OpenAI has reportedly reached a $500 billion valuation after completing a $6.6 billion secondary share sale involving current and former employees.

Share Sale

The transaction, finalised on 2 October, allows OpenAI workers and alumni to sell their equity stakes to a group of institutional investors including Thrive Capital, SoftBank, Dragoneer Investment Group, Abu Dhabi’s MGX, and T. Rowe Price. The valuation, based on the deal pricing, makes OpenAI the most valuable privately held company in the world, thereby even overtaking Elon Musk’s SpaceX.

What The Transaction Involved

Unlike a traditional fundraising round where capital is injected into the business, this was a secondary share sale, meaning the money went directly to eligible employees and former employees who had held equity for at least two years. The move provided liquidity without OpenAI going public, while still attracting long-term investors to increase their exposure.

Up To $10.3 Billion

OpenAI had reportedly authorised up to $10.3 billion worth of stock for sale, though around two-thirds of that was ultimately sold. According to various reports, e.g. by the likes of Bloomberg and CNBC, the lower participation rate is being viewed internally as a sign of confidence in the company’s future, with many employees choosing to hold onto their equity at the new, higher valuation.

Second Of Its Kind This Year

This is the second major employee-focused share sale OpenAI has conducted in under a year. For example, a previous deal in November 2024 saw SoftBank purchase around $1.5 billion of stock from OpenAI employees.

Why It Matters And Why Now

The $500 billion valuation represents quite a significant increase from OpenAI’s last primary funding round in early 2025, which raised $40 billion at a $300 billion valuation. Many of the same investors returned for the latest deal, thereby appearing to reinforce their commitment to the company’s long-term growth.

The timing appears to reflect multiple overlapping objectives for OpenAI. For example:

Keeping hold of top AI talent, as companies like Meta and Google DeepMind continue to offer extremely high salaries to attract researchers. Meta reportedly hired at least seven senior OpenAI engineers earlier this year, with offers reaching into nine figures.

Giving employees a way to cash out some of their shares without OpenAI having to go public. Other large tech firms like Stripe, Databricks, and SpaceX have used similar share sales to reward staff while staying private.

Showing that investors are still backing the company, even at a much higher valuation than earlier this year. The sale actually gives OpenAI a fresh benchmark and highlights continued demand from long-term backers as it pushes ahead with major infrastructure plans.

Growing Fast But Spending Aggressively

Even though OpenAI is currently growing fast, it is also spending aggressively. For example, the company reported $4.3 billion in revenue in the first half of 2025 alone, but is also understood to have burned through $2.5 billion in cash over the same period.

It’s worth noting that much of this is being invested in the systems and infrastructure needed to run and train its AI models at scale. OpenAI has reportedly committed to spending $300 billion over five years on Oracle cloud services, and recently signed a letter of intent with Nvidia for an even larger strategic deal. According to Nvidia CEO Jensen Huang, the partnership will involve building 10 gigawatts of AI infrastructure capacity and could be worth up to $100 billion.

These numbers are unmatched by any other AI company and significantly exceed OpenAI’s current revenues and reserves. However, the scale of the infrastructure plan is seen as necessary if the company is to maintain its lead in large language models, video AI (such as the recently launched Sora 2), and enterprise platform offerings.

Microsoft, Governance, And Control

The share sale comes shortly after OpenAI announced a non-binding memorandum of understanding with Microsoft, its largest strategic partner, to support the company’s proposed conversion into a Public Benefit Corporation (PBC). If approved, this would move OpenAI’s for-profit operations into a new corporate structure in which its original non-profit would hold a controlling stake and retain final say on its mission and direction.

Chairman Bret Taylor described the change as a way to preserve OpenAI’s founding principles while enabling long-term commercial success. As he wrote in a public statement, “OpenAI started as a nonprofit, remains one today, and will continue to be one”. It seems that the new structure is designed to align the business’s growth with public-interest goals, but the transition still needs to be ratified by regulators and stakeholders, and is not yet legally confirmed.

This uncertainty means the governance model remains a point of concern for some observers. In particular, it raises questions about investor rights, accountability, and how decisions are made when commercial and ethical priorities diverge.

Competitors

The valuation is bound to send a strong message to the broader AI sector. For example, at $500 billion, OpenAI is now worth more than SpaceX, and far ahead of rivals such as Anthropic, xAI, Cohere, and Mistral. While this provides a benchmark for others raising capital, it’s also likely to intensify pressure across the market.

Clearly, companies building competing foundation models now face an even more aggressive funding environment. Talent retention and access to compute resources are already competitive, and OpenAI’s ability to reward employees with liquidity and attract deep-pocketed investors could make those gaps wider.

At the same time, other AI players may benefit from investor interest spilling over. Several large funding rounds have taken place in 2025 already, and OpenAI’s valuation may increase attention on smaller but promising firms developing more specialised or safety-focused models.

Business Users And Partners

For enterprise users of OpenAI’s product, including ChatGPT Enterprise, the API platform, and integrations via Microsoft Azure, the sale is more than symbolic. For example, if infrastructure build-outs proceed as planned, customers could see faster development of new model capabilities, better service availability, and reduced latency. The ongoing partnerships with Microsoft and Oracle also suggest continued alignment between OpenAI’s roadmap and enterprise delivery platforms.

