LogoLogo

Podcasts

Newsletters

Videos

Catalog

People

About

Search

Seriously Risky Business Newsletter

April 23, 2026

Srsly Risky Biz: Musk Snubs French Authorities

Written by

Tom Uren
Tom Uren

Policy & Intelligence

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Nebulock.

You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via this RSS feed.

Elon Musk at CPAC, Wikimedia Commons

Elon Musk has refused to appear at a voluntary interview relating to a French criminal investigation into illegal content on X and sexual abuse material created by the Grok chatbot.

The strategy of applying pressure directly on technology company executives is one that French authorities have used before. This incident reminds us of the arrest of Telegram founder and CEO Pavel Durov in Paris back in 2024. 

Both Telegram and X are being investigated by the same aggressive French cybercrime unit, but the problems these platforms present to authorities are different. Prior to Durov's arrest, Telegram was notoriously reluctant to cooperate with authorities and child safety groups. Massive criminal marketplaces flourished on the app. X, on the other hand, does actually enforce rules and policies, albeit imperfectly. While it has stepped back from countering bias or misinformation and has become an amplifier of Musk's own extreme right-wing views, this is not in the same league as allowing criminal activity to flourish.

X's French offices were raided in February this year as part of an investigation into whether the platform's algorithm was politically biased or being manipulated. French authorities were also investigating the Grok chatbot's alleged Holocaust denial and creation of sexually explicit deepfakes, including ones of children. Grok is developed by another of Musk's companies, xAI, and is integrated into X. 

At the time of the raid, X denied any wrongdoing, described the allegations as "baseless" and said the investigation was politicised and, "distorts French law, circumvents due process, and endangers free speech". Musk himself called the investigation "a political attack". After the raid, both Musk and former X CEO Linda Yaccarino were summoned to "voluntary interviews" with French authorities. They had been scheduled for Monday. 

Prosecutors said the hearings were to allow the executives to "present their position regarding the facts and, where appropriate, the compliance measures they plan to put in place". They said the aim was to ensure X complied with French law on French territory. 

Back in 2024, Durov's arrest came after he flew into Paris on a private jet. But we don't think there is any real chance that Musk would have seen the same fate. For starters, Pavel Durov is a French citizen while Musk has American citizenship.

Thus, Musk is backed by the might of a US government that shares his outlook and ideology. The Wall Street Journal reported that the Department of Justice had rebuffed a French request for assistance in the investigation. Strong language was used in a two-page letter, seen by the WSJ. It said the "investigation seeks to use the criminal legal system in France to regulate a public square for the free expression of ideas and opinions in a manner contrary to the First Amendment of the United States Constitution". It continued that France's requests "constitute an effort to entangle the United States in a politically charged criminal proceeding aimed at wrongfully regulating through prosecution the business activities of a social media platform". 

Despite seemingly minimal risks, neither Musk nor Yaccarino showed on Monday. Why answer uncomfortable questions and risk arrest if doing so is voluntary? If we were his lawyers we certainly wouldn't recommend putting Paris on Musk's travel agenda. 

To some degree, it doesn't matter how the French investigation turns out. Even if it can't prove matters to a criminal standard, the European Union as a whole has plenty of regulatory firepower, including the European Digital Services Act (DSA). 

The DSA requires that platforms must assess and mitigate risks such as disinformation and election manipulation. We suspect that it might be hard for X to prove that it is effectively mitigating some of these risks. Potential penalties include large fines and even temporary suspension of the service across the European Union.

The Trump administration is increasingly unpopular in Europe. The political reality is that X will be increasingly under fire because it actively promotes the administration's ideology. 

X was already fined €120 million (USD$140 million) in December last year, by the European Commission, for failing to meet various transparency requirements. These included the fact that any everyday user could purchase verified checkmarks and the platform did not provide researchers with access to data. 

So where is this heading? We can't see Musk reinvigorating X's trust and safety teams to counter bias, disinformation and influence campaigns any time soon. Formal government investigations take time, but they are coming. Our prediction: Fines for X will rack up, the company will fight them, and we get to enjoy the show. 

They've Got 702 Problems and the FBI is One

The Congressional reauthorisation of Section 702 of the Foreign Intelligence Surveillance Act (FISA) will require some horse trading.

Section 702 allows US intelligence agencies to compel service providers to help conduct targeted surveillance of foreigners outside the US. It has been described by US officials as the "crown jewel" of the country's surveillance programs. 

