Apple and Google can take a moment to breathe, as the UK’s competition regulator has decided to end its investigation into their app stores — but not for long.
The UK Competition and Markets Authority (CMA) today confirmed it is closing its ongoing investigations into both Apple’s App Store and Google Play, but only because a much tougher set of regulations is about to come into effect.
Breathing space, but trouble’s coming
Passed into law in May, the UK’s Digital Markets, Competition, and Consumers Act (DMCCA) will give the CMA more powers and more flexibility in how its powers are applied. Principally, these powers include the ability to impose requirements on the conduct of firms in digital markets where those firms have been designated as having Strategic Market Status, and to impose significant fines against firms if those requirements are breached. The intention of these laws is similar to Europe’s Digital Markets Act (DMA).
The DMCCA sets up the Digital Markets Unit (DMU), a new regulatory body within the CMA that will police large technology companies.
Will Hayter, Executive Director for Digital Markets at the CMA, said: “Once the new pro-competition digital markets regime comes into force, we’ll be able to consider applying those new powers to concerns we have already identified through our existing work.”
In 2022, the regulator’s market study of the UK mobile ecosystem found that Apple and Google held an effective monopoly over app distribution in the UK. The CMA then commenced investigating both companies for alleged anti-competitive behavior, but the investigations took place within the framework of a previous set of laws that will be superseded by the DMCCA.
Concerning Apple, in a statement, the CMA said the closure of the investigations “should not be understood” to mean the concerns it was investigating had been resolved. “The decision does not affect any other action that the CMA may wish to take in relation to Apple’s conduct in this area in the future,” it said.
Commenting on the decision, Hayter added:
“It’s critical that tech businesses in the UK, including app developers, can have access to a fair and competitive app ecosystem, helping to grow the sector, boost investment and result in better outcomes for UK consumers. These are all factors we are considering before launching our first investigations under the new regime.”
The UK regulator now has more power
There are numerous new powers within the DMCCA.
Like Europe’s DMA, the law means some companies with a global turnover of more than £25b or UK turnover of £1b+ may be designated as having Strategic Market Status (SMS).
Companies given such status will be required to follow requirements on their conduct imposed by the CMA, though the CMA does say it wants to build “productive relationships” with those firms.
Perhaps so, but as a Linklaters legal blog explained earlier this year, “The scope of permitted conduct requirements is incredibly broad, giving the DMU very wide discretion to decide what obligations should be imposed on each firm.”
The CMA has previously said it expects the first companies to be designated as such will be revealed in July 2025, but this date may now slip a little in consequence of the recent UK election.
Those requirements will allegedly be developed with the intention of opening up competition and consumer choice in digital markets. That likely extends to app stores and payment systems being opened up, as they are being in the EU under the DMA. The CMA can also impose big fines on companies that fail to comply.
It may be instructive to note that the CMA recently rejected commitments made by Google in response to its concerns.
Google had given app developers some additional flexibility in the use of alternative payment systems. Similar to those Apple has proposed in the EU, Google’s proposals included a commission and pop-up screens to warn users when they were about to use a third-party payment system.
Open markets seem inevitable
While the CMA hasn’t yet said which companies may be investigated for possible SMS designation, it’s unlikely Apple, Google, or other Big Tech firms will be able to avoid it.
After all, the regulator does state that it “anticipates that its early work under the new digital markets competition regime will build on and leverage its experience in areas it has already studied, such as mobile ecosystems, which includes app stores.” (Italics mine.)
The latest UK news around tech regulation follows similar announcements in the EU, Japan, and South Korea and potential incoming investigations in Apple’s second biggest market, China.
Apple and Google can take a moment to breathe, as the UK’s competition regulator has decided to end its investigation into their app stores — but not for long.
The UK Competition and Markets Authority (CMA) today confirmed it is closing its ongoing investigations into both Apple’s App Store and Google Play, but only because a much tougher set of regulations is about to come into effect.
