An anonymous reader quotes a report from ZDNet: Today, open-source software powers the world. It didn't have to be that way. The Open Invention Network's (OIN) origins are rooted in a turbulent era for open source. In the mid-2000s, Linux faced existential threats from copyright and patent litigation. Besides, the infamous SCO lawsuit and Microsoft's claims that Linux infringed on hundreds of its patents cast a shadow over the ecosystem. Business leaders became worried. While SCO's attacks petered out, patent trolls -- formally known as Patent Assertion Entities (PAEs) -- were increasing their attacks. So, open-source friendly industry giants, including IBM, Novell, Philips, Red Hat, and Sony, formed the Open Invention Network (OIN) to create a bulwark against patent threats targeting Linux and open-source technologies. Founded in 2005, the Open Invention Network (OIN) has evolved into a global community comprising over 4,000 participants, ranging from startups to multinational corporations, collectively holding more than three million patents and patent applications.

At the heart of OIN's legal strategy is a royalty-free cross-license agreement. Members agree not to assert their patents against the Linux System, creating a powerful network effect that shields open-source projects from litigation. As OIN CEO Keith Bergelt explained, this model enables "broad-based participation by ensuring patent risk mitigation in key open-source technologies, thereby facilitating open-source adoption." This approach worked then, and it continues to work today. [...] Over the years, OIN's mission has expanded beyond Linux to cover a range of open-source technologies. Its Linux System Definition, which determines the scope of patent cross-licensing, has grown from a few core packages to over 4,500 software components and platforms, including Android, Apache, Kubernetes, and ChromeOS. This expansion has been critical, as open source has become foundational across industries such as finance, automotive, telecommunications, and artificial intelligence.

South Korean telecom network SK Telecom is providing free SIM card replacements to all 25 million mobile subscribers following an April 19 security breach where malware compromised Universal Subscriber Identity Module data.

Despite the company's announcement, only 6 million replacement cards will be available through May 2025. The stolen data potentially includes IMSI numbers, authentication keys, and network usage information, though customer names, identification details, and financial information remain secure. The primary risk is unauthorized SIM swapping attacks, where threat actors could clone SIM cards.

An anonymous reader quotes a report from Wired: Automakers are increasingly pushing consumers to accept monthly and annual fees to unlock preinstalled safety and performance features, from hands-free driving systems and heated seats to cameras that can automatically record accident situations. But the additional levels of internet connectivity this subscription model requires can increase drivers' exposure to government surveillance and the likelihood of being caught up in police investigations. A cache of more than two dozen police records recently reviewed by WIRED show US law enforcement agencies regularly trained on how to take advantage of "connected cars," with subscription-based features drastically increasing the amount of data that can be accessed during investigations. The records make clear that law enforcement's knowledge of the surveillance far exceeds that of the public and reveal how corporate policies and technologies -- not the law -- determine driver privacy.

"Each manufacturer has their whole protocol on how the operating system in the vehicle utilizes telematics, mobile Wi-Fi, et cetera," one law enforcement officer noted in a presentation prepared by the California State Highway Patrol (CHP) and reviewed by WIRED. The presentation, while undated, contains statistics on connected cars for the year 2024. "If the vehicle has an active subscription," they add, "it does create more data." The CHP presentation, obtained by government transparency nonprofit Property of the People via a public records request, trains police on how to acquire data based on a variety of hypothetical scenarios, each describing how vehicle data can be acquired based on the year, make, and model of a vehicle. The presentation acknowledges that access to data can ultimately be limited due to choices made by not only vehicle manufacturers but the internet service providers on which connected devices rely.

One document notes, for instance, that when a General Motors vehicle is equipped with an active OnStar subscription, it will transmit data -- revealing its location -- roughly twice as often as a Ford vehicle. Different ISPs appear to have not only different capabilities but policies when it comes to responding to government requests for information. Police may be able to rely on AT&T to help identify certain vehicles based on connected devices active in the car but lack the ability to do so when the device relies on a T-Mobile or Verizon network instead. [...] Nearly all subscription-based car features rely on devices that come preinstalled in a vehicle, with a cellular connection necessary only to enable the automaker's recurring-revenue scheme. The ability of car companies to charge users to activate some features is effectively the only reason the car's systems need to communicate with cell towers. The police documents note that companies often hook customers into adopting the services through free trial offers, and in some cases the devices are communicating with cell towers even when users decline to subscribe.

