You know what they say: If at first you don't succeed at mass government surveillance, try, try again. Only two days after India backpedaled on its plan to force smartphone makers to preinstall a state-run "cybersecurity" app, Reuters reports that the country is back at it. It’s said to be considering a telecom industry proposal with another draconian requirement. This one would require smartphone makers to enable always-on satellite-based location tracking (Assisted GPS).

The measure would require location services to remain on at all times, with no option to switch them off. The telecom industry also wants phone makers to disable notifications that alert users when their carriers have accessed their location. According to Reuters, India's home ministry was set to meet with smartphone industry executives on Friday, but the meeting was postponed.

RAFIQ MAQBOOL via Getty Images

Predictably, proponents claim the plan is about helping law enforcement keep you safe from the bad guys. (See also: Orwell's Nineteen Eighty-Four.) The administration of Prime Minister Narendra Modi has long been concerned that law enforcement agencies can’t obtain precise enough locations during investigations. Cell tower data alone can be off by several meters. And hey, what's the privacy of 1.4 billion people next to tracking criminals with an extra 10 ft. or so of accuracy, right?

Apple, Google and Samsung are said to oppose the move and have urged the Modi government to reject it. The lobbying group India Cellular & Electronics Association (ICEA), which represents them, reportedly wrote in a confidential letter this summer that the proposal has no precedent anywhere in the world. The group's letter described the measure as a "regulatory overreach," which is probably putting it mildly. They warned that it could compromise military personnel, judges, corporate executives and journalists.

In a statement sent to Engadget, the Electronic Frontier Foundation (EFF) sounded the alarm on the proposal. "Requiring phones to have A-GPS enabled all the time would be a horrifying decision by the Indian government with significant impacts on the privacy of everyone in the country,” EFF Senior Staff Technologist Cooper Quintin said. “With this change, the phone company and law enforcement get your exact location at any time, potentially even without legal due process."

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/india-is-reportedly-considering-another-draconian-smartphone-surveillance-plan-173500327.html?src=rss

©

Hackers with links to China reportedly successfully infiltrated a number of unnamed government and tech entities using advanced malware. As reported by Reuters, cybersecurity agencies from the US and Canada confirmed the attack, which used a backdoor known as “Brickstorm” to target organizations using the VMware vSphere cloud computing platform.

As detailed in a report published by the Canadian Centre for Cyber Security on December 4, PRC state-sponsored hackers maintained "long-term persistent access" to an unnamed victim’s internal network. After compromising the affected platform, the cybercriminals were able to steal credentials, manipulate sensitive files and create "rogue, hidden VMs" (virtual machines), effectively seizing control unnoticed. The attack could have begun as far back as April 2024 and lasted until at least September of this year.

The malware analysis report published by the Canadian Cyber Centre, with assistance from The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), cites eight different Brickstorm malware samples. It is not clear exactly how many organizations in total were either targeted or successfully penetrated.

In an email to Reuters, a spokesperson for VMware vSphere owner Broadcom said it was aware of the alleged hack, and encouraged its customers to download up-to-date security patches whenever possible. In September, the Google Threat Intelligence Group published its own report on Brickstorm, in which it urged organizations to "reevaluate their threat model for appliances and conduct hunt exercises" against specified threat actors.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/chinese-hackers-reportedly-targeting-government-entities-using-brickstorm-malware-133501894.html?src=rss

©

© Greggory DiSalvo via Getty Images

The Department of Transportation under President Donald Trump is moving to reverse more of the climate policies that had been enacted by President Joe Biden. Under a proposed rulemaking by the National Highway Traffic Safety Administration, fuel efficiency standards for cars and light trucks in model year 2031 will be reduced to an average of 34.5 miles per gallon, down from the standard of 50.4 miles per gallon that was part of Biden's plans to encourage more adoption of electric vehicles among US drivers. 

The move was expected since Trump re-took office. Transportation Secretary Sean Duffy ordered the NHTSA to review fuel efficiency standards in January a day after he assumed the title. The current administration also ended a tax credit for buying electric vehicles over the summer. In the meantime, international manufacturers are racing ahead in their progress on building better EVs, offering other markets more exciting models that won’t arrive in the US thanks to tariffs.

While Trump's announcement today claimed that the change would reduce the average cost of a new car by $1,000 and offer a savings of $109 billion over five years, gas prices are on track to increase if the Environmental Protection Agency does successfully repeal the finding that climate change causes human harm. Plus there's the incalculable financial and human cost of a growing number of catastrophic weather events that have been predicted if the planet continues to get warmer.

This article originally appeared on Engadget at https://www.engadget.com/transportation/us-department-of-transportation-doubles-down-on-gas-cuts-fuel-efficiency-standards-234542939.html?src=rss

©

India will no longer require smartphone makers to preinstall the Sanchar Saathi "security" app. After blowback from Apple, Samsung and opposition leaders, the Modi government issued a statement saying it "has decided not to make the pre-installation mandatory for mobile manufacturers." The app is still available as a voluntary download.

India's Ministry of Communications framed the U-turn as a result of strong voluntary adoption. The nation said 14 million users (around 1 percent of the nation’s population) have downloaded the app. "The number of users has been increasing rapidly, and the mandate to install the app was meant to accelerate this process and make the app available to less aware citizens easily," the statement read.

In a statement sent to Engadget, the Electronic Frontier Foundation (EFF) celebrated India’s reversal. "This was a terrible and dangerous idea by the Indian government that lasted 24 hours longer than it ever should have," EFF Civil Liberties Director David Greene wrote. "We thank our colleague organizations in India, such as SFLC.in and Internet Freedom Foundation, for promptly opposing it."