Breathing space, but trouble’s coming
Passed into law in May, the UK’s Digital Markets, Competition, and Consumers Act (DMCCA) will give the CMA more powers and more flexibility in how its powers are applied. Principally, these powers include the ability to impose requirements on the conduct of firms in digital markets where those firms have been designated as having Strategic Market Status, and to impose significant fines against firms if those requirements are breached. The intention of these laws is similar to Europe’s Digital Markets Act (DMA).
The DMCCA sets up the Digital Markets Unit (DMU), a new regulatory body within the CMA that will police large technology companies.
Will Hayter, Executive Director for Digital Markets at the CMA, said: “Once the new pro-competition digital markets regime comes into force, we’ll be able to consider applying those new powers to concerns we have already identified through our existing work.”
In 2022, the regulator’s market study of the UK mobile ecosystem found that Apple and Google held an effective monopoly over app distribution in the UK. The CMA then commenced investigating both companies for alleged anti-competitive behavior, but the investigations took place within the framework of a previous set of laws that will be superseded by the DMCCA.
Concerning Apple, in a statement, the CMA said the closure of the investigations “should not be understood” to mean the concerns it was investigating had been resolved. “The decision does not affect any other action that the CMA may wish to take in relation to Apple’s conduct in this area in the future,” it said.
Commenting on the decision, Hayter added:
“It’s critical that tech businesses in the UK, including app developers, can have access to a fair and competitive app ecosystem, helping to grow the sector, boost investment and result in better outcomes for UK consumers. These are all factors we are considering before launching our first investigations under the new regime.”
The UK regulator now has more power
There are numerous new powers within the DMCCA.
Like Europe’s DMA, the law means some companies with a global turnover of more than £25b or UK turnover of £1b+ may be designated as having Strategic Market Status (SMS).
Companies given such status will be required to follow requirements on their conduct imposed by the CMA, though the CMA does say it wants to build “productive relationships” with those firms.
Perhaps so, but as a Linklaters legal blog explained earlier this year, “The scope of permitted conduct requirements is incredibly broad, giving the DMU very wide discretion to decide what obligations should be imposed on each firm.”
The CMA has previously said it expects the first companies to be designated as such will be revealed in July 2025, but this date may now slip a little in consequence of the recent UK election.
Those requirements will allegedly be developed with the intention of opening up competition and consumer choice in digital markets. That likely extends to app stores and payment systems being opened up, as they are being in the EU under the DMA. The CMA can also impose big fines on companies that fail to comply.
It may be instructive to note that the CMA recently rejected commitments made by Google in response to its concerns.
Google had given app developers some additional flexibility in the use of alternative payment systems. Similar to those Apple has proposed in the EU, Google’s proposals included a commission and pop-up screens to warn users when they were about to use a third-party payment system.
Open markets seem inevitable
While the CMA hasn’t yet said which companies may be investigated for possible SMS designation, it’s unlikely Apple, Google, or other Big Tech firms will be able to avoid it.
After all, the regulator does state that it “anticipates that its early work under the new digital markets competition regime will build on and leverage its experience in areas it has already studied, such as mobile ecosystems, which includes app stores.” (Italics mine.)
The latest UK news around tech regulation follows similar announcements in the EU, Japan, and South Korea and potential incoming investigations in Apple’s second biggest market, China.
Generative AI firm, Anthropic, is embroiled in a new legal battle after three authors filed a class-action lawsuit in California federal court, accusing the company of illegally using their copyrighted works to train its AI-powered chatbot, Claude.
The complaint, filed on Monday, alleges that Anthropic used pirated versions of books by authors Andrea Bartz, Charles Graeber, and Kirk Wallace Johnson, along with hundreds of thousands of others, to develop its AI models without proper authorization or compensation.
The lawsuit is the latest in a series of high-profile legal actions brought by copyright holders against AI companies for their use of protected materials including articles, books, paintings, etc in training generative AI systems. This case follows similar lawsuits against tech giants like OpenAI and Meta, where authors claim their works were exploited to train large language models without their consent.
According to the complaint, “Anthropic has built a multibillion-dollar business” by leveraging these stolen works to enhance Claude’s ability to generate human-like text.