An anonymous reader quotes a report from Ars Technica: Comcast executives apparently realized something that customers have known and complained about for years: The Internet provider's prices aren't transparent enough and rise too frequently. This might not have mattered much to cable executives as long as the total number of subscribers met their targets. But after reporting a net loss of 183,000 residential broadband customers in Q1 2025, Comcast President Mike Cavanagh said the company isn't "winning in the marketplace" during an earnings call today. The Q1 2025 customer loss was over three times larger than the net loss in Q1 2024.

While customers often have few viable options for broadband and the availability of alternatives varies widely by location, Comcast faces competition from fiber and fixed wireless ISPs. "In this intensely competitive environment, we are not winning in the marketplace in a way that is commensurate with the strength of the network and connectivity products that I just described," Cavanagh said. "[Cable division CEO] Dave [Watson] and his team have worked hard to understand the reasons for this disconnect and have identified two primary causes. One is price transparency and predictability and the other is the level of ease of doing business with us. The good news is that both are fixable and we are already underway with execution plans to address these challenges." [...]

Cavanagh said that Comcast plans to make changes in marketing and operations "with the highest urgency." This means that "we are simplifying our pricing construct to make our price-to-value proposition clearer to consumers across all broadband segments," he said. Comcast last week announced a five-year price guarantee for broadband customers who sign up for a new package. Comcast said customers will get a "simple monthly price starting as low as $55 per month," without having to enter a contract, giving them "freedom and flexibility to cancel at any time without penalty." The five-year guarantee also comes with one year of Xfinity Mobile at no charge, Comcast said. [...] Additional offers are in the works, Cavanagh said. "We are not done. Providing more value to our customers with less complexity and friction is a top priority and you will see our go-to-market approach continue to evolve over the coming months," he said. Comcast investors shouldn't expect an immediate turnaround, though. "We anticipate that it will take several quarters for our new approach to gain traction and impact the business in a meaningful way," Cavanagh said.

An anonymous reader quotes a report from TechCrunch: Government censorship has found its way to Bluesky, but there's currently a loophole thanks to how the social network is structured. Earlier this month, Bluesky restricted access to 72 accounts in Turkey at the request of Turkish governmental authorities, according to a recent report by the Freedom of Expression Association. As a result, people in Turkey can no longer see these accounts, and their reach is limited. The report indicates that 59 Bluesky accounts were blocked on the grounds of protecting "national security and public order." Bluesky also made another 13 accounts and at least one post invisible from Turkey.

Given that many Turkish users migrated from X to Bluesky in the hopes of fleeing government censorship, Bluesky's bowing to the Turkish government's demands has raised questions among the community as to whether the social network is as open and decentralized as it claims to be. (Or whether it's "just like Twitter" after all.) However, Bluesky's technical underpinnings currently make bypassing these blocks easier than it would be on a network like X -- even if it's not quite as open as the alternative social network Mastodon, another decentralized X rival.

A Mastodon user could move their account around to different servers to avoid censorship targeted at the original Mastodon instance (server) where they first made posts that attracted the censors. Users on the official Bluesky app can configure their moderation settings but have no way to opt out of the moderation service Bluesky provides. This includes its use of geographic labelers, like the newly added Turkish moderation labeler that handles the censorship of accounts mandated by the Turkish government. (Laurens Hof has a great breakdown of how this all works in more technical detail here on The Fediverse Report.) Simply put, if you're on the official Bluesky app and Bluesky (the company) agrees to censor something in your region, there's no way to opt out of this to see the hidden posts or accounts. Other third-party Bluesky apps, which make up the larger open social web known as the Atmosphere, don't have to follow these same rules. At least, not for now.

BrianFagioli writes: ARMO, the company behind Kubescape, has uncovered what could be one of the biggest blind spots in Linux security today. The company has released a working rootkit called "Curing" that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market.

At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.