However, the sheer scale of OpenAI’s commitments and its growing dependence on just a few suppliers and investors looks likely to introduce complexity. Many of its largest deals now involve overlapping roles. For example, Nvidia is both a supplier of hardware and a major investor, while Microsoft is both a partner and a platform.

This has already attracted attention from regulators concerned about market concentration and fair access to compute. Antitrust scrutiny of vertical integration in AI is increasing, particularly in the US and Europe.

Benefits And Tensions

Of course, the share sale offers immediate financial benefits to those who helped build OpenAI in its early stages. For example, many current and former employees have now been able to realise part of their equity gains without waiting for an IPO.

For investors, the transaction provides greater access to a company widely seen as the frontrunner in general-purpose AI. SoftBank, Thrive Capital, and other returning backers have all increased their exposure despite the steep rise in valuation since earlier in the year.

Strategic partners also stand to gain from closer alignment. Microsoft, in particular, stands to benefit from continued integration of OpenAI’s models across its Azure cloud services, Office products, and developer tools.

That said, many challenges remain. For example, the company’s rapid growth, mounting costs, structural complexity, and competition for talent all present ongoing risks. With no confirmed path to IPO, and no public financial statements, some analysts are also questioning how sustainable a $500 billion valuation will prove if revenue growth slows or infrastructure plans are delayed.

Others have also highlighted the potential conflict between mission and commercial goals, especially as the company works to convert its structure while navigating regulatory and competitive headwinds.

What Does This Mean For Your Business?

OpenAI’s record-breaking share sale and resulting valuation are likely to send a clear message to investors, rivals, regulators, and customers alike. At $500 billion, the company is now operating at a scale where its decisions carry weight well beyond the AI sector. While the transaction did not raise new capital for OpenAI directly, it has strengthened relationships with major long-term investors, helped reward and retain key staff, and established a new private market benchmark that will likely influence how other companies in the space are valued and funded.

The scale of the valuation is also likely to shape expectations, particularly around delivery of OpenAI’s ambitious infrastructure commitments and the pace of future product development. The company is positioning itself as a central player in the next wave of general-purpose computing, but its ability to deliver depends heavily on partnerships that now blend commercial, financial, and strategic interests in complex ways. That convergence may enable faster execution, but it also increases the concentration of influence and raises questions about resilience and independence.

For UK businesses, the implications are already being felt. For example, many are now embedding OpenAI-powered tools into internal workflows, customer services, and development environments via Microsoft Azure, GitHub Copilot, or ChatGPT Enterprise. As OpenAI expands its model range and infrastructure footprint, UK firms could benefit from improved access, better availability, and deeper integrations with mainstream business software. However, they also face growing dependencies on a relatively narrow set of providers. With regulators in both the UK and Europe now examining the market power of foundation model developers, these relationships may soon come under greater scrutiny.

What comes next will depend not just on OpenAI’s growth but also on how it navigates governance reform, revenue pressure, regulatory demands, and increasing competition from well-funded challengers. The share sale has delivered liquidity, signalled strength, and reinforced investor appetite, but it also raises the stakes. As the company continues to scale, each strategic decision is likely to face greater scrutiny, both from those building with its tools and those watching what its influence means for the wider market.

BT has committed to delivering full 5G Standalone coverage to 99 per cent of the UK population by the end of the decade, laying out a detailed plan that raises pressure on rivals and calls for regulatory support to finish the job.

Announced At Connected Britain 2025

BT’s announcement came during Connected Britain 2025 (a UK telecoms and connectivity conference), where the company’s chief security and networks officer Howard Watson confirmed that its mobile division EE is targeting 99 per cent population coverage for what it now brands “5G+” by 2030. The goal, Watson said, puts EE at least four years ahead of rival networks.

“To make the benefits of this technology clearer for customers, we’ll use the term 5G+ rather than the technical industry shorthand 5G SA or 5G Standalone,” he wrote in a company blog published the same week. “It’s the same game-changing network, but in language that’s simple and relatable.”

Aligns With Government’s Ambition

The commitment aligns with a UK government ambition, first outlined in 2023, for Standalone 5G in all populated areas by 2030. However, BT made clear that achieving this level of nationwide service would depend on cooperation from ministers to speed planning decisions, reduce costs, and improve access to spectrum.

Speaking at the same event, BT Group CEO Allison Kirkby described the telecoms sector as facing “peak government-inflicted costs” due to high spectrum licence fees, business rates and compliance charges. She called for reforms to enable faster and more cost-effective mobile infrastructure deployment.

What Is “Standalone 5G” And Why Does It Matter Now?

Unlike the earlier wave of 5G services launched across the UK, which used 5G radio access layered onto legacy 4G infrastructure, Standalone 5G (or 5G SA) uses a fully independent 5G core. This delivers significantly lower latency, better uplink performance, and allows for network slicing, which is a method of reserving parts of the network for critical services such as emergency communications, remote surgery, or live industrial control.

Voice over 5G (also known as VoNR, or Voice over New Radio) is another key feature. EE has already rolled this out on compatible handsets, allowing calls to remain on the 5G network instead of switching down to 4G or 3G.

100 Times More Capacity Than 4G

Watson said EE’s 5G+ network has been engineered to deliver up to 100 times more capacity than 4G, unlocking bandwidth for high-traffic areas such as city centres, stadiums and transport hubs.

