Hawley GUARD Act Clears Committee, Roblox Loses Millions to ID Scans

Senator Hawley Advances GUARD Act Requiring Age Verification for AI Chatbots

  • Senate Judiciary Committee passed S.3062 unanimously 22-0 on April 30.
  • Bill mandates ID or biometric checks for all AI chatbot users.
  • Measure bans AI companions for minors and requires non-human disclosures.

WASHINGTON D.C., May 03 (TNGB) – Senator Josh Hawley introduced the Guidelines for User Age-verification and Responsible Dialogue Act, known as the GUARD Act. The Senate Judiciary Committee voted 22-0 on April 30 to advance the bipartisan measure cosponsored by Senator Richard Blumenthal. The legislation requires AI chatbot providers to implement age verification using government ID or reliable biometric methods before granting access to any user. It prohibits AI companions that simulate emotional relationships for those under 18 and mandates clear disclosures that chatbots are non-human and lack professional credentials. Companies face criminal penalties for violations involving explicit content or self-harm inducement targeting minors. The bill now moves to the full Senate for consideration.

This legislation would impose the first broad federal age verification mandate on everyday AI interactions.

Why This Matters: It could normalize government ID checks for routine AI use while aiming to shield minors from documented chatbot harms.

Roblox Daily Active Users Drop 12 Million After Mandatory Age Verification Rollout

  • Platform DAU fell from 144 million in Q4 2025 to 132 million in Q1 2026.
  • Roughly 20 million users lost since peak in Q3 2025 amid verification demands.
  • Only 51 percent of global users completed facial or ID checks by quarter end.

USA, May 03 (TNGB) – Roblox made age verification mandatory for full chat and social features earlier this year. The company reported daily active users declined 12 million quarter over quarter to 132 million in Q1 2026, with the drop accelerating from a 152 million peak in Q3 2025. Executives attributed part of the slowdown in new user acquisition and engagement to the verification process, which relies on facial age estimation or government ID upload. Unverified users remain limited to a degraded experience without communication tools. Fifty-one percent of global daily users and 65 percent of U.S. users had completed checks by the end of the quarter. Revenue grew but the company cut full-year bookings guidance by approximately 900 million dollars at the midpoint.

The decline shows measurable user resistance to biometric gatekeeping on a platform built for broad accessibility.

Why This Matters: It demonstrates how mandatory verification can directly reduce platform scale even as companies pursue child safety goals.

Microsoft Defender Update Triggers False Positives on Legitimate DigiCert Certificates

  • Recent signature update flagged two DigiCert root certificates as Trojan malware.
  • Affected systems automatically removed valid certificates from the Windows trust store.
  • Microsoft released fix in Security Intelligence update version 1.449.430.0.

USA, May 03 (TNGB) – Microsoft Defender began incorrectly identifying legitimate DigiCert root certificates as the Trojan:Win32/Cerdigent.A!dha threat in late April signature updates. Administrators reported that the detection caused Windows to remove the certificates from the AuthRoot trust store on multiple systems, breaking secure connections. The false positive surfaced shortly after a confirmed breach at DigiCert that exposed support systems and code-signing certificates. Microsoft issued a corrected signature in version 1.449.430.0 to resolve the erroneous flagging. The incident highlighted risks when security tools react aggressively to newly discovered supply chain compromises.

Widespread false positives like these can undermine confidence in automated endpoint protection at scale.

Why This Matters: It underscores the delicate balance between rapid threat response and avoiding collateral damage to trusted infrastructure.

Utah Enacts First State Law Holding Websites Liable for VPN Users Bypassing Age Checks

  • Senate Bill 73 treats physical presence in Utah as local access regardless of VPN use.
  • Law takes effect May 6 and prohibits sites from recommending or enabling bypass methods.
  • Sites face liability for damages if minors access harmful content through masked locations.

UTAH, May 03 (TNGB) – Utah Governor Spencer Cox signed Senate Bill 73, the Online Age Verification Amendments, on March 19. The provision targeting VPN circumvention becomes effective May 6, making Utah the first state to explicitly hold commercial websites liable for minors accessing material harmful to minors even when users employ VPNs, proxies, or other location-masking tools. The statute defines access based on physical location within Utah borders rather than apparent IP address. Websites must not promote or facilitate methods to evade age verification requirements. Violations can result in civil liability including damages, court costs, and attorney fees. Privacy advocates warn the measure creates strong incentives for sites to impose age checks globally or block known VPN ranges to avoid risk.

The approach tests new enforcement mechanisms that could influence similar legislation elsewhere.

Why This Matters: It expands age verification enforcement by closing a common technical loophole but raises broad privacy and access concerns.

Congress Approves 45-Day Extension of Section 702 Surveillance Authority

  • Lawmakers passed temporary extension hours before previous authorization expired.
  • Section 702 permits warrantless collection of foreign intelligence communications.
  • Measure provides time for debate on potential reforms and oversight adjustments.

WASHINGTON D.C., May 03 (TNGB) – Congress cleared a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act just before the prior authorization lapsed. The short-term reauthorization maintains the framework allowing U.S. intelligence agencies to collect communications of non-U.S. persons located outside the country without individual warrants. The program has drawn sustained scrutiny over incidental collection of Americans’ data and the use of that information in domestic investigations. Lawmakers from both parties indicated the brief extension will allow further negotiation on proposed reforms, including warrant requirements for certain queries involving U.S. persons. The authority remains a core tool for counterterrorism and foreign intelligence gathering.