Researchers in Germany successfully demonstrated coherent quantum communications over 254 km of existing commercial telecom fiber, marking the first real-world deployment of such a system without cryogenic cooling. Phys.Org reports: Their system uses a coherence-based twin-field quantum key distribution, which facilitates the distribution of secure information over long distances. The quantum communications network was deployed over three telecommunication data centers in Germany (Frankfurt, Kehl and Kirchfeld), connected by 254 km of commercial optical fiber -- a new record distance for real-world and practical quantum key distribution, according to the authors. This demonstration indicates that advanced quantum communications protocols that exploit the coherence of light can be made to work over existing telecom infrastructure. The research has been published in the journal Nature.

Meta has expanded both the feature set and availability of its Ray-Ban smart glasses. Notable updates include live translation with offline support through downloadable language packs, the ability to send messages and make calls via Instagram, and conversations with Meta AI based on real-time visual context. The Verge reports: Live translation was first teased at Meta Connect 2024 last October, and saw a limited rollout through Meta's Early Access Program in select countries last December. Starting today it's getting a wider rollout to all the markets where the Ray-Ban Meta smart glasses are available. You can hold a conversation with someone who speaks English, French, Italian, or Spanish, and hear a real-time translation through the smart glasses in your preferred language. If you download a language pack in advance, you can use the live translations feature without Wi-Fi or access to a cellular network, making it more convenient to use while traveling abroad.

Meta also highlighted a few other features that are still enroute or getting an expanded release. Live AI, which allows the Meta AI smart assistant to continuously see what you do for more natural conversations is now "coming soon to general availability in the US and Canada." The ability to "send and receive direct messages, photos, audio calls, and video calls from Instagram on your glasses," similar to functionality already available through WhatsApp, Messenger, and iOS and Android's native messaging apps, is coming soon as well. Access to music apps like Spotify, Amazon Music, Shazam, and Apple Music is starting to expand beyond the US and Canada, Meta says. However, asking Meta AI to play music, or for more information about what you're listening to, will still only be available to those with their "default language is set to English."

Anthropic predicts AI-powered virtual employees will start operating within companies in the next year, introducing new risks such as account misuse and rogue behavior. Axios reports: Virtual employees could be the next AI innovation hotbed, Jason Clinton, the company's chief information security officer, told Axios. Agents typically focus on a specific, programmable task. In security, that's meant having autonomous agents respond to phishing alerts and other threat indicators. Virtual employees would take that automation a step further: These AI identities would have their own "memories," their own roles in the company and even their own corporate accounts and passwords. They would have a level of autonomy that far exceeds what agents have today. "In that world, there are so many problems that we haven't solved yet from a security perspective that we need to solve," Clinton said.

Those problems include how to secure the AI employee's user accounts, what network access it should be given and who is responsible for managing its actions, Clinton added. Anthropic believes it has two responsibilities to help navigate AI-related security challenges. First, to thoroughly test Claude models to ensure they can withstand cyberattacks, Clinton said. The second is to monitor safety issues and mitigate the ways that malicious actors can abuse Claude.

AI employees could go rogue and hack the company's continuous integration system -- where new code is merged and tested before it's deployed -- while completing a task, Clinton said. "In an old world, that's a punishable offense," he said. "But in this new world, who's responsible for an agent that was running for a couple of weeks and got to that point?" Clinton says virtual employee security is one of the biggest security areas where AI companies could be making investments in the next few years.

Verizon Consumer CEO Sowmyanarayan Sampath has declared that net neutrality regulations "went literally nowhere." Sampath claimed he couldn't identify what problem net neutrality was attempting to solve, despite Verizon's history of aggressive lobbying against such rules. "I don't know what net neutrality does," Sampath told The Verge. "I still don't know what problem we are trying to solve with net neutrality."

When pressed about potential anti-competitive behaviors like zero-rating services, Sampath deflected by focusing exclusively on traffic management concerns, arguing that networks require prioritization capabilities during congestion. "For traffic management purposes, we need to have some controls in the network," he stated. The interview comes as Verizon faces a different regulatory challenge from FCC Commissioner Brendan Carr, who is holding up Verizon's Frontier acquisition over the company's diversity initiatives.

"Russia is automating the spread of false information to fool AI chatbots," reports the Washington Post. (When researchers checked 10 chatbots, a third of the responses repeated false pro-Russia messaging.)