In terms of progress, it seems that by August 2025, EE had already crossed the halfway mark, with Standalone 5G covering more than 34 million people. That number is expected to rise to over 41 million by spring 2026, with new cities added each quarter. EE only declares a location “live” once its outdoor coverage exceeds 95 per cent, a move the company says ensures a more reliable user experience.

The Technology Behind It

BT’s 5G+ plan relies on three major infrastructure changes, which are:

1. EE has deployed more than 1,500 outdoor small cells across the UK, including 500 in the past 12 months alone. These units improve coverage and capacity in busy or difficult-to-serve areas by offloading traffic from macro base stations.

2. The company is rolling out Ericsson’s AIR 3284 radio units, which support triple-band FDD (frequency division duplexing) and massive MIMO (multiple-input, multiple-output) capability. These radios are the first of their kind in Europe and offer four times greater uplink capacity than standard 5G radios, making them particularly useful for business applications involving video upload, conferencing, and real-time data feeds.

3. EE is using Advanced RAN Coordination (ARC), a new Ericsson system that allows base stations up to 50 kilometres apart to share capacity dynamically. According to BT, this has improved average download speeds by up to 20 per cent in test locations.

The company says hundreds more high-capacity radio units and coordination nodes will be deployed before 2030.

Competition

BT’s announcement comes amid growing competitive pressure in the UK mobile market. For example, Virgin Media O2 (VMO2) claims to have the UK’s largest 5G SA network, now reaching over 70 per cent of the population, and recently unveiled its first “Giga Site” in Paddington, combining low, mid and high band spectrum with dual-band Nokia massive MIMO. The company says the site is capable of delivering more than 10 Gbps throughput, and it plans to build 1,000 more across the country during 2026.

Meanwhile, Vodafone and Three completed their merger in June, forming VodafoneThree, which has pledged £11 billion in investment over the next ten years to deliver one of the most advanced mobile networks in Europe. This includes upgrades to support Standalone 5G and spectrum sharing across the newly combined business.

BT’s 99 per cent target is, therefore, not just an infrastructure roadmap, but is also designed to send a strategic signal to customers, investors and government that the company intends to retain a leadership position in UK mobile quality.

What Makes 5G SA So Different?

For consumers, the benefits of 5G SA are likely to be most visible in terms of more consistent service, reduced latency, and fewer signal dropouts in busy locations. For example, faster call setup times using VoNR and fewer video buffering events are some of the everyday improvements EE expects to deliver.

However, for business customers, the advantages are more substantial. For example, network slicing can provide guaranteed quality of service for critical applications, while improved uplink performance supports use cases such as remote diagnostics, live video monitoring, and industrial automation.

It’s worth noting here that EE has already trialled network slicing in some public settings, including at Belfast’s Christmas Market in 2023, where a dedicated slice ensured that payment systems remained reliable during peak visitor hours.

BT is also keen to highlight the role 5G SA could play in transforming public services, especially in transport. For example, railways and remote areas have long posed challenges for mobile coverage due to signal obstructions and infrastructure limitations. BT says targeted interventions, such as using smart coordination, small cells and new spectrum, will be required to solve these persistent gaps.

What Needs To Happen For The 2030 Target To Be Met?

While BT says it does not require direct subsidies to hit its 99 per cent target, it argues that the final stages of rollout will be difficult without regulatory support. The company is, therefore, calling on the UK government to:

– Reform planning rules to make it easier and faster to deploy infrastructure.

– Increase spectrum availability, especially in high-demand frequency bands.

– Remove or reduce annual spectrum licence fees, which BT says penalise operators for ongoing investment.

BT also wants regulators to take a more active role in addressing persistent coverage gaps along rail corridors, coastlines and other difficult environments.

Without these changes, the risk is that operators focus investment in profitable urban zones, while rural and hard-to-reach areas are left behind.

Challenges and Objections

Covering the last few per cent of the population is expected to be the most difficult and expensive part of the rollout. For example, rural areas often require long backhaul connections, more masts per user, and careful navigation of local planning restrictions.

Planning objections to new masts or small cells can also delay urban densification, where building height rules and community resistance frequently limit placement.

Device support is another potential issue. While most flagship smartphones now support Standalone 5G, it should be noted that not all models do, and ensuring features like VoNR and slicing work reliably across different hardware and software environments adds complexity for both operators and enterprise customers.

There is also some scepticism from some users who feel that previous 5G announcements have overpromised and underdelivered. Indeed, it seems that independent benchmarking studies have repeatedly found UK 5G performance to be well below that of other European countries. In this context, EE’s decision to rebrand its network as “5G+” rather than simply “5G SA” is likely an attempt to distance the new offer from earlier disappointments.

Even so, rivals are unlikely to stand still. For example, Virgin Media O2 continues to expand its footprint and spectrum holdings, having recently acquired 78.8 MHz of additional spectrum from Vodafone. VodafoneThree, with its larger combined scale, is also expected to accelerate deployments and extend its reach into rural regions.

What Does This Mean For Your Business?