“The United States Constitution recognizes the fundamental principle that creators deserve compensation for their work. Yet Anthropic ignored copyright protections. An essential component of Anthropic’s business model—and its flagship “Claude” family of large language models (or “LLMs”)—is the largescale theft of copyrighted works,” the complaint read.
The authors argue that the company’s practices unfairly deprive them of income, as Claude’s AI-driven content creation can churn out large volumes of text in a fraction of the time it would take a human author.
“Claude could not generate this kind of long-form content if it were not trained on a large quantity of books, books for which Anthropic paid authors nothing,” the lawsuit claimed.
The plaintiffs are seeking monetary damages and a court order to permanently stop Anthropic from using their copyrighted material without permission.
“Anthropic has not even attempted to compensate Plaintiffs for the use of their material. In fact, Anthropic has taken multiple steps to hide the full extent of its copyright theft. Copyright law prohibits what Anthropic has done here: downloading and copying hundreds of thousands of copyrighted books taken from pirated and illegal websites,” the complaint read.
The lawsuit highlights the ongoing debate over the ethical and legal implications of using copyrighted material to train AI models. While some argue that such use is fair use, others contend that it infringes on copyright holders’ rights.
“Such situations will also lead to heightened scrutiny by enterprises, and lead them towards adopting private, ’walled garden’ solutions that are built on proprietary data,” said Chirajeet Sengupta, managing partner at Everest Group. “Further, we expect a rich ecosystem to emerge that checks and assures AI-generated output for such issues.”
It’s a rising concern
The legal filing also highlights the broader industry implications, as it joins a growing body of litigation challenging the use of copyrighted content in AI training. Similar cases have emerged since 2022, questioning the legality of using protected works to train AI models and the potential copyright infringements of AI-generated outputs.
Earlier this month, a federal judge in California ruled in favor of a group of visual artists who sued AI companies including Stability AI, Midjourney, DeviantArt, and Runway AI for allegedly violating their copyrighted works. The artists alleged that these companies used their copyrighted images to train their AI models without permission, violating their rights.
“AI is a tool and like any other tool will be misused by some,” said globally acclaimed painter and artist Jatin Das. “I hope the judiciary will look into such matters and take care of art and artists.”
Anthropic, which has secured significant financial backing from major firms including Amazon and Google, previously faced a lawsuit from music publishers over the alleged misuse of copyrighted song lyrics in training Claude.
“We have observed a similar scenario when AI companies were scrutinized for sharing responses generated from paid articles by bypassing paywalls,” said Arjun Chauhan, senior analyst at Everest Group.
“This scrutiny has led to two significant outcomes: AI companies are now more vigilant about the sources of their training data, and they have begun forming partnerships with media outlets to access content legally. For example, in April 2024, OpenAI partnered with the Financial Times to use its journalism for training AI models. Such partnerships are likely to increase, potentially driving up costs for end customers.”
The outcome of these cases could set critical precedents for how copyright law applies to AI, particularly in the areas of data training and the creation of AI-generated content. With the legal landscape still evolving, the stakes are high for both content creators and the AI industry as they navigate the complex intersection of technology and intellectual property rights.
Teams users can now access work, education, and personal accounts in the same app, Microsoft announced on Tuesday.
Microsoft introduced the original Teams app for workplace collaboration in 2017, with a separate app for conversations with friends and family appearing in 2020. Users had to install two different Teams apps on their PCs if they wanted to use the platform for both work and personal text chats and video calls.
Now users can access both their personal and work accounts from a single Teams app for Windows 11, Windows 10, and macOS, Microsoft said in a blog post. The unified app feature has been in development for several months in response to feedback that users want an easier way to switch between their accounts.
The new Teams unified app lets you access both work and personal accounts.
Microsoft
To add a personal account, users just select their profile picture in the upper right corner of the Teams app and log in.
To help avoid confusion, Teams notifications display which account they relate to, Microsoft said in a March blog post announcing the feature in testing.
When joining a Teams meeting, users are presented with the choice of accounts to sign in with. In addition, Microsoft has added an option to join a Teams meeting as a guest, with no requirement to sign in to an account.