The Post argues that this tactic offers "a playbook to other bad actors on how to game AI to push content meant to inflame, influence and obfuscate instead of inform," and calls it "a fundamental weakness of the AI industry." Chatbot answers depend on the data fed into them. A guiding principle is that the more the chatbots read, the more informed their answers will be, which is why the industry is ravenous for content. But mass quantities of well-aimed chaff can skew the answers on specific topics. For Russia, that is the war in Ukraine. But for a politician, it could be an opponent; for a commercial firm, it could be a competitor. "Most chatbots struggle with disinformation," said Giada Pistilli, principal ethicist at open-source AI platform Hugging Face. "They have basic safeguards against harmful content but can't reliably spot sophisticated propaganda, [and] the problem gets worse with search-augmented systems that prioritize recent information."

Early commercial attempts to manipulate chat results also are gathering steam, with some of the same digital marketers who once offered search engine optimization — or SEO — for higher Google rankings now trying to pump up mentions by AI chatbots through "generative engine optimization" — or GEO.
Our current situation "plays into the hands of those with the most means and the most to gain: for now, experts say, that is national governments with expertise in spreading propaganda." Russia and, to a lesser extent, China have been exploiting that advantage by flooding the zone with fables. But anyone could do the same, burning up far fewer resources than previous troll farm operations... In a twist that befuddled researchers for a year, almost no human beings visit the sites, which are hard to browse or search. Instead, their content is aimed at crawlers, the software programs that scour the web and bring back content for search engines and large language models. While those AI ventures are trained on a variety of datasets, an increasing number are offering chatbots that search the current web. Those are more likely to pick up something false if it is recent, and even more so if hundreds of pages on the web are saying much the same thing...

The gambit is even more effective because the Russian operation managed to get links to the Pravda network stories edited into Wikipedia pages and public Facebook group postings, probably with the help of human contractors. Many AI companies give special weight to Facebook and especially Wikipedia as accurate sources. (Wikipedia said this month that its bandwidth costs have soared 50 percent in just over a year, mostly because of AI crawlers....) Last month, other researchers set out to see whether the gambit was working. Finnish company Check First scoured Wikipedia and turned up nearly 2,000 hyperlinks on pages in 44 languages that pointed to 162 Pravda websites. It also found that some false information promoted by Pravda showed up in chatbot answers.
"They do even better in such places as China," the article points out, "where traditional media is more tightly controlled and there are fewer sources for the bots." (The nonprofit American Sunlight Project calls the process "LLM grooming".)

The article quotes a top Kremlin propagandist as bragging in January that "we can actually change worldwide AI."

A communication error between GoDaddy Registry and Markmonitor took Zoom's services offline for almost two hours on Wednesday when GoDaddy mistakenly blocked the zoom.us domain. The outage affected all services dependent on the zoom.us domain.

GoDaddy's block prevented top-level domain nameservers from maintaining proper DNS records for zoom.us. This created a classic domain resolution failure -- when users attempted to connect to any zoom.us address, their requests couldn't be routed to Zoom's servers because the domain effectively disappeared from the internet's addressing system.

Video meetings abruptly terminated mid-session with browser errors indicating the domain couldn't be found. Zoom's status page (status.zoom.us) went offline, hampering communication efforts. Even Zoom's main website at zoom.com failed as the content delivery network couldn't reach backend services hosted on zoom.us servers. Customer support capabilities collapsed when account managers using Zoom's VoIP phones lost connectivity.

Resolution required coordinated effort between Zoom, Markmonitor, and GoDaddy to identify and remove the block. After service restoration, users needed to manually flush their DNS caches using command line instructions (including the sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder command for Mac users).

Longtime Slashdot reader schwit1 shares a report from the Associated Press: Google has been branded an abusive monopolist by a federal judge for the second time in less than a year, this time for illegally exploiting some of its online marketing technology to boost the profits fueling an internet empire currently worth $1.8 trillion. The ruling issued Thursday by U.S. District Judge Leonie Brinkema in Virginia comes on the heels of a separate decision in August that concluded Google's namesake search engine has been illegally leveraging its dominance to stifle competition and innovation. [...] The next step in the latest case is a penalty phase that will likely begin late this year or early next year. The same so-called remedy hearings in the search monopoly case are scheduled to begin Monday in Washington D.C., where Justice Department lawyers will try to convince U.S. District Judge Amit Mehta to impose a sweeping punishment that includes a proposed requirement for Google to sell its Chrome web browser.

