follow suit, or face enforcement if they fail to act." Reddit said that from 14 July, an outside firm called Persona will perform age verification for the social media platform either through an uploaded selfie or "a photo of your government ID," such as a passport. It said Reddit will not have access to the photo and will only retain a user's verification status and date of birth so people do not have to re-enter it each time they try to access restricted content. Reddit added that Persona "promises not to retain the picture for longer than seven days" and will not have access to a user's data on the site. The new rules in the UK come into force on 25 July. [...]

Companies that fail to meet the rules face fines of up to 18 million pounds or 10% of worldwide revenue, "whichever is greater." [Ofcom] added that in the most serious cases, it can seek a court order for "business disruption measures," such as requiring payment providers or advertisers to withdraw their services from a platform, or requiring Internet Service Providers to block access to a site in the UK."

A small fraction of hyperactive social media users generates the vast majority of toxic online content, according to research by New York University psychology professor Jay Van Bavel and colleagues Claire Robertson and Kareena del Rosario. The study found that 10% of users produce roughly 97% of political tweets, while just 0.1% of users share 80% of fake news.

Twelve accounts known as the "disinformation dozen" created most vaccine misinformation on Facebook during the pandemic, the research found. In experiments, researchers paid participants to unfollow divisive political accounts on X. After one month, participants reported 23% less animosity toward other political groups. Nearly half declined to refollow hostile accounts after the study ended, and those maintaining healthier newsfeeds reported reduced animosity 11 months later. The research describes social media as a "funhouse mirror" that amplifies extreme voices while muting moderate perspectives.

Mark Zuckerberg said on Monday that Meta would spend hundreds of billions of dollars to build several massive AI data centers for superintelligence, intensifying his pursuit of a technology that he has chased with a talent war for top AI engineers. From a report: The social media giant is among the large technology companies that have chased high-profile deals and doled out multi-million-dollar pay packages in recent months to fast-track work on machines that can outthink humans on most tasks.

Unveiling the spending commitment in a Threads post on Monday, CEO Zuckerberg touted the strength in the company's core advertising business to support the massive spending that has raised concerns among tech investors about potential payoffs. "We have the capital from our business to do this," Zuckerberg said. He also cited a report from a chip industry publication Semianalysis that said Meta is on track to be the first lab to bring online a 1-gigawatt-plus supercluster, which refers to a massive data center built to train advanced AI models.

Graphic artists in China are pushing back against AI image generators, which they say "profoundly shifts clients' perception of their work, specifically in terms of how much that work costs and how much time it takes to produce," reports The Verge. "Freelance artists or designers working in industries with clients that invest in stylized, eye-catching graphics, like advertising, are particularly at risk." From the report: Long before AI image generators became popular, graphic designers at major tech companies and in-house designers for large corporate clients were often instructed by managers to crib aesthetics from competitors or from social media, according to one employee at a major online shopping platform in China, who asked to remain anonymous for fear of retaliation from their employer. Where a human would need to understand and reverse engineer a distinctive style to recreate it, AI image generators simply create randomized mutations of it. Often, the results will look like obvious copies and include errors, but other graphic designers can then edit them into a final product.

"I think it'd be easier to replace me if I didn't embrace [AI]," the shopping platform employee says. Early on, as tools like Stable Diffusion and Midjourney became more popular, their colleagues who spoke English well were selected to study AI image generators to increase in-house expertise on how to write successful prompts and identify what types of tasks AI was useful for. Ultimately, it was useful for copying styles from popular artists that, in the past, would take more time to study. "I think it forces both designers and clients to rethink the value of designers," Jia says. "Is it just about producing a design? Or is it about consultation, creativity, strategy, direction, and aesthetic?" [...]

Across the board, though, artists and designers say that AI hype has negatively impacted clients' view of their work's value. Now, clients expect a graphic designer to produce work on a shorter timeframe and for less money, which also has its own averaging impact, lowering the ceiling for what designers can deliver. As clients lower budgets and squish timelines, the quality of the designers' output decreases. "There is now a significant misperception about the workload of designers," [says Erbing, a graphic designer in Beijing who has worked with several ad agencies and asked to be called by his nickname]. "Some clients think that since AI must have improved efficiency, they can halve their budget." But this perception runs contrary to what designers spend the majority of their time doing, which is not necessarily just making any image, Erbing says.

Australia's eSafety Commissioner has urged the government to deny YouTube an exemption from upcoming child safety regulations, citing research showing it exposes more children to harmful content than any other platform. YouTube pushed back, calling the commissioner's stance inconsistent with government data and parental feedback. "The quarrel adds an element of uncertainty to the December rollout of a law being watched by governments and tech leaders around the world as Australia seeks to become the first country to fine social media firms if they fail to block users aged under 16," reports Reuters. From the report: The centre-left Labor government of Anthony Albanese has previously said it would give YouTube a waiver, citing the platform's use for education and health. Other social media companies such as Meta's Facebook and Instagram, Snapchat, and TikTok have argued such an exemption would be unfair. eSafety Commissioner Julie Inman Grant said she wrote to the government last week to say there should be no exemptions when the law takes effect. She added that the regulator's research found 37% of children aged 10 to 15 reported seeing harmful content on YouTube -- the most of any social media site. [...]

YouTube, in a blog post, accused Inman Grant of giving inconsistent and contradictory advice, which discounted the government's own research which found 69% of parents considered the video platform suitable for people under 15. "The eSafety commissioner chose to ignore this data, the decision of the Australian Government and other clear evidence from teachers and parents that YouTube is suitable for younger users," wrote Rachel Lord, YouTube's public policy manager for Australia and New Zealand.