Delivering 5G Standalone to 99 per cent of the UK population by 2030 would represent a major upgrade in national mobile infrastructure, with clear practical benefits for users and businesses alike. For companies relying on fast, low-latency connections to run logistics systems, cloud platforms or video services, the ability to access reliable standalone 5G in more locations could support better performance, more automation and greater service resilience.

For BT, the 99 per cent target seems to set out a clear intention to lead on mobile quality and capacity, not just coverage. The wider deployment of high-performance radios, small cells and core upgrades also gives the company a way to differentiate itself from rivals and reinforce its role in supporting essential digital services. For the government, the message is that planning delays, spectrum costs and regulatory friction are now a real constraint on further progress. If ministers want mobile operators to finish the job in rural areas, rail corridors and harder-to-reach environments, those barriers will need to be addressed.

That said, the challenges are still pretty substantial. For example, extending full standalone coverage to the last few per cent of the population will require continued investment, cooperative local planning, and more progress on handset compatibility across different devices.

OpenAI has launched Sora 2, a powerful new AI model for generating realistic video and audio, alongside a companion app called Sora that functions as a short-form video platform in the style of TikTok.

Cameos

The app, now live in the US and Canada, allows users to create, share, and remix AI-generated videos featuring themselves and their friends through a feature called “cameos”.

OpenAI’s Move Into Social Apps

This marks OpenAI’s most significant step yet into the consumer social media space. While its ChatGPT platform has seen widespread adoption for productivity, the launch of the Sora app brings the company into direct competition with TikTok, Instagram Reels, and Meta’s new “Vibes” AI video feed.

Makes Short, Realistic Videos

The Sora app, available now for iOS on an invite-only basis, is designed around the idea of co-creation. For example, users can ask (prompt) Sora 2 to generate short, realistic videos with audio, then choose to insert themselves or others into the scenes using cameos. A one-time video and audio recording is required to activate this feature, verifying both identity and likeness.

Once uploaded, users can choose who may include their cameo in videos and revoke permission at any time. OpenAI says the app is designed to prioritise creativity and collaboration, rather than passive consumption. “We think a social app built around this ‘cameos’ feature is the best way to experience the magic of Sora 2,” the company stated in its launch blog.

What Can Sora 2 Do?

Sora 2 builds on the original Sora model released in February 2024, offering major improvements in physical realism and control. For example, the system now better obeys the laws of physics and can simulate complex multi-step actions, such as backflips, Olympic gymnastics, and buoyancy-based movements. It can also handle failure more realistically. For example, as OpenAI explains, “In Sora 2, if a basketball player misses a shot, it will rebound off the backboard,” thereby contrasting with earlier models that might teleport the ball into the hoop to satisfy a prompt.

The model can also generate sound effects and dialogue that synchronise with the visuals, and it supports different styles such as cinematic or anime. Sora 2 is also better at keeping things the same from one part of a video to the next, so people, objects, and scenes look consistent and don’t suddenly change or disappear.

Crucially, Sora 2 allows direct injection of real-world people or objects into generated videos. This is the basis for the cameos feature, which lets users appear in AI videos with recognisable facial likenesses and voices after completing the verification process.

A Social App Built Around AI Creativity

Inside the Sora app, users can browse a TikTok-style vertical feed where all content is generated by Sora 2. The feed’s algorithm is powered by OpenAI’s own language models and incorporates user activity, location, and engagement signals. Users can opt out of sharing data from their ChatGPT history, and parental controls allow for the disabling of infinite scroll, personalisation, and direct messaging.

The Sora feed has a different set of priorities than many existing social platforms. For example, according to OpenAI, the app has been explicitly designed to maximise creativity over time spent. Videos from friends or creators users have interacted with are prioritised, and content is recommended based on what the system believes users may want to remix or be inspired by.

OpenAI is also keen to highlight the fact that many early testers inside the company described the experience as a new way to communicate, i.e. beyond texts, emojis, and even voice notes. As the team says, “We all had a blast with it. It kind of felt like a natural evolution of communication”.

Safety And Moderation

It should be noted that the app includes several layers of moderation and safety, particularly around the use of likenesses, minors, and synthetic content. Videos with cameos include visible watermarks and embedded provenance data using C2PA standards. Also, only users with explicit permission can create content featuring another person’s cameo, and content involving under-18s is subject to stricter controls.

OpenAI says that a dedicated moderation team will review flagged videos, especially in cases involving bullying or misuse of likeness, and that it has developed a “new class of recommender algorithms” that can be instructed via natural language and will regularly poll users about their wellbeing to inform feed adjustments.

Reassuringly, it seems that parents will also have access to management tools via ChatGPT’s parental control features, which allow them to restrict viewing time and disable certain app capabilities.

Growing Interest

Despite being invite-only, the Sora app quickly topped the iOS App Store in the US following launch. According to Appfigures, it saw around 164,000 downloads in its first two days, suggesting strong early interest in AI-generated social video.

For individual users, the draw is clear, i.e. Sora offers a fast, no-equipment way to create and share realistic, creative videos. For businesses, Sora 2 may open up new workflows for marketing, campaign testing, training content, and generating creative ideas, all using synthetic media that’s watermarked and traceable.

It’s no surprise, therefore, that the model is already being explored for potential commercial uses. With this in mind, ChatGPT Pro users can access a higher-quality version called Sora 2 Pro on sora.com, and an API is planned, which would allow integration with third-party tools and platforms.