Despite that, it has not been without controversy. Collection takes place on US soil and Americans can get caught up in what is known as incidental collection. Then there was the time that the FBI really screwed up. 

In 2023, we learnt the Bureau had been querying the data almost as a matter of course and with no regard to whether the queries met the government's pretty sensible criteria. The court that oversees FISA, and which revealed the FBI's outrageous behaviour, described the Bureau's use of Section 702 data as a "pattern of broad, suspicionless queries that are not reasonably likely to retrieve foreign intelligence or evidence of a crime". 

Despite Congress knowing about the FBI's egregious practices, the Bureau pinky-promised that it would fix its ways and Section 702 was reauthorised in April 2024, for just two years. To its credit, the FBI's querying compliance has improved. The Section 702 compliance assessment released in July last year found a 99% compliance rate.    

One nice side-effect of frequent renewals is that the intelligence community releases Section 702 success stories to justify the capability. This time around, they include preventing a mass casualty event at a Taylor Swift concert, providing support to a raid that resulted in the death of Mexican drug kingpin El Mencho, and the disruption of fentanyl production. 

Despite the FBI improving its compliance and the intelligence proving valuable, the authorisation was extended by a mere ten days. It was originally set to expire on Monday, the new date is Thursday, April 30th. President Trump had been pushing for a "clean" 18-month extension, meaning one without any additional reforms. But that was kyboshed by significant Republican pushback.

Republican Representative Thomas Massie posted on X that he'd seen Top Secret FISA documents that raised "serious concerns about FBI implementation of FISA 702". He also mentioned a "letter by Senator Wyden describing a secret government interpretation of FISA law".

This skepticism isn't helped by the Trump administration not exactly being keen on strong independent oversight. In May last year FBI Director Kash Patel shut the Office of Internal Auditing, a watchdog unit that was focussed on Section 702 compliance. The office's functions were subsumed within a larger division, but the closure makes it very difficult to argue that the FBI is laser-focussed on compliance.

So some of the difficulty reauthorising Section 702 clearly comes down to a simple lack of trust in the administration.  

Ending Section 702 collection would be bad news, but the right reforms would be welcome. The Security and Freedom Enhancement  or SAFE Act is bipartisan legislation proposed by Senators Mike Lee (R-UT) and Dick Durbin (D-IL), and it has some good elements. These include mandatory FBI audits as well as a provision to prevent domestic law enforcement and intelligence agencies from buying the sensitive data of Americans from brokers. 

To be clear, buying data from brokers has nothing at all to do with Section 702 collection. In an ideal world each issue would be individually examined on its own merits. But you only have to glance at the news to know we do not live in an ideal world, so we’re okay with it being incorporated into a reauthorisation bill.   

We do, however, think the bill's requirement that all agencies get a warrant to access content from US persons is a bit too all-encompassing. That could make sense for the FBI, because its domestic powers means warrants would protect American civil liberties. Overseas focussed agencies like NSA, however, don't have domestic powers and have well-oiled standard procedures to protect the privacy of Americans when they come across them in incidental collection. 

All in all, the renewal process is a mess. There will be some horse trading before the reauthorisation progresses. We just hope what we wind up with in the end isn't a step backwards. 

Watch James Wilson and Tom Uren discuss this edition of the newsletter:

Three Reasons to Be Cheerful This Week:

  1. Firefox finds bugs with AI:  Mozilla has published a remarkably upbeat post about how it has used AI vulnerability scanning to make Firefox more secure. This week's release fixes 271 vulnerabilities identified by Claude's Mythos Preview model. The author, Firefox's CTO Bobby Holley, says that being able to find vulnerabilities relatively cheaply means that "defenders finally have a chance to win, decisively". 
  2. Multinational operation disrupts DDoS services: Europol announced that authorities from 21 countries took coordinated action to arrest 4 individuals and takedown 53 domains used in DDoS-for-hire services. The authorities also sent 75,000 emails to customers of the services warning them to knock it off.  
  3. Influential Scattered Spider hacker pleads guilty: British national Tyler Robert Buchanan, known online as Tylerb, has pleaded guilty to crimes related to his membership of the Scattered Spider cybercrime group. Buchanan was involved in a series of phishing attacks that helped the group hack major technology companies and steal tens of millions of dollars worth of cryptocurrency. Krebs on Security has more coverage, including the wild story that a rival gang hired thugs to break into Buchanan's home and threaten to burn him with a blowtorch. 

