Scams, Sanctions & Europe's Data Dilemma

Scams, Sanctions & Europe's Data Dilemma

It has been yet another busy week in the world of tech and many concerning movements against our privacy and data protection. And surprise surprise, it seems like crypto scams never cease to exist!

U.S. Authorities Seize $225 Million from “Pig Butchering” Crypto Scams

In a landmark action against international cryptocurrency fraud, U.S. authorities have seized more than $225 million in assets tied to a sprawling network of “pig butchering” scams. These scams (named for the tactic of "fattening up" victims with fake relationships before financially "slaughtering" them) typically involve cybercriminals posing as love interests or financial advisors. Victims are enticed into investing in fake cryptocurrency platforms, only to be defrauded of large sums of money.

The investigation, led by the U.S. Secret Service and FBI in collaboration with blockchain analytics firms, revealed that much of the illicit activity was coordinated by organized criminal groups in Southeast Asia, often using trafficked individuals to operate scam call centers. The seized funds were traced back to more than 400 victims globally, making it the largest-ever cryptocurrency seizure related to pig butchering schemes.

Key players in the crypto ecosystem, such as Tether and OKX, flagged suspicious wallet activity in late 2023, prompting further law enforcement scrutiny. U.S. officials are now working to return the stolen funds to victims. Any remaining money could potentially be funneled into a new U.S. cryptocurrency reserve fund aimed at bolstering future fraud prevention.

Source and more interesting news.

EU Reconsiders Timeline for AI Act Amid Global Regulatory Scramble

As artificial intelligence development continues to outpace regulatory efforts, global policymakers are grappling with how to craft frameworks that are both effective and adaptable. The European Union, long seen as a regulatory frontrunner, is now contemplating a pause in the implementation of its landmark AI Act, reflecting growing concern that current efforts may be ill-suited to the rapidly evolving AI landscape.

At the Digital Policy Leadership Retreat 2025, hosted by the IAPP and the Berkman Klein Center, Irish MEP Michael McNamara suggested a pause in the AI Act rollout is increasingly likely. The primary reason? Stakeholders across Europe reportedly lack the clarity and tools needed to comply, particularly in relation to upcoming General-Purpose AI (GPAI) requirements. A key component of this guidance (the AI Code of Practice) has missed its original May deadline, and its release remains uncertain.

McNamara acknowledged the Act’s imperfections but warned against indefinite delays, saying they could undermine the regulation’s momentum and its intended impact.

“The AI Act is very far from perfect... but there comes a point at which any delay... deprives [it] of the momentum it needs to work.”

Here you find more details about them speaking at the IAPP and Berkman Klein Center For Internet and Society's Digital Policy Leadership Retreat 2025.

Reuters posted an interesting read today about data privacy laws in Europe. There might be coming more in the future. In summary:

Recent court rulings across Europe are reshaping how General Data Protection Regulation (GDPR) violations are interpreted, particularly around the idea of “non-material damage”. Traditionally, individuals had to show real-world harm (such as financial loss or emotional distress) to claim compensation for GDPR breaches. However, new judgments from courts in Germany and the EU suggest that mere loss of control over personal data may be enough to warrant damages.

In Germany’s Federal Court, the case of Junghans v. Meta concluded with a 100€ award to the plaintiff simply for unauthorized data processing. Similarly, the General Court of the European Union, in Bindl v. European Commission, ordered a 400€ payment for potential future misuse of exposed personal data despite no proven misuse occurring. These cases challenge previous Court of Justice of the European Union (CJEU) precedent, which requires some form of measurable harm.

Legal experts warn that these rulings could lead to greater legal uncertainty, especially for small and medium-sized enterprises (SMEs) lacking extensive compliance resources. With diverging interpretations emerging across jurisdictions, businesses face rising litigation risks and regulatory costs. There is growing pressure for the CJEU to clarify its stance, as continued ambiguity could stifle digital innovation, raise prices, and ultimately hinder the EU’s broader data economy ambitions.