However, the move into social territory has also brought new scrutiny. Deepfake concerns, synthetic voice misuse, and intellectual property violations are all emerging challenges. OpenAI has already faced criticism from rights holders about the model’s ability to generate copyrighted characters or likenesses without permission. CEO Sam Altman recently responded on X (formerly Twitter), saying the company will move towards an opt-in model for characters and explore revenue sharing with rights holders.

Competitors And The AI Market

By launching its own social platform, OpenAI is taking a risk by entering a space dominated by highly entrenched players. That said, even though Meta’s “Vibes” feed, launched a week earlier, performs similar functions inside its Meta AI app, Sora goes further by integrating first-party video generation with a standalone app, a social graph, and content provenance controls.

Google is also moving rapidly in this space with Veo 3, which may bring advanced video generation tools to YouTube. However, OpenAI’s decision to bundle generation, remixing, social sharing, and personalised feeds into one app gives it a distinct early advantage.

Some would say, however, that the bigger prize here is data. For example, with Sora, OpenAI can gain access to a stream of video-based user interactions that could help refine future models, and reinforce its competitive position in the multimodal AI arms race.

Criticisms And Limitations

Although OpenAI has taken steps to address known risks, the Sora app is not without controversy. For example, some experts have raised concerns about likeness abuse, moderation gaps, and legal grey areas around synthetic content. Others are questioning whether the app’s feed algorithm, even if not optimised for time spent, could still encourage addictive behaviour.

Questions have also been raised about monetisation. For example, OpenAI says the app is free for now and that the only current revenue plan is charging for extra video generations during high demand. However, given the costs involved, a longer-term model will be needed. Sam Altman has indicated that monetisation will be transparent and designed to align with user wellbeing, but the details remain unclear.

As with other AI content tools, regulatory challenges will likely follow. For example, EU regulators, privacy watchdogs, and copyright bodies are expected to monitor Sora closely, especially if it expands into new regions or gains widespread use among teens and creators.

What Does This Mean For Your Business?

What happens next will depend on how well OpenAI manages the tensions between innovation, safety, and long-term sustainability. Sora has been built to showcase Sora 2’s technical strengths, but its future will depend just as much on how responsibly it operates as a platform. The company’s decision to emphasise provenance, permissions, and moderation from the outset suggests it has learned from previous criticism, but the real tests will come as usage scales and more complex edge cases arise.

For UK businesses, Sora introduces a fast, low-friction way to prototype video content, develop ideas, and test audience engagement using synthetic media. Creative agencies, marketers, educators and internal comms teams may all find practical value in exploring what this kind of AI generation can offer. That said, legal departments, compliance leads and brand managers will need to engage early. Controls around likeness, IP, and data use must be fully understood before models like Sora 2 are deployed commercially, especially in regulated sectors.

Broadly speaking, this release positions OpenAI not just as a model developer but as a direct provider of consumer experiences. This puts it on a collision course with existing social media and content platforms, and means its moderation policies, data practices and monetisation plans will face far more public and regulatory scrutiny. If OpenAI can maintain trust while building momentum, Sora could redefine how people create and interact with video. If not, it risks repeating the mistakes of the platforms it seeks to improve upon.

The UK government has reportedly issued a fresh order instructing Apple to enable access to encrypted iCloud backups for British users, narrowing an earlier demand that had sought global access.

The New Order

According to reports in the Financial Times, the Home Office served Apple with a new Technical Capability Notice (TCN) in early September requesting a mechanism to access encrypted cloud backups for UK citizens. TCNs are formal notices issued under the Investigatory Powers Act 2016, a law that grants UK authorities the power to compel technology companies to make technical modifications to support lawful access to data.

The September notice reportedly differs from an earlier version issued in January by limiting the demand to British users only. The original order had requested access to encrypted iCloud data for users globally. At the time, that broader approach prompted some diplomatic and legal pushback, particularly from the United States.

How This One Differs From January’s Demand

The first TCN issued by the UK government sought a capability to unlock encrypted iCloud backups for any Apple user, regardless of nationality, if the user had enabled Apple’s Advanced Data Protection (ADP) feature. ADP is an optional setting that allows iCloud backups and other key data to be protected with end-to-end encryption, meaning not even Apple can decrypt the data.

That earlier order triggered an international dispute, with senior figures in the US government accusing the UK of overreach. In August, US Director of National Intelligence Tulsi Gabbard told the FT that the UK had “agreed to drop” its demand that would have affected US citizens’ protected data.

This latest September order appears to be a UK-only version that avoids direct infringement on US users’ rights, but the technical implications are still contested.

Apple’s Position

Apple has repeatedly rejected the idea of building a backdoor into any of its systems. For example, as the company said in a statement responding to the latest reports: “As we have said many times before, we have never built a back door or master key to any of our products or services and we never will”.

Blocked

Since February, Apple has actually blocked new users in the UK from enabling Advanced Data Protection, and has said existing users will eventually be required to disable it to continue using iCloud. A company support page confirms that ADP remains unavailable in the UK, although it is still offered in other regions, including the US and the EU.

ADP expands the categories of iCloud data protected by end-to-end encryption from 14 to 23, e.g. covering device backups, Photos, Notes and more. Without it, Apple holds the encryption keys, allowing the company to comply with valid legal requests for data access. With ADP, only the user has the key, and data can only be decrypted on that user’s trusted devices.