Brinkema's 115-page decision centers on the marketing machine that Google has spent the past 17 years building around its search engine and other widely used products and services, including its Chrome browser, YouTube video site and digital maps. The system was largely built around a series of acquisitions that started with Google's $3.2 billion purchase of online ad specialist DoubleClick in 2008. U.S. regulators approved the deals at the time they were made before realizing that they had given the Mountain View, California, company a platform to manipulate the prices in an ecosystem that a wide range of websites depend on for revenue and provides a vital marketing connection to consumers.

The Justice Department lawyers argued that Google built and maintained dominant market positions in a technology trifecta used by website publishers to sell ad space on their webpages, as well as the technology that advertisers use to get their ads in front of consumers, and the ad exchanges that conduct automated auctions in fractions of a second to match buyer and seller. After evaluating the evidence presented during a lengthy trial that concluded just before Thanksgiving last year, Brinkema reached a decision that rejected the Justice Department's assertions that Google has been mistreating advertisers while concluding the company has been abusing its power to stifle competition to the detriment of online publishers forced to rely on its network for revenue.

"For over a decade, Google has tied its publisher ad server and ad exchange together through contractual policies and technological integration, which enabled the company to establish and protect its monopoly power in these two markets." Brinkema wrote. "Google further entrenched its monopoly power by imposing anticompetitive policies on its customers and eliminating desirable product features." Despite that rebuke, Brinkema also concluded that Google didn't break the law when it snapped Doubleclick nor when it followed up that deal a few years later by buying another service, Admeld. The Justice Department "failed to show that the DoubleClick and Admeld acquisitions were anticompetitive," Brinkema wrote. "Although these acquisitions helped Google gain monopoly power in two adjacent ad tech markets, they are insufficient, when viewed in isolation, to prove that Google acquired or maintained this monopoly power through exclusionary practices." That finding may help Google fight off any attempt to force it to sell its advertising technology to stop its monopolistic behavior.

Researchers at the University of Tokyo have created what they believe is the largest single piece of lab-grown meat to date: a chicken nugget-sized chunk measuring 7 centimeters long, 4 centimeters wide, and 2.25 centimeters thick, weighing 11 grams. The breakthrough, reported today in Trends in Biotechnology, uses an artificial circulatory system to overcome a fundamental limitation in cultured meat production.

The team, led by biohybrid system engineer Shoji Takeuchi, grew cells around a network of semipermeable hollow fibers -- similar to those used in water filters and dialysis machines -- that deliver nutrients and oxygen throughout the tissue. Unlike most commercial approaches that produce tiny meat fragments later assembled with binders or scaffolds, this method creates a single coherent piece with more natural structure and texture.

This is the first working model using tubes to grow muscle tissue into a thick slab, according to Mark Post, chief science officer at Mosa Meat, who created the world's first lab-grown hamburger in 2013. Significant hurdles remain before commercialization. The hollow fibers aren't edible and must be manually removed. Researchers are exploring automating this process or creating edible alternatives using cellulose.

An anonymous reader shares a report: OpenAI is working on its own X-like social network, according to multiple sources familiar with the matter. While the project is still in early stages, we're told there's an internal prototype focused on ChatGPT's image generation that has a social feed. CEO Sam Altman has been privately asking outsiders for feedback about the project, our sources say. It's unclear if OpenAI's plan is to release the social network as a separate app or integrate it into ChatGPT, which became the most downloaded app globally last month.

Launching a social network in or around ChatGPT would likely increase Altman's already-bitter rivalry with Elon Musk. In February, after Musk made an unsolicited offer to purchase OpenAI for $97.4 billion, Altman responded: "no thank you but we will buy twitter for $9.74 billion if you want." Entering the social media market also puts OpenAI on more of a collision course with Meta, which we're told is planning to add a social feed to its coming standalone app for its AI assistant. When reports of Meta building a rival to the ChatGPT app first surfaced a couple of months ago, Altman shot back on X again by saying, "ok fine maybe we'll do a social app."

An anonymous reader shares a report: An attorney for the Federal Trade Commission told a judge that Facebook, fearing the competitive threat of Instagram posted to their social media network, acquired both as a way to "neutralize" the rival. "They decided that competition was too hard," the FTC's attorney, Daniel Matheson, said in his opening statement in the government's antitrust case against the Meta Platforms social media empire.