If you already have the Teams desktop app, there’s no need to download the new version, as the app will automatically update with the new features. Otherwise, you can download the new version on Microsoft’s website.
Teams users can now access work, education, and personal accounts in the same app, Microsoft announced on Tuesday.
Microsoft introduced the original Teams app for workplace collaboration in 2017, with a separate app for conversations with friends and family appearing in 2020. Users had to install two different Teams apps on their PCs if they wanted to use the platform for both work and personal text chats and video calls.
Now users can access both their personal and work accounts from a single Teams app for Windows 11, Windows 10, and macOS, Microsoft said in a blog post. The unified app feature has been in development for several months in response to feedback that users want an easier way to switch between their accounts.
The new Teams unified app lets you access both work and personal accounts.
Microsoft
To add a personal account, users just select their profile picture in the upper right corner of the Teams app and log in.
To help avoid confusion, Teams notifications display which account they relate to, Microsoft said in a March blog post announcing the feature in testing.
When joining a Teams meeting, users are presented with the choice of accounts to sign in with. In addition, Microsoft has added an option to join a Teams meeting as a guest, with no requirement to sign in to an account.
If you already have the Teams desktop app, there’s no need to download the new version, as the app will automatically update with the new features. Otherwise, you can download the new version on Microsoft’s website.
Last week, Microsoft released a security patch that is supposed to fix CVE-2022-2601, a two-year-old vulnerability in the GRUB bootloader.
However, something went wrong with the update and as a result, Linux-based systems refuse to boot on computers with dual operating systems.
When users try to boot the system, they get an error message saying “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”
According to Microsoft, the bug only affects older versions of Linux-based operating systems, but apparently it has also affected the latest versions of Debian, Ubuntu, Linux Mint, Zorin OS and Puppy Linux.
Fortunately, while waiting for an official fix, it is possible to work around the problem by temporarily turning off Secure Boot, opening the terminal and deleting the SBAT policy with the sudo mokutil -set-sbat-policy delete command. After rebooting, you should turn Secure Boot back on, Ars Technica reports.
Last week, Microsoft released a security patch that is supposed to fix CVE-2022-2601, a two-year-old vulnerability in the GRUB bootloader.
However, something went wrong with the update and as a result, Linux-based systems refuse to boot on computers with dual operating systems.
When users try to boot the system, they get an error message saying “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”
According to Microsoft, the bug only affects older versions of Linux-based operating systems, but apparently it has also affected the latest versions of Debian, Ubuntu, Linux Mint, Zorin OS and Puppy Linux.
Fortunately, while waiting for an official fix, it is possible to work around the problem by temporarily turning off Secure Boot, opening the terminal and deleting the SBAT policy with the sudo mokutil -set-sbat-policy delete command. After rebooting, you should turn Secure Boot back on, Ars Technica reports.
Say what you will about generative AI (genAI) enterprise perceptions, but it’s certainly neither nuanced nor balanced.
For months, virtually everyone thought genAI was going to solve all business and global problems. Then the reality pendulum swung the other way, with various reports and experts arguing it won’t work, nothing will come of it, the “bubble is bursting” and simply, “the numbers aren’t there.”
Consider Gartner’s report that “at least 30% of generative AI (genAI) projects will be abandoned after proof of concept by the end of 2025, due to poor data quality, inadequate risk controls, escalating costs or unclear business value.” The problem with the Gartner figure is that roughly that same percentage of all IT projects never survive trial tests — so it’s not clear how genAI is worse.
Of course, there’s the report about the CIO of a major pharmaceutical who paid Microsoft to have 500 employees use Copilot, only to have the CIO cancel the project after six months, saying it delivered slides that looked like “middle school presentations.” (Note: At least most middle school slideshows quickly get to the point, unlike every Microsoft presentation I have seen. But I digress.)
The practical truth is that both views are wrong. GenAI tools absolutely have value, but it won’t come easy. IT needs to do a lot more homework.
What kind of homework?