What The Home Office Says

The Home Office has not confirmed the existence of the order. In a statement, a government spokesperson said: “We do not comment on operational matters, including, for example, confirming or denying the existence of any such notices. We will always take all actions necessary at the domestic level to keep UK citizens safe.”

In reality, UK officials have consistently argued that encrypted technologies (and apps) can obstruct investigations into serious crimes, terrorism, and child sexual abuse, and that investigative capabilities must evolve in line with technological change.

The Legal Process And The Secrecy Fight

Apple has challenged aspects of the January TCN through the Investigatory Powers Tribunal (IPT), which is a specialist UK court that hears complaints about surveillance powers. In April, the IPT ruled against the Home Office’s attempt to keep the proceedings entirely secret, confirming Apple as the complainant and the Home Secretary as the respondent.

Campaign groups including Privacy International and Liberty have also mounted linked legal challenges, arguing that forcing Apple to weaken its encryption undermines users’ privacy and security. Those cases were due to be heard early next year, but the revised September order may now restart parts of the legal process.

Why This Is So Contentious (In Technical Terms)

End-to-end encryption ensures that data is only readable by the intended user. Critics of the UK’s approach say any attempt to introduce a backdoor, no matter how narrowly defined, undermines this principle and creates a new vulnerability. The point made by many critics is that if Apple breaks end-to-end encryption for the UK, it essentially breaks it for everyone and the resulting vulnerability could simply be exploited by all manner of bad actors, e.g. hostile states, cybercriminals and more.

Technical experts also argue that encryption systems can’t be designed with selective access for law enforcement without also weakening defences against broader threats. This has been a long-standing argument in the encryption debate, and is echoed by cryptographers, industry bodies and digital rights advocates.

The US Dimension

The earlier global demand strained relations between the UK and US governments. For example, key figures in President Trump’s administration, including Vice President JD Vance and DNI Tulsi Gabbard, reportedly urged the UK to abandon the request, warning that it could compromise data belonging to US citizens and damage transatlantic privacy agreements.

Also, during President Trump’s state visit to the UK in September, technology cooperation and investment were key topics. Around the same time, two US officials reportedly raised the Apple issue again. However, it’s been reported (by the FT) that the US is no longer pressuring the UK to rescind the latest order, which is most likely due to its narrowed scope.

Users

For now, UK users can’t newly enable Advanced Data Protection and those who already had it enabled before February are expected to lose access to the feature in the coming months. Apple has not set a public deadline, but its statement suggests existing users will eventually need to disable ADP to continue using iCloud services.

As noted earlier, the feature is actually designed to protect user data such as device backups, messages, photos, and documents, all of which are frequently targeted in data breaches. For example, when launching ADP, Apple cited industry research showing that global data breaches exposed more than 1.1 billion records in 2021, with personal data the most common target.

According to Apple’s own security whitepaper, even without ADP, iCloud still uses strong encryption standards and safeguards, but the ability for Apple to decrypt data under lawful request remains. In fact, with ADP enabled, Apple itself can’t access the data, even if compelled by authorities.

Reactions

Privacy groups have condemned the new order as a dangerous precedent. For example, Liberty and Privacy International have both warned that undermining encryption could affect not just privacy but also national security, by creating a mechanism that could be exploited by hostile states and criminal networks.

The UK’s data and security sectors have also expressed concerns that these policies could make the UK less attractive for tech investment. Also, companies required to disable privacy features in one country may be less willing to roll out services there, or may find it harder to meet customer expectations around security and compliance.

How It’s Being Framed

That said, the UK government continues to argue that TCNs are an essential part of modern law enforcement. For example, the Investigatory Powers Act, which came into force in 2016 and is sometimes referred to as the “Snoopers’ Charter” by critics, enables agencies to issue notices requiring companies to maintain technical capabilities to support interception, access, or decryption of data when authorised by a warrant.

Supporters of the law argue that it brings transparency and legal oversight to digital investigations. Opponents, however, say it gives the state too much power to interfere with private systems and sets dangerous global precedents. It’s worth noting here that the UK is one of only a few democracies that can legally issue binding demands to alter product security design.

What Does This Mean For Your Business?

It could be said that the revised order is a tactical retreat rather than a change of position. For example, by narrowing its demand to apply only to British users, the UK government has stepped back from the diplomatic tensions caused by its earlier global request, but the core issue remains basically unchanged. At the heart of this case is whether it’s technically and ethically possible to give law enforcement selective access to encrypted data without weakening protections for everyone.

For UK businesses, the implications are not just theoretical. A climate where privacy features are disabled or restricted by law could make the UK a less competitive market for privacy-conscious users and global technology providers. If firms like Apple are required to re-engineer core security features for one jurisdiction, others may follow suit or withdraw certain services altogether. This not only risks fragmenting digital service offerings but also complicates compliance strategies for businesses handling sensitive customer data.

For campaigners and civil society groups, the revised notice confirms their fears that UK authorities are continuing to seek access to encrypted systems by design. Their argument, echoed by technologists, is that any backdoor (even if limited to one region) introduces a broader vulnerability. Once a system can be compromised by one party, it is inherently more exposed to exploitation by others, whether state-sponsored attackers or criminal groups.