He argued that with Meta's monopoly in social media, "consumers do not have reasonable alternatives they can turn to," even as satisfaction has declined. At stake is the potential breakup of Facebook-parent Meta, as the government has zeroed in on the 2012 acquisition of Instagram and 2014 purchase of WhatsApp.

Hackers intercepted about 103 bank regulators' emails for more than a year, gaining access to highly sensitive financial information, Bloomberg News reported Tuesday, citing two people familiar with the matter and a draft letter to Congress. From the report: The attackers were able to monitor employee emails at the Office of the Comptroller of the Currency after breaking into an administrator's account, said the people, asking not to be identified because the information isn't public. OCC on Feb. 12 confirmed that there had been unauthorized activity on its systems after a Microsoft security team the day before had notified OCC about unusual network behavior, according to the draft letter.

The OCC is an independent bureau of the Treasury Department that regulates and supervises all national banks, federal savings associations and the federal branches and agencies of foreign banks -- together holding trillions of dollars in assets. OCC on Tuesday notified Congress about the compromise, describing it as a "major information security incident."

"The analysis concluded that the highly sensitive bank information contained in the emails and attachments is likely to result in demonstrable harm to public confidence," OCC Chief Information Officer Kristen Baldwin wrote in the draft letter to Congress that was seen by Bloomberg News. While US government agencies and officials have long been the targets of state-sponsored espionage campaigns, multiple high-profile breaches have surfaced over the past year.

Children in a small Japanese town are obsessively collecting trading cards featuring local elderly men rather than popular fantasy creatures, helping bridge generational gaps in an aging rural community.

In Kawara, Fukuoka Prefecture, the "Ojisan TCG" (Middle-aged Man Trading Card Game) features 28 local men with assigned elemental types and battle stats. The collection includes a former fire brigade chief and a prison officer-turned-volunteer whose card has become so sought-after that children request his autograph.

Created by Eri Miyahara of the Saidosho Community Council, the initiative has doubled participation in town events. "We wanted to strengthen the connection between children and older generations," Miyahara told Fuji News Network. "So many kids are starting to look up to these men as heroic figures."

On Bluesky, the joke's on you if you don't get the joke. The social network has become a "refuge" for those fleeing X and Threads, but its growing pains include a serious case of humor-impairment. When Amy Brown jokingly posted she was "screaming, crying, and throwing up" about price differences between Ohio and California Walgreens, literal-minded users scolded her for exaggerating. Brown, a former Wendy's social media manager who got banned from X after impersonating Elon Musk, puts it simply: "We're both speaking English, but I'm speaking internet."

This clash stems from Bluesky's oddly mixed population: irony-steeped Twitter refugees mingling with earnest Facebook transplants and MSNBC viewers who took the plunge after seeing the platform mentioned on shows like Morning Joe. "It's riff collapse," says cartoonist Mattie Lubchansky, describing how her obviously absurd Oscar post triggered sincere movie recommendations.

New Mexico's legislature passed bills last week that would ban consumer products containing PFAS, joining a small but growing number of states taking action against these persistent "forever chemicals." If signed by the governor, the legislation would prohibit the sale of many products with added per- and polyfluorinated alkyl substances (PFAS) in New Mexico, making it the third state after Maine and Minnesota to enact such comprehensive restrictions.

At least 29 states have PFAS-related bills before state legislatures this year, according to Safer States, a network of advocacy organizations. Research shows PFAS accumulate in the environment and human bodies, potentially causing health problems from high cholesterol to cancer. EPA figures indicate almost half of Americans are exposed to PFAS in their drinking water.

Wired reports that chemical and consumer products industries are aggressively fighting state-level bans on "forever chemicals" through lobbying and legal action as regulations spread across the United States. The Cookware Sustainability Alliance, formed in 2024 by major cookware manufacturers, has testified in 10 statehouses against PFAS restrictions and sued Minnesota in January, claiming its ban is unconstitutional. (The New Mexico bills include notable exemptions, particularly for fluoropolymers used in nonstick cookware, following successful lobbying by industry groups.)

Industry groups are also targeting federal regulators, with the American Chemistry Council and others recommending the EPA adopt a narrower definition of PFAS. "The federal regulatory approach is preferable to a patchwork of different and potentially conflicting state approaches," said Erich Shea from the American Chemistry Council.