Clean your data: As I noted recently about Agentic RAG strategies, many enterprises suffer from terrible data. It’s out-of-date, error-ridden, obtained from dubious sources, and might unintentionally contain sensitive data (including PII and health data) that is not supposed to be there. No genAI magic can ever work if the data foundation is a mess. Have your team generate pristine data and your AI ROI has a chance.
Select more ideal projects: This is actually a twofer: First, talk with your team about genAI particulars so you can identify where the technology can help. GenAI can indeed handle anything, but it can only handle a very small subset really well. Secondly, far too many projects have been selected because, as an experiment, execs wanted to see what genAI can truly do. You need to be far more selective if you want to give genAI a fair chance.
Assess your hallucination comfort zone: This is arguably the most crucial. GenAI will hallucinate, and it will do so with no predictability. There are mechanisms you can deploy to reduce hallucinations a small degree — such as using AI to double-check AI, as is being attempted by Morgan Stanley, as well as limiting the data sources genAI is permitted to use.
But hallucinations can’t be stopped, and many argue they can’t even be meaningfully reduced. That means difficult conversations. What tasks do you need done where you can tolerate a few blatant lies here and there? Do you want to ban its use with anything customer-facing, such as customer service chatbots?
Even using it to summarize documents or meeting notes requires a discussion. How much human oversight can you apply before the efficiency goes away? One way to look at it: What projects do you have that are complex enough to benefit from genAI but not important enough that lies/errors are not deal-killers?
Be realistic about ROI objectives
Line-of-business chiefs are used to running ROI objectives by someone in the CFO’s office or at least a division general manager’s office. With genAI efforts, it’s essential to also check with an IT specialist who intimately understands what the technology can and can’t do.
My recommendation: Start with the genAI expert — don’t even discuss it with the number-crunchers until IT okays goals that are reasonable from a tech perspective.
Is it even something you want to bring to the CFO’s office at all? If this is experimentation to see what genAI can do — a perfectly reasonable goal at this point — then perhaps it doesn’t need a spreadsheet-friendly ROI yet.
Rita Sallam, distinguished vice president analyst at Gartner who tracks genAI strategies, said she understands the frustrations CIOs have when trying to apply ROI standards to genAI.
“You can’t get your hands around the actual value,” Sallam said. “There is additional work on your data that has to be done. Your proof of concept needs to be a proof of value. There is a certain percentage that will fail due to lack of the right data, the right guardrails or the absence of being able to properly demonstrate the value. Enterprises are sometimes not acknowledging the foundations that are necessary for genAI success.”
Another industry AI expert, Wirespeed CTO Jake Reynolds, was more blunt. “Believe how excited I was to learn we’re now moving away from statistics and math and instead using a drunken toddler to make these decisions for us,” he said.
About those hallucinations
And about the concept of hallucinations, some experts have questioned whether the hallucination concept is being handled appropriately, mostly because it puts the blame on the software. GenAI is not necessarily malfunctioning when it hallucinates: it is doing precisely what it was programmed to do.
“AI hallucination is all that genAI does,” said Symbol Zero CEO Rafael Brown. “All that it does is throw things together, like throwing pasta and sauce at a wall and waiting to see what sticks. This is done based on what the viewer likes and doesn’t like. There’s no real rhyme or reason. There’s isn’t true structure, context, simulation, or process. There is no skill, insight, emotion, judgment, inspiration, synthesis, iteration, revision, or creation. It’s like a word jumble or a word salad generator. It’s not even as good as Scrabble or Boggle. It’s better to think of it as AI Mad Libs — trust your business, your future, and your creation to AI Mad Libs.”
There’s also the possibility that genAI might well implode as it starts feeding on itself and all reality-based data vanishes. That’s how Pascal Hetzscholdt, senior director at content protection at publisher Wiley, sees it.
“Models like ChatGPT4 must constantly be retrained on new data to stay relevant and useful,” he said. “As such, this means generative AI is already starting to eat itself alive by being trained on its own output or other AI output.
