Meta may have dodged the bullet on its AI-training fair-use defense (for now and only as to these 13 authors) but the battle isn’t over. On July 11, Judge Chhabria will take up the authors’ separate claim that Meta’s torrent-style downloading and distribution of their books infringed copyright. https://www.courthousenews.com... That distribution suit survived the ruling and could still affect how tech giants acquire training data.

Cracks -> water -> salt dissolves -> collapse -> toxic waste leaks -> aquifer poisoned !

Salt mines look perfect for waste storage, dry, impermeable, ancient...
But extracting potash weakens the structure. Water finds its way in. Salt vanishes. Tunnels deform. Containers rupture.

Stocamine (France): 42,000 tons of chemical waste, now sealed under concrete and... under pressure... literally.
Asse II (Germany): same idea, but with nuclear waste. It’s collapsing. Radioactive brine is rising.

Salt lasts forever, until disturbed. Then it flows.

You're right about the arrogance and the missed turn in the 2010s.
In 2014, Europe locked in Ariane 6 as a 100% expendable rocket just as SpaceX was betting on reusability.
Bruno Le Maire, Economy Minister since 2017 under Macron, admitted in 2020 that they took the wrong path back then https://www.politico.eu/articl.... That was five years ago.
Now it’s 2025. Macron’s still in charge, preaching “strategic autonomy” like it’s a revelation.
The scandal isn’t 2014. It’s everything they didn’t fix after.

Throwing nine figures at individuals because you can’t compete on output isn’t strategy, it’s panic.
If Meta needs $100M per hire to stay in the game, maybe it’s not the right game.
Or maybe it’s time to return some capital to shareholders.

In software, a broken feature spawns an update. Under 400 bar, a broken hull kills you instantly.

If 20% fail completely, the remaining 80% need to return 1.25× on average just to break even:

        0.8 × R = 1 R = 1.25

That’s +25%, not +20%.

The food analogy doesn’t quite hold. If you serve food in China, of course you follow Chinese rules.
But if you export that food to the U.S. and it violates FDA standards, you can’t just say: “It’s America’s job to block it, I’m not responsible.”

That’s not how cross-border regulation works. Whether it’s baby formula, toys, or online services, if you reach into another market, you’re expected to comply with that market’s laws.

The same principle applies to digital services. If your service is accessible in the EU, handles EU users, or processes their data, you’re not invisible just because your server is elsewhere. You’re subject to their law, just like any other import.

This isn’t unique to the EU. The U.S. enforces this logic all the time, with embargoes, export/import controls, and extraterritorial data access laws.
It’s not “stupid.” It’s sovereignty. And pretending you’re exempt just because the internet crosses borders doesn’t make the laws go away.

The real problem isn’t that there are rules. It’s that digital systems weren’t built to handle jurisdictional nuance.
But saying “Ignore foreign laws unless they block you at the firewall” isn’t legal minimalism, it’s wishful thinking.

I get the impulse, a lot of people are fed up with legal chaos. "Server = jurisdiction" feels clean, simple, and under your control. But that model’s been dead since at least GDPR. That would require every country to agree or surrender their data laws to foreign servers. That’s never going to happen. These days, you’re accountable not just for where the server is, but where the user is and who they are.

If you offer a service used in the EU, that service falls under EU law.
If that service is accessed abroad by an EU resident, it’s still subject to EU law.
And if the country they're in has conflicting requirements (say, a U.S. preservation order vs. GDPR)? You may have no choice but to block access or suspend the service, at least for that user, in that location.

So the problem isn’t just "too many laws." It’s that systems weren’t built to track legal context, what laws apply, to whom, and where.

We don’t need to ditch jurisdictions. We need systems that can say:
“This user is German, they’re in the U.S., these two laws conflict, block until legal basis is clear.”

That’s not regulatory overkill. That’s defensive architecture.

A U.S. judge initially asked OpenAI to preserve only chats that users had deleted, a narrowly targeted legal hold intended to balance evidentiary needs with user privacy. But when OpenAI said it couldn't isolate those chats without risking violations of European privacy law, the court issued a sweeping, all-user retention order instead.

At the heart of the dispute is a deeper design flaw: OpenAI built its system without distinguishing data by “service jurisdiction”, whether a conversation was handled under U.S. or EU legal frameworks. That means it couldn’t preserve U.S.-relevant logs without potentially breaching GDPR, nor delete EU data without violating a U.S. court order.

The outcome: a blunt, global mandate rooted not just in legal complexity, but in the absence of a jurisdiction-aware data architecture.

In the age of global services, legal nuance starts at the design phase, or comes back as a court order.

AWS’s ESC (German parent, EU-only CA, EU SOC, code escrow) delivers 99 % of the real-world sovereignty most companies need without Brussels writing a €50 billion check. If that last 1 % isn’t enough, lobby for a pan-EU hyperscaler... just don’t expect it this decade.

While the headline frames this as a quirky “laptop farm” scam, the DOJ filings show it’s far more serious:

- This wasn’t a typical remote-work fraud. It was a structured operation involving North Korean IT workers, false identities, and money laundering, with explicit goals of evading sanctions and funding the DPRK regime.
- Over 300 U.S. companies, including Fortune 500s, were unknowingly infiltrated. Some of the targets were strategic industries (aerospace, media, finance).
- Workers didn’t just "do the job", they did it under stolen identities, triggering false tax liabilities and access to internal systems, with implications for both data security and federal compliance.

Calling this “just wage theft” is like calling a phishing campaign "email misunderstandings." It misses the real issue: this was a nation-state operation masked as freelance tech work.

https://www.justice.gov/usao-d...
https://www.justice.gov/usao-d...

Overpricing isn’t illegal, deception is. Shein isn’t under fire for being cheap or expensive, but for violating specific consumer rights: fake discounts, false urgency, misrepresented return policies, and lack of transparency. If Delhaize or Ahold does something similar, they can and should be investigated too, but the comparison only holds if the violations are legally equivalent.

Even if big-name brands use the same factories, that doesn’t excuse Shein’s issues. Redirecting scrutiny onto other brands instead of addressing Shein’s practices is a whataboutism, that is, a deflection from the original issue.

Whataboutism.

The article is technically detailed but misleading: it praises Apple’s BlastDoor for "working as designed," which is true, but misses the point. The real issue is that Apple’s own transcription system injects invalid XHTML into a security-critical pipeline. The ampersand isn’t escaped, breaking XML compliance, so BlastDoor (correctly) discards the message. This isn’t a security topic it’s Apple breaking its own rules, then silently failing. A system eating its own tail.