Sri Lanka election goes to historic second count
For the first time in the country’s history, Sri Lanka’s presidential election has gone into a second round of counting after no single candidate won the 50% plus one vote needed to be declared the winner. The election commission will now count voters’ second and third choices for president – people were asked to mark up to three candidates in order of preference during the election. The first round, which saw the counting of people’s primary choice of candidate, had Anura Kumara Dissanayake, a leftist politician in the lead. Opposition leader Sajith Premadasa is in second place. However, the full results of the first round of counting are yet to be released to the public. In a press conference, the election commission said that all other candidates apart from Dissanayake and Premadasa have been eliminated. The eliminated candidates’ ballots will now be checked to see if secondary or third preferential votes were given to the two frontrunners. The election on Saturday was the first to be held since mass protests unseated the country’s leader, Gotabaya Rajapaksa, in 2022 after the country suffered its worst economic crisis. All of Sri Lanka’s eight presidential elections since 1982 have seen the winner emerge during the first round of counting. This poll has been described as one of the closest in the country’s history. Seventeen million Sri Lankans were eligible to vote on Saturday and the country’s elections commission said it was the most peaceful in the country’s history. Still, police announced a curfew late Saturday night citing “public safety. It was lifted at noon local time (06:30 GMT). Dissanayake promised voters tough anti-corruption measures and good governance – messages that resonated strongly with voters who have been clamouring for systematic change since the crisis. Early results showed him rocketing to the lead, prompting several high profile figures – including the country’s foreign minister – to congratulate him. But the latest numbers have shown him losing ground to Premadasa. Incumbent president Ranil Wickremesinghe won 17% of the vote, putting him in third place in the polling.
Fake crypto platforms face SEC charges over investor fraud
The United States Securities and Exchange Commission (SEC) has taken its first-ever legal action against scammers accused of operating fake cryptocurrency trading platforms. The SEC announced on 17 September that it had charged five entities and three individuals allegedly involved in defrauding investors of nearly $3.2 million through social media. According to the SEC, the fraudsters gained investors’ trust by posing as attractive professionals and enticing them into bogus crypto investment schemes. The two fraudulent exchanges, NanoBit and CoinW6, were at the centre of the scams. CoinW6 alone reportedly conned 11 people out of over $2.2 million by convincing them to invest in fictitious products like staking and yield farming. Investors were later blackmailed with threats to leak personal messages when they tried to withdraw their funds. Similarly, NanoBit is accused of tricking 18 victims into investing approximately $968,000, claiming its affiliate was a registered broker to build credibility. The SEC’s legal action seeks to impose penalties, permanent injunctions, and the return of stolen funds from the alleged fraudsters. The case highlights the growing threat of scams targeting unsuspecting investors via social media.
MicroStrategy boosts note offering for Bitcoin buy-Up
MicroStrategy has announced an increase in its convertible note offering to $875 million, intending to use the funds to pay off existing debt and acquire more Bitcoin. It marks another bold move by the company, which is known for its aggressive Bitcoin acquisition strategy. The raised funds will help MicroStrategy redeem $500 million of its current senior secured notes due in 2028, with the remaining amount allocated for purchasing additional Bitcoin and general corporate purposes. The company’s total reserves now hold approximately 244,800 BTC, bought at an average price of around $38,585 per Bitcoin. These convertible notes, set to mature in 2028, will be offered to qualified institutional investors, with holders given the option to convert them into cash, shares of MicroStrategy’s Class A stock, or a combination of both.
UK telecoms minister urges infrastructure sharing
UK Telecoms Minister Chris Bryant has called on broadband providers to collaborate on infrastructure sharing to curb the proliferation of telegraph poles across the UK. His appeal comes amid growing concerns about the rising number of poles, often criticised as unsightly and unnecessary. Bryant further stressed the importance of reducing such infrastructure, particularly as the new Labour government focuses on addressing the issue of excessive pole deployment, which has surged concurrently with the country’s rapid fibre network expansion. Speaking at the Connected Britain event, Bryant urged operators to prioritise sharing existing infrastructure rather than installing new telegraph poles to support the expanding fibre broadband rollout. While poles are a cost-effective and swift solution, he advocated for a more sustainable approach that minimises visual and environmental impact. Bryant also outlined the government’s efforts to streamline infrastructure deployment through regulatory reforms, such as the Product Security and Telecommunications Infrastructure Act 2022. He emphasised the need to prevent redundant installations, building on the groundwork laid by former Digital Infrastructure Minister Julia Lopez in promoting infrastructure sharing.