“Why is this a problem? Well, it means that they will start recognizing patterns of AI generative content, not human-made content,” Hetzscholdt said. “This can lead to a rabbit hole of development, in which the AI is optimizing itself in a counterproductive way. The patterns it sees within the AI content might also go directly against those it sees in human content, leading to incredibly erratic and unstable outputs, which could render the AI useless. This is known as model collapse.”
Hetzscholdt pointed to a study that found that “it only takes a few cycles of training generative AI models on their own output to render them completely useless and output complete nonsense. In fact, one AI they tested only needed nine cycles of retraining it on its own output before the output was just a repetitive list of jackrabbits. As such, by 2026, these generative AIs will likely be trained on data that is primarily of their own creation, and it will only take a few rounds of training on this data before these AIs fall apart.”
His less-than-optimistic conclusion: “This is the paradox of AI — the more we use it, the worse it will get. It’s also why we shouldn’t build our industries or digital social systems around this technology, as it could crumble away very soon, leaving our economy and digital lives like a hollowed-out rotten tree waiting for the next storm to topple it.”
Data encryption is critical. Whether you’re using a PC provided by your employer or working from your own personal computer, encryption ensures that thieves and anyone else who might get their hands on your PC can’t view any sensitive private data.
Storage encryption can be complex on Windows PCs. This guide will tell you everything you need to know, including the difference between traditional BitLocker encryption and new “Device Encryption,” how to ensure your PC’s data is safe, and how to encrypt removable devices — just in case.
I’ll also explain what you need to know about recovering from BitLocker encryption errors. When the CrowdStrike meltdown occurred, many people booted their PCs only to see a blue screen that demanded a BitLocker recovery key. Hopefully, this won’t happen to you. In case it ever does, you should be prepared.
Want more Windows PC tips? Come check out my free Windows Intelligence newsletter for three new things to try every Friday and a free in-depth Windows Field Guide e-book (a $10 value).
What is BitLocker?
BitLocker is Microsoft’s storage encryption technology. First introduced in Windows Vista, it’s still part of Windows 11 and Windows 10 today. BitLocker is designed to encrypt entire volumes. In other words, BitLocker is designed to encrypt entire partitions on your hard drive.
When activated, BitLocker stores your PC’s files on disk in an encrypted manner. Think of them as being stored in a “scrambled” form — a thief can’t just pull your PC’s storage drive out and access your files. They’ll need the encryption key to access them.
BitLocker is often configured to function in “transparent” mode, automatically unlocking itself when you boot your computer. This uses the TPM (Trusted Platform Module) hardware in your computer to unlock the drive. The TPM stores the encryption key and provides it only if the Windows operating system doesn’t appear to have been tampered with.
This technology is a critical way for businesses to secure their company’s data. That’s why businesses will often enforce BitLocker usage on their managed PCs. But it’s also a useful way for individuals to secure their personal data. If someone does get their hands on your laptop, they won’t be able to access the files without the key. Even if they boot the laptop up, they’ll need to sign into your Windows user account to access your files.
If you ever have an issue with BitLocker, you will be asked to provide a BitLocker recovery key. If you set up BitLocker yourself, Windows prompted you to store it somewhere safe. If you set it up through your workplace, they have a copy. A copy will be stored with your Microsoft account in some situations, too.
BitLocker vs. Device Encryption: What’s the difference?
Back in the Windows 7 days, BitLocker was only offered on Professional, Enterprise, and Education versions of Windows. The average PC running a Home version of Windows didn’t have access to a built-in storage encryption technology.
That’s somewhat true today. The full version of BitLocker, also known as BitLocker Drive Encryption, is only available on Professional versions of Windows and higher. If you’re an individual who wants access to the full BitLocker set of tools on your PC, you’ll have to pay to upgrade to the Professional edition of Windows 11 (or Windows 10) if your PC came with the Home edition.
However, starting with Windows 8.1 and carrying on to Windows 10 and Windows 11 today, Microsoft began offering something called “Device Encryption” or “BitLocker Device Encryption.” This technology uses BitLocker under the hood. It doesn’t offer the full set of BitLocker configuration options, though, and it only works if a PC has the right hardware — a TPM 2.0 chip, for example, which is one of the hardware features officially required for Windows 11.