From Apple’s perspective, enabling a backdoor anywhere sets a precedent everywhere. The company has positioned itself as a defender of user privacy and security, and any concession in the UK could undermine that stance globally. Its refusal to offer even a limited workaround suggests it sees this issue not as a local policy dispute but as a line it is unwilling to cross.

Whether or not the Home Office ultimately enforces the order, this case highlights the ongoing tension between national security objectives and the technical realities of encryption. It also raises difficult questions about sovereignty in the digital age, specifically, to what extent one country can demand changes to global technologies that affect millions of users.

The Investigatory Powers Tribunal proceedings and linked legal challenges now take on renewed importance. With the order revised but not withdrawn, courts and campaigners will be watching closely to see how far the UK is willing to go to enforce access, and whether Apple is willing to comply. What happens next will shape the limits of lawful access not just in Britain, but in democratic societies worldwide.

Microsoft has launched a single unified Marketplace bringing together Azure Marketplace and AppSource, offering a central location for cloud services and AI applications integrated directly into the Microsoft ecosystem.

One Destination For AI And Cloud Procurement

On 25 September 2025, Microsoft announced the launch of Microsoft Marketplace, a new platform designed to simplify the way organisations discover, purchase, and deploy software across Microsoft’s cloud services. By combining the previously separate Azure Marketplace and Microsoft AppSource into a single platform, the company aims to give customers a more seamless experience for accessing both Microsoft-built and third-party solutions.

Trusted Source

According to Microsoft, the new Marketplace serves as a “trusted source for cloud solutions, AI apps and agents” that integrates directly with Microsoft Cloud offerings including Azure, Microsoft 365, Dynamics 365, Power Platform, and Microsoft Security.

Supports “Frontier Firms” Idea

The catalogue includes tens of thousands of listings across categories such as data and analytics, productivity and collaboration, and a range of industry-specific solutions. Microsoft says the launch supports its vision of enabling more organisations to become “Frontier Firms”, which is a term it uses to describe businesses that blend AI-driven tools with traditional work to accelerate innovation.

A Focus On AI Agents And Rapid Deployment

A key new component of the Microsoft Marketplace is the AI Apps and Agents category. This area of the Marketplace features more than 3,000 AI tools, including well-known Microsoft offerings like Microsoft 365 Copilot and Azure AI Foundry, alongside partner-developed applications. These agents are designed to automate tasks, enhance decision-making, and unlock operational efficiency across business functions.

Microsoft actually claims these tools can now be provisioned and deployed in under a minute! For example, Siemens, one of the launch partners, stated that it reduced AI app configuration times from 20 minutes to just 1 minute per instance using the Marketplace. The company also reported an eightfold increase in customer adoption through the new platform.

To make it easier for businesses to integrate AI into existing workflows, the new Marketplace also embeds selected solutions directly within Microsoft products. For example, Copilot agents are now accessible within the Microsoft 365 experience via an integrated Agent Store, while Teams apps, Azure models, and other tools are available in context where users work.

Streamlining Governance And Spending Management

Microsoft has positioned the Marketplace as a governance-friendly solution. This appears to be because all deployments are managed through a customer’s existing Microsoft Cloud environment and, therefore, IT teams can retain control over access, security, and compliance. Applications and agents installed from the Marketplace follow the organisation’s configured policies, helping to ensure consistency across teams and departments.

This integrated experience may be particularly important for organisations with pre-agreed Microsoft Azure Consumption Commitments (MACCs). Microsoft confirmed that any eligible purchases made through the Marketplace continue to count towards these commitments, allowing finance and procurement teams to optimise spending without risking overspend or compliance issues.

New Commercial Routes For Partners And ISVs

For Microsoft’s partner ecosystem, the Marketplace also opens new sales and distribution channels. For example, the company has expanded integration with major distributors such as Arrow, Crayon, Ingram Micro, Pax8 and TD SYNNEX, enabling them to embed Microsoft Marketplace listings into their own offerings.

Microsoft has also introduced a new feature called “resale enabled offers”, currently in private preview, which allows independent software vendors (ISVs) to authorise their partners to sell Marketplace listings on their behalf through private offers. This model aims to support co-selling strategies and increase the reach of third-party solutions.

According to Nicole Dezen, Microsoft’s Chief Partner Officer, more than six million people visit Microsoft Marketplace every month, and the number of customers purchasing AI products through the platform has recently doubled.

Strategic Context And Timing

The launch of the unified Marketplace is really part of Microsoft’s wider commercial strategy to embed AI into the core of enterprise operations, reduce procurement complexity, and support channel growth. It also arrives at a time when Microsoft is restructuring internally to put greater emphasis on AI execution and developer platforms.

By consolidating its marketplaces, Microsoft is aiming to remove fragmentation for both customers and software vendors, and to present a clearer integration path for AI agents, apps, and cloud services.

Comparison with AWS (And Others)

Microsoft’s move will likely be viewed in the context of Amazon’s Bedrock platform, which offers a catalogue of AI foundation models that can be accessed and deployed via Amazon Web Services. Bedrock is pitched as a simple, scalable way for enterprises to access large language models and build generative AI applications.

