LLMs can be forced to leak data through targeted prompt attacks, but they disclose training data only with low probability in everyday usage scenarios.
Apple is implementing the new Siri generation in iOS 27 using Google’s Gemini models and leveraging Google Cloud for complex AI queries because its own Private Cloud Compute infrastructure lacks sufficient scalability.
The European Parliament replaces Google with the French search engine Qwant as its default, signalling implementation of the EU’s strategy for technological sovereignty and data protection.
AI assistants frequently ignore existing permission structures when accessing enterprise data, exposing sensitive information that should not be accessible to individual users.
China is deploying coordinated spear-phishing with Azureveil malware against targets in Czechia and Taiwan to systematically exfiltrate data from high-value organizations.
Police authorities in two federal states are obtaining data from commercial data brokers, a practice that data protection officers classify as unlawful.
Germany plans to allow tax authorities to use real taxpayer data to train AI models, which conflicts with EU data protection principles but is intended to be limited by deletion deadlines and control obligations.
Large technology companies are systematically contesting European GDPR fines in court, with significant implications for the implementation of AI regulation.