Device Encryption is designed to “just work” on the average modern PC. It only works if you sign into Windows with a Microsoft account or a work or school account. If you do, Windows will automatically activate Device Encryption (assuming your PC has the right hardware), protecting your files with encryption.
Since you’ve signed in with a Microsoft account, a work account, or a school account, Windows will back up your BitLocker recovery key to your Microsoft account — or your employer’s or school’s systems. This ensures the average PC user will have a way to access their recovery key if they ever have an error.
For the average person, that Microsoft account requirement is something to be aware of. If you choose to sign into your PC with a local user account, you won’t be able to use Device Encryption. For optimal security, you will want to sign in with a Microsoft account or pay for a Professional edition of Windows and use the full BitLocker experience.
How to check if your PC’s storage is encrypted
For these methods, you’ll want to be signed into Windows with an Administrator account. The options may not appear if you’re signed in with a Standard user account.
To check for Device Encryption on Windows 11, open the Settings app, select “Privacy & security,” and then click “Device encryption” under Security. If Device Encryption is active, it will be set to “On.”
The Settings app will only show a “Device encryption” option if your PC supports it.
Chris Hoffman, IDG
On Windows 10, open the Settings app, select “Update & Security,” and click “Device encryption” in the left pane. If Device encryption is active, you will see a message saying “Device encryption is on.”
If you do not see a “Device encryption” option in the Settings app at all, your PC doesn’t support it — or you’re signed into Windows with a Standard user account.
If your PC has Device Encryption, the only option is to turn it “On” or “Off.”
Chris Hoffman, IDG
You can also look in File Explorer. Look under “This PC” and check the icons for each drive in your computer. If you see a padlock in the drive’s icon, it’s encrypted in some way — either with BitLocker Drive Encryption or with Device Encryption.
Windows will show a lock icon next to encrypted drives.
Chris Hoffman, IDG
You can control BitLocker options and see whether a storage device is encrypted by opening the classic Control Panel window, selecting “System and Security,” and then clicking “BitLocker Drive Encryption” or “Device Encryption.” You will see one of the two options here, depending on which technology your PC has.
BitLocker Drive Encryption offers more options than Device Encryption.
Chris Hoffman, IDG
How to encrypt a removable drive
If you have a PC with the full BitLocker Drive Encryption experience — not the Device Encryption feature found on Home editions of Windows 11 and Windows 10 — you can also encrypt removable storage devices. This uses a feature called “BitLocker To Go,” and it can be used with USB flash drives, SD cards, and external hard drives.
To do so, open the Control Panel, click “System and Security,” and select “BitLocker Drive Encryption.” You’ll see an option to encrypt a removable drive under “Removable data drives.”
How to find your BitLocker recovery key
BitLocker should normally “just work.” Most people will hopefully never see a BitLocker recovery key blue screen at boot. However, CrowdStrike’s extreme failure caused this screen to pop up on millions of PCs. It may also be caused by a hardware problem or if you need to pull a storage drive from one computer or access it on another.
In this case, you’ll need your BitLocker recovery key. If you use a device managed by your employer or educational institution, your work or school systems will have the recovery key backed up, and you can request it from them.
If you sign into your PC with a Microsoft account and Windows automatically enabled Device Encryption, you will need to access it from Microsoft. Visit Microsoft’s BitLocker recovery key page and sign in with your Microsoft account to find it.
If you set up BitLocker Drive Encryption yourself, Windows prompted you to save and store a recovery key as part of the setup process. You may have printed it on a piece of paper or stored it on a USB drive.
If your PC is working fine, you can also create a backup copy of your recovery key at any time. To do so, open the Control Panel, click “System and Security,” and select either “BitLocker Drive Encryption” or “Device Encryption.” From this window, you’ll find links to back up a copy of each drive’s recovery key.
Microsoft has a detailed guide on finding your BitLocker recovery key. If you’ve lost all copies of the recovery key and your PC is asking for it — this may happen if you set up BitLocker yourself on a personal PC and then didn’t print the recovery key or lost your backup copies of it — you won’