The Indian government had previously given smartphone makers 90 days to preinstall the Sanchar Saathi app on all new phones. They were also required to deliver it to existing devices via software updates. India claims its app exists solely for cybersecurity purposes. It includes tools allowing users to report and lock lost or stolen devices.

But privacy advocates warned that it could be used as a government backdoor for mass surveillance. According to the BBC, the app’s privacy policy allows it to make and manage calls and send messages. It can access call and message histories, files, photos and the camera.

Reuters reports that industry experts cited Russia as the only known precedent for such a requirement. In August, Vladimir Putin's regime ordered the messenger app MAX to be preinstalled on all mobile devices in the country. Like with India's example, experts warned that it could be used for surveillance.

On Tuesday, Reuters reported that Apple would not comply with India's order, citing privacy and security concerns. Samsung reportedly followed. Opposition leaders in the Indian government also joined the fray. Senior Congress leader Randeep Singh Surjewala called on the Modi government to clarify its legal authority for "mandating a non-removable app." Despite India's framing, it seems likely that the two companies' stances, along with domestic political pressure, played no small role in the reversal.

Update, December 3, 2025, 2:50 PM ET: This story has been updated to add a statement from the EFF.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/india-will-no-longer-require-smartphone-makers-to-preinstall-its-state-run-cybersecurity-app-171500923.html?src=rss

©

You can tell a lot about a company by what they're willing to sue over. Take Instacart, which just filed a lawsuit against New York City. Its beef? The company doesn't like five new city laws, set to take effect in January. They would require Instacart to pay workers more and give customers a tipping option of at least 10 percent.

Reuters reports that Instacart's suit targets Local Law 124, which mandates that grocery delivery workers receive the same minimum pay as restaurant delivery workers. It also challenged Local Law 107, which mandates 10 percent or higher tipping options (or a place to enter one manually). The lawsuit also takes aim at other laws requiring extra recordkeeping and disclosures. The new rules are set to take effect on January 26.

As is typical of companies griping about regulations that hurt their bottom lines, Instacart framed the issue as a noble fight for what's right. "When a law threatens to harm shoppers, consumers, and local grocers — and especially when it does so unlawfully — we have a responsibility to act," the company proclaimed in a blog post. "This legal challenge is about standing up for fairness, for the independence that tens of thousands of New York grocery delivery workers rely on and for affordable access to groceries for the people who need it most."

Instacart's suit reportedly claims that Congress banned state and local governments from regulating prices on platforms such as its own. It also alleges that New York's state legislature "has long taken charge" of minimum pay, and that the US Constitution doesn't allow states and cities to discriminate against out-of-state companies.

The company warns that everyone will lose if it's forced to comply. Should the laws take effect, "Instacart will be forced to restructure its platform, restrict shoppers' access to work, disrupt relationships with consumers and retailers and suffer constitutional injuries with no adequate legal remedy," it claimed in the filing.

Instacart CEO Chris Rogers, elevated to the post in May, has an estimated net worth of at least $28.6 million. His predecessor, Fidji Simo, who chairs the board and is now with OpenAI, is reportedly worth around $72.7 million. If NYC’s minimum pay laws will be as catastrophic as Instacart claims, maybe they could chip in to help.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/instacart-sues-new-york-city-over-minimum-pay-tipping-laws-220205207.html?src=rss

©

Update December 3 2025, 10:43am ET: India has withdrawn its mandate requesting manufacturers to install the Sanchar Saathi app, according to reporting from Reuters. The text below has been left unaltered.

India has issued a mandate to all smartphone manufacturers and importers requiring them to install a state-owned cyber security app. But Apple is reportedly not going to comply, citing privacy and security concerns, according to Reuters. 

The app, called Sanchar Saathi (meaning Communication Companion), is supposed to expedite the process of finding lost or stolen devices and stopping their misuse, according to a government press release on Monday. It further states that companies, including the likes of Samsung and Xiaomi, should "endeavor" to use software updates to download the app on previously purchased smartphones. 

The Sanchar Saathi app comes alongside an entire website designed for reporting fraudulent communication and tracking missing phones. However, critics worry that the app is a means for Prime Minister Narendra Modi's government to gain access to every smartphone in India. 

The messages coming out of the Indian government have been mixed so far. In Monday's public announcement, it said companies must comply within 90 days and submit a report within 120 days. It also states that the app should be "readily visible and accessible to the end users at the time of first use or device setup and that its functionalities are not disabled or restricted." 

Yet, today, India's Union Communications Minister Shri Jyotiraditya Scindia stated that the app is "completely democratic and fully voluntary." He added that users can deactivate or delete it "at any time."

At the same time, industry sources told Reuters that Apple will not comply with preinstalling the app. Whether that pushback lasts remains to be seen — Apple has bowed to government mandates in the past. Recently, it removed two of China's biggest LGBTQ+ dating apps, following orders from the country's internet regulator and censor. 

This article originally appeared on Engadget at https://www.engadget.com/big-tech/apple-will-reportedly-refuse-to-pre-install-indias-state-mandated-security-app-143050110.html?src=rss

©

© Brian Oh for Engadget

Texas Attorney General Ken Paxton has opened an investigation into online fast fashion retailer Shein. The probe will examine whether the company violated state laws related to labor practices and product safety. According to a release, Paxton's office wants to know if Shein uses toxic or hazardous materials and whether it misleads consumers about product safety and ethical sourcing. The Texas investigation will also look into privacy concerns and data collection at Shein, which isn't the first time those topics have arisen for the business.

Shein also drew criticism last month after a French consumer protection watchdog discovered illegal weapons and childlike sex dolls available on its website. France is now taking steps to suspend Shein's business in the country. Last year, the US government also seemed ready to take action against Shein and fellow low-cost retailer Temu over issues of product safety.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/texas-ag-opens-probe-into-shein-000812688.html?src=rss

©