Brazil introduces comprehensive regulations for international data transfers
The Brazilian Data Protection Authority (ANPD) has introduced Resolution 19/2024, which establishes new regulations for international data transfers under the Brazilian General Data Protection Law (LGPD). Effective 23 August 2024, the regulation provides a structured framework for transferring personal data from Brazil to other countries to ensure that data protection standards are upheld. The framework outlines Standard Contractual Clauses (SCCs), adequacy decisions for third countries, and the approval of binding corporate rules for intra-group data transfers. The Brazilian Data Protection Authority has approved Standard Contractual Clauses (SCCs) as a key instrument for international data transfers. These SCCs cover controller-to-controller and controller-to-processor transfers, ensuring legal protection without needing prior ANPD authorisation. Similar to the EU’s SCCs, they are non-modifiable, and companies in Brazil must adopt these new clauses by 22 August 2025, replacing any existing contractual arrangements. The ANPD may also recognise equivalent SCCs from other jurisdictions, though no decision has been made yet regarding the EU SCCs. The Brazilian Data Protection Authority also provides procedures for adequacy decisions, bespoke contractual clauses, and binding corporate rules (BCRs). Adequacy decisions will assess whether a third country offers sufficient data protection. Companies can use bespoke contractual clauses in exceptional cases with ANPD approval, while BCRs allow data transfers within corporate groups if approved by the ANPD.
Philippines introduces new internet transactions regulations
Philippines has introduced Joint Administrative Order No. 24-03, Series of 2024, which outlines the Implementing Rules and Regulations (IRR) for the Internet Transactions Act (ITA) of 2023. The new regulatory framework is designed to govern all business-to-business (B2B) and business-to-consumer (B2C) internet transactions under the jurisdiction of the Department of Trade and Industry (DTI). Specifically, it applies to transactions involving parties within the Philippines or businesses targeting the Philippine market. To clarify the scope of the ITA, the IRR defines key terms such as ‘availment of the Philippine market,’ which includes activities like advertising, soliciting orders, and providing support within the country. Additionally, ‘minimum contacts’ refers to any interaction with customers in the Philippines, including allowing access to digital platforms and facilitating the exchange of goods or services. Philippines has also specified specific exclusions from the ITA’s coverage through the IRR. For instance, it does not apply to Consumer-to-Consumer (C2C) transactions, purely offline transactions, or foreign entities not targeting the Philippine market. Furthermore, while most online media content is excluded, live selling is considered a form of advertising. Consequently, the IRR outlines different obligations for various online entities, such as digital platforms that do not oversee transactions, e-marketplaces that retain oversight, and e-retailers or online merchants who must adhere to specific compliance requirements. Philippines has made the IRR effective immediately; however, it allows for an 18-month transition period for businesses to comply. During this time, companies must submit detailed information to the E-Commerce Bureau and ensure that online merchants provide their registration details. Additionally, digital platforms must disclose information about product origins. Furthermore, the IRR includes Codes of Conduct for businesses and consumers to ensure fair and ethical e-commerce practices.
UK’s National Cyber Security Centre leads international effort against botnet threat
The NCSC has collaborated with cybersecurity agencies from the United States, Australia, Canada, and New Zealand to effectively address the global botnet threat. That joint effort underscores the importance of international cooperation in tackling cyber threats that span multiple countries. By combining their expertise and resources, these agencies have been able to produce a comprehensive advisory that provides detailed information on the botnet’s operation, its impact, and the types of devices it targets. Consequently, this collaboration ensures a robust and unified response to the threat, reflecting the global commitment to enhancing cybersecurity. Moreover, the advisory issued by these agencies details how the botnet, managed by Integrity Technology Group and used by the cyber actor Flax Typhoon, exploits vulnerabilities in internet-connected devices. It includes technical information on the botnet’s activities, such as malware distribution and Distributed Denial of Service (DDoS) attacks, and offers practical mitigation strategies. Therefore, it underscores the need for updating and securing devices to prevent them from becoming part of the botnet, providing crucial guidance to individuals and organisations seeking to protect their digital infrastructure. In addition, this international collaboration serves to promote proactive security measures and raise awareness about cybersecurity best practices. The joint advisory encourages users to safeguard their devices and avoid contributing to malicious activities immediately.
India poised to introduce flexible consent framework and protections for children’s data
India is set to introduce an umbrella framework for consent management under the Digital Personal Data Protection (DPDP) Act, focusing on broad guidelines rather than specific rules. That approach is designed to provide flexibility for companies while ensuring they adhere to the overarching principles of data protection. Initially, organisations will be required to use government-issued identity cards for age and consent verification. However, they will eventually have the option to develop and implement their systems tailored to their needs. Moreover, India is expected to offer certain exemptions to educational institutions, including schools, colleges, and universities, concerning the processing and obtaining parental consent for children’s data. That measure aims to alleviate the compliance burden on educational entities. In contrast, edtech companies will not benefit from these exemptions and must adhere to the full consent management rules outlined by the DPDP Act. Furthermore, India is reinforcing its commitment to protecting children’s data by prohibiting behavioural tracking and targeted advertising for users under 18. This provision of the DPDP Act highlights the government’s focus on safeguarding young users from intrusive digital practices. It ensures that their online activities are not subject to targeted marketing strategies.