Inman Grant, asked about surveys supporting a YouTube exemption, said she was more concerned "about the safety of children and that's always going to surpass any concerns I have about politics or being liked or bringing the public onside". A spokesperson for Communications Minister Anika Wells said the minister was considering the online regulator's advice and her "top priority is making sure the draft rules fulfil the objective of the Act and protect children from the harms of social media."

BlueSky has grown from roughly 10 million users in early November to 36.79 million today — and its last 30 days of traffic looks very level.

But instead of calling BlueSky's traffic "level", right-leaning libertarian Megan McArdle argues instead that BlueSky's "decline shows no sign of leveling out" (comparing the stable figures from the last month to a one-time spike seven months ago so they can write "It's now down about 50 percent"). And Wednesday the conservative UK magazine Spectator also ignored the 30-day-leveling to write instead that BlueSky is somehow "sliding down a slope".

But TechCrunch thinks the "up or down" conversation is entirely missing the point of "the wider network of apps built on the open protocol that Bluesky's team spearheaded" — and how BlueSky "is only meant to be one example of what's possible within the wider AT Proto ecosystem." If you don't like the tone of the topics trending on Bluesky, you can switch to other apps, change your default feeds, or even build your own social platform using the technology. Already, people are using the protocol that powers Bluesky to build social experiences for specific groups — like Blacksky is doing for the Black online community or like Gander Social is doing for social media users in Canada. There are also feed builders like Graze and those in Surf that let you create custom feeds where you can focus on specific content you care about — like video games or baseball — and exclude others, like politics. Built into Bluesky (and other third-party clients) are tools that let you pick your default feed and add others that interest you from a range of topics. If you want to follow a feed devoted to your favorite TV show or animal, for instance, you can. In other words, Bluesky is meant to be what you make it, and its content can be consumed in whatever format you prefer best.

In addition to Bluesky itself, the wider network of apps built on the AT Protocol includes photo- and video-sharing apps, livestreaming tools, communication apps, blogging apps, music apps, movie and TV recommendation apps, and more. Other tools also let you combine feeds from Bluesky with other social networks. Openvibe, for instance, can mix together feeds from social networks like Threads, Bluesky, Mastodon, and Nostr. Apps like Surf and Tapestry offer ways to track posts on open social platforms as well as those published with other open protocols like RSS. This lets the apps pull in content from blogs, news sites, YouTube, and podcasts.
Even just considering BlueSky itself, three weeks ago Fast Company pointed out that BlueSky "grew from 11 million users to 25 million between late October and mid-December, but has added only about 10 million more since then." So how is a 10-million user increase "dying"? For a social network, being prematurely written off is a rite of passage. It's even a compliment of sorts — a sign that people are paying attention and care... When I chatted with Bluesky CEO Jay Graber this week, I wasn't surprised that she didn't seem fazed by the debate on her platform and saw the parallels with early-days Twitter. "Reports of our death are greatly exaggerated," she told me. "It's a similar thing, because with social sites, it's not straight up all the time. [Growth] comes in waves, and at each stage, there's a new era of communities being established and formed. We're still seeing a lot of community formation, and one of the most exciting things is how structurally different this is. It's not just another social site that has to be a singular winner-take-all in an ecosystem with existing incumbents...."

One other challenge that Bluesky has not yet fully confronted is monetizing itself. Onstage at Web Summit, Graber emphasized that it's working on subscription services, a healthier revenue source than stuffing feeds with ads, though potentially a tougher one to scale up to sustainability. The company announced a $15 million Series A funding round last October.
But again, the point isn't BlueSky's increasing user count or its stablizing levels of Daily Unique "Likers" — but its underlying open source protocol: [S]he was at her most passionate when discussing the company's aspiration to decentralize social networking via its open AT Protocol. It powers Bluesky — and variants such as the Pinksky photo-sharing app, which she praised onstage — but could also provide the infrastructure for further-flung social experiences. Maybe even ones catering to folks who have zero interest in participating in the Bluesky community. "The goal is to really get through that this is a Choose Your Own Adventure and Bluesky's just the beginning," she says. "The sky's the limit." Whether she'll fulfill her grandest ambitions, I'm not sure. But I already like this era of social networking better than the one when a handful of winners really did take all.

Australia's world-first social media ban for under-16s moved closer to implementation after a key trial found that checking a user's age is technologically possible and can be integrated into existing services. From a report: The conclusions are a blow to Facebook-owner Meta Platforms, TikTok and Snap, which opposed the controversial legislation. Some platform operators had questioned whether a user's age could be reliably established using current technology.

The results of the government-backed trial clear the way for the law to come into force by the end of the year. The findings also potentially allow other jurisdictions to follow Australia's lead as countries around the world grapple with ways to protect children from harmful content online. "Age assurance can be done in Australia and can be private, robust and effective," the government-commissioned Age Assurance Technology Trial said in a statement Friday announcing its preliminary findings.

Hackers have stolen hundreds of millions of dollars from cryptocurrency holders and disrupted major retailers by targeting outsourced call centers used by American corporations to reduce costs, WSJ reported Thursday. The attackers exploit low-paid call center workers through bribes and social engineering to bypass two-factor authentication systems protecting bank accounts and online portals.

Coinbase faces potential losses of $400 million after hackers compromised data belonging to 97,000 customers by bribing call center workers in India with payments of $2,500. The criminals also used malicious tools that exploited vulnerabilities in Chrome browser extensions to collect customer data in bulk.

TaskUs, which handled Coinbase support calls, shut down operations at its Indore, India facility and laid off 226 workers. Retail attacks targeted Marks & Spencer and Harrods with hackers impersonating corporate executives to pressure tech support workers into providing network access. The same technique compromised MGM Resorts systems in 2023. Call center employees typically possess sensitive customer information including account balances and recent transactions that criminals use to masquerade as legitimate company representatives.