While Amazon focuses on model-level choices, Microsoft is emphasising agent-level integration and user experience inside Microsoft 365 and other products. This could give Microsoft an advantage among organisations already embedded in its cloud and productivity tools. However, buyers will still compare vendor flexibility, model variety, and pricing across platforms.

Benefits And Trade-Offs For Customers

For IT and procurement teams, the new Marketplace appears to offer a consolidated, governed route to access thousands of tools without the overhead of managing multiple platforms or bypassing security protocols. End users can gain access to approved apps and agents directly within their day-to-day workflows, thereby speeding up adoption and deployment.

Also, organisations already committed to Microsoft’s ecosystem may find they can deploy new AI tools faster, with fewer integration challenges. Microsoft’s claim of “one-minute deployment” and compatibility with enterprise security policies will appeal to large firms seeking rapid returns from AI investments.

However, some trade-offs remain. For example, the convenience of staying within the Microsoft ecosystem could lead to increased dependency on Microsoft services and commercial agreements, potentially limiting multicloud flexibility over time.

Risks, Challenges, And Criticisms

It’s worth noting here that the launch also raises some concerns around market dominance and vendor lock-in. For example, back in October 2023, the UK’s Competition and Markets Authority concluded a detailed market investigation into cloud infrastructure services, highlighting structural barriers that hinder customer switching and favour the largest providers. While Microsoft has disputed aspects of that ruling, the creation of a unified Marketplace could increase reliance on its platform, reinforcing the very dynamics under review.

Security is another area of possible scrutiny. For example, as organisations adopt AI agents capable of autonomous action, there are growing concerns about how those agents interact with data, tools, and users. Microsoft has acknowledged these risks in its own technical documentation, warning of potential agent failure modes and security misconfigurations linked to the Model Context Protocol (MCP), which underpins many of the agent integrations.

Also, cybersecurity researchers have highlighted risks such as prompt injection, over-permissioned access, and insecure connectors. While Microsoft’s promise of secure provisioning through the Marketplace is intended to mitigate these risks, the responsibility for implementation, governance, and oversight remains with each customer.

Operational complexity may be yet another challenge for Microsoft. While the Marketplace promotes one-click deployment, lifecycle management of AI and cloud apps, such as patching, compatibility checks, and vendor due diligence, remains a resource-intensive task. Organisations will, therefore, need to align their internal processes with Marketplace activity, particularly where data residency, industry-specific compliance, or software licensing is concerned.

Only In The U.S. For Now

Microsoft has also confirmed that the Marketplace is initially available only in the United States, with global rollout to follow. International customers will, therefore, need to monitor catalogue availability, regional billing options, and data handling assurances closely, particularly for regulated sectors or cross-border deployments.

What Does This Mean For Your Business?

UK businesses already using Microsoft 365, Azure, or Dynamics are likely to find immediate benefits in the new Marketplace (when it eventually rolls out here). For example, it simplifies procurement, shortens deployment times, and allows pre-approved AI tools to be delivered directly into users’ daily workflows without disrupting governance or procurement protocols. This could accelerate experimentation with Copilot extensions and industry-specific solutions, especially for organisations that need to show quick returns on AI adoption without introducing additional risk.

For Microsoft’s partners and independent software vendors, the move creates new opportunities and increased competition. With over six million monthly visitors and growing demand for AI solutions, the Marketplace now acts as both a distribution channel and a co-sell platform. Distributors embedding the Microsoft catalogue into their own storefronts could expand access further, although those in the partner ecosystem will need to adapt to Microsoft’s standards, pricing models, and resale mechanics.

For decision-makers, the challenge will be striking the right balance between speed and scrutiny. The promise of one-click AI agents is compelling, but responsibility for integration, oversight, and risk management stays with the customer. Organisations will still need to enforce least-privilege principles, vet vendors, monitor agent activity, and align Marketplace use with broader digital and security strategies. Those operating in regulated sectors may also need to carry out additional reviews to meet legal, contractual, or ethical obligations around data use and automation.

As previously mentioned, the global rollout will be another area to watch. UK organisations outside the United States will be looking closely at how quickly catalogue parity is achieved, whether billing and compliance frameworks are fully localised, and how Marketplace features such as resale enabled offers evolve once out of preview. For now though, the launch appears to mark a major consolidation of Microsoft’s cloud sales platform, one that could reshape how software is bought, sold, and used across the Microsoft ecosystem.

It’s been reported that Meta and analytics firms are quietly turning private AI chats into advertising fuel, with little user control and growing legal concerns.

From 16 December 2025, Meta will begin using users’ conversations with Meta AI to personalise ads across Facebook, Instagram, WhatsApp, and Messenger. There’s no opt-out, though the UK, EU, and South Korea are excluded for now. Meta claims sensitive topics like health and politics won’t be used.

Also, startup Profound says it has access to over 150 million real AI chats to help brands analyse how they appear in chatbot results. Experts believe the data comes from browser extensions that log chat content without clear user consent, which is a claim that Profound denies.

Privacy professionals warn that vague permissions like “read all data on websites” may breach UK GDPR and PECR rules, especially when users aren’t fully informed. Similar practices by firms like Onavo and Jumpshot have previously triggered regulatory action.

Businesses should treat AI chats as sensitive data, restrict browser extensions, and demand transparency from any vendor using AI interaction data.