Sponsor Section

In this Risky Business sponsor interview, Catalin Cimpanu talks with Sydney Marrone, Head of Threat Hunting at Nebulock, about hunting shadow AI agents on corporate networks.

Risky Biz Talks

You can find the audio edition of this newsletter and other fine podcasts and interviews in the Risky Biz News feed (RSS, iTunes or Spotify).  

In our last "Between Two Nerds" discussion Tom Uren and The Grugq take a deep dive into how a single hacker used OpenAI and Anthropic’s tools to help hack nine Mexican government organisations in quick time.

Or watch it on YouTube!

From Risky Bulletin:

Former FBI official calls for terrorism designations for ransomware groups that target hospitals and critical infrastructure: A former FBI cyber official has urged Congress to investigate if ransomware groups that target hospitals and critical infrastructure can be designated as terrorist organizations.

Former FBI Cyber Deputy Director Cynthia Kaiser says the designation would allow prosecutors access to a broader set of tools and legal levers in tracking and taking down operations.

Kaiser, who served in the FBI for 20 years, including as the agency's Cyber Deputy Director, has also urged lawmakers to examine if ransomware operators can be charged with murder or manslaughter if any attacks lead to a human death.

[more on Risky Bulletin]

New malware tries to sabotage Israel's water system but fails because it's buggy: Security researchers at British security firm Darktrace have found a new and interesting piece of malware that was specifically designed to infect and sabotage the operations of Israel's national water management network.

Named ZionSiphon, the malware is one of the rare malware strains created to target operational technology (OT), which are the type of networks from which staff manage industrial equipment.

The malware is a very targeted operation that only works inside networks hosted on Israeli IP address ranges and where the malware finds specific text strings containing the names of common Israeli companies that manage water treatment and desalination systems.

[more on Risky Bulletin]

NIST gives up enriching most CVEs: The US National Institute of Standards and Technology announced on Wednesday a new policy regarding the US National Vulnerability Database, which the agency has been struggling to keep updated with details for every new vulnerability added to the system.

Going forward, NIST says its staff will only add data—in a process called enrichment—only for important vulnerabilities.

This will include three types of security flaws, which the agency says are critical to the safe operation of US government networks and its private sector.

  • CVE entries for vulnerabilities listed in CISA KEV, a database of actively exploited bugs;
  • CVEs in software known to be used by US federal agencies;
  • and CVEs in what the agency classifies as "critical software."

[more on Risky Bulletin]

Recent Newsletters

  • Srsly Risky Biz: Musk Snubs French Authorities
  • Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals and critical infrastructure
  • Risky Bulletin: New malware tries to sabotage Israel's water system but fails because it's buggy
  • Risky Bulletin: NIST gives up enriching most CVEs
  • Srsly Risky Biz: It Is Time to Ban Sale of Precise Geolocation

Recent Videos

  • Srsly Risky Biz: Musk snubs French authorities
  • Risky Business (834): Vercel gets owned, Mozilla dumps hundreds of Mythos bugs
  • Between Two Nerds: AI as the mythical 10x hacker
  • Srsly Risky Biz: Time to ban sale of precise geolocation data
  • Risky Business (833): The Great Mythos Freakout of 2026

Recent Podcasts

  • Srsly Risky Biz: Musk snubs French authorities
  • Risky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugs
  • Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals
  • Between Two Nerds: AI as the mythical 10x hacker
  • Risky Bulletin: ShinyHunters claim credit for Vercel hack
Risky Business Media

Risky Business

  • Home
  • Podcasts
  • Newsletters
  • Video
  • Sitemap

Risky Business Media

  • About
  • People
  • Advertising
  • Sponsor Enquiries: sales@risky.biz

Risky Connections

  • Risky Business on Apple Podcasts
  • Risky Business on Spotify
  • Risky Bulletin on Apple Podcasts
  • Risky Bulletin on Spotify
  • Risky Business Features on Apple Podcasts
  • Risky Business Features on Spotify
  • Risky Business Stories on Apple Podcasts
  • Risky Business Stories on Spotify
  • YouTube
  • LinkedIn

Risky Contacts

Risky Business Media Pty Ltd
PO Box 774
Byron Bay NSW 2481
General Email: editorial@risky.biz

© Risky Business Media 2007–2026. All rights reserved.
ABN 73 618 465 517