Temporary extensions keep critical capabilities in place while larger policy questions remain unresolved.

Why This Matters: Short-term patches defer difficult decisions on balancing national security collection with privacy protections for citizens.

CrowdStrike Reports Two Affiliated Threat Groups Targeting Critical Infrastructure

  • Cordial Spider and Snarky Spider linked to The Com collective conduct data theft and extortion.
  • Groups use vishing, adversary-in-the-middle attacks, and SaaS-focused intrusions.
  • Operations span multiple sectors including energy, transportation, and government.

USA, May 03 (TNGB) – CrowdStrike identified Cordial Spider and Snarky Spider as persistent threat actors actively compromising organizations across critical infrastructure sectors. The groups, reportedly affiliated with the broader Com collective, specialize in rapid data exfiltration followed by extortion demands. Their tactics include voice phishing to obtain credentials and adversary-in-the-middle techniques against SaaS environments. Targeted entities have included entities in energy, transportation, and public sector networks in recent campaigns. The activity reflects continued monetization of access to high-value operational and business data.

Attacks on critical infrastructure highlight ongoing gaps between threat actor capabilities and defensive postures.

Why This Matters: It shows how financially motivated groups now prioritize sectors whose disruption carries national consequences.

House Hearing Examines Federal Readiness to Protect Expanding Data Center Infrastructure

  • Lawmakers reviewed cyber threats and physical risks to hyperscale and enterprise facilities.
  • Data centers face growing targeting by nation-state and criminal actors seeking disruption or theft.
  • Discussion centered on whether current interagency roles and resources match the sector’s expansion.

WASHINGTON D.C., May 03 (TNGB) – A House committee hearing on Wednesday assessed the federal government’s posture for securing data centers amid rapid sector growth and rising adversary interest. Witnesses described increasing attempts to compromise facilities through cyber means for data theft, ransomware, or operational disruption. Lawmakers questioned whether existing critical infrastructure designation processes, information-sharing mechanisms, and response authorities adequately cover the diverse ownership and geographic distribution of modern data centers. Industry participants called for clearer federal leadership and streamlined processes for threat intelligence sharing. The sector’s concentration of computing power makes it a high-value target for both espionage and sabotage.

Protecting these facilities is now central to economic and national security continuity.

Why This Matters: Data centers underpin cloud services, AI training, and digital economy functions that adversaries increasingly seek to undermine.

  • Provider notified users of active campaigns targeting end-of-life TP-Link models.
  • Russian-linked actors exploit unpatched vulnerabilities to gain network access.
  • Recommendation centers on firmware updates where available or full hardware replacement.

USA, May 03 (TNGB) – Charter Spectrum began sending emails to customers warning of Russian state-linked hackers actively exploiting vulnerabilities in older TP-Link router models that have reached end of life. The campaigns reportedly allow attackers to establish persistent access for further network reconnaissance or use as staging points for broader operations. Many affected devices no longer receive security patches from the manufacturer, leaving owners without official remediation options. Spectrum advised users to replace unsupported routers with current models offering ongoing updates. The alert forms part of broader federal efforts to notify the public about supply chain and legacy device risks.

Legacy consumer hardware continues to serve as an accessible entry point for sophisticated actors.

Why This Matters: It illustrates how unpatched home routers can become vectors that affect individual users and broader network security.

Chinese Court Rules Companies Cannot Lay Off Workers Solely Because AI Performs Tasks Cheaper

  • Hangzhou court held that automation alone does not constitute valid grounds for termination.
  • Employers must still follow standard labor procedures and demonstrate material change.
  • Ruling protects workers amid accelerating corporate adoption of AI tools.

CHINA, May 03 (TNGB) – A court in Hangzhou ruled that companies may not terminate employees simply because artificial intelligence systems can perform equivalent work at lower cost. The decision stated that automation or technological substitution does not by itself qualify as a material change in circumstances justifying dismissal under Chinese labor law. Employers must still demonstrate proper cause and complete required procedural steps before proceeding with layoffs. The case arose from a dispute in which a worker challenged termination explicitly tied to AI implementation. The ruling establishes precedent that cost savings from technology do not automatically override worker protections.

Courts are beginning to define boundaries around AI-driven workforce displacement.

Why This Matters: It signals judicial pushback against treating AI purely as a cost-cutting justification for reducing headcount.

AI Inference Demand Creates Openings for Specialized Chip Startups to Challenge Incumbents

  • Shift from model training to efficient inference workloads favors purpose-built accelerators.
  • Startups develop chips optimized for specific deployment scenarios and lower power profiles.
  • Market dynamics reward specialization as inference volumes grow across industries.

USA, May 03 (TNGB) – The rapid expansion of AI inference workloads is opening competitive space for chip designers beyond dominant training-focused players. Companies building accelerators optimized for running trained models at scale report growing interest from cloud providers and enterprises seeking better performance per watt and lower latency. Unlike training clusters that favor massive parallel architectures, inference deployments often prioritize energy efficiency, edge placement, and predictable throughput. Several venture-backed startups have secured funding and design wins by targeting these narrower but high-volume requirements. The trend suggests the AI hardware market may fragment along workload boundaries rather than consolidate around a single architecture.

Inference specialization could prevent any single vendor from maintaining unchallenged dominance across the full AI stack.

Why This Matters: It diversifies the hardware foundation of AI away from monopoly risk and toward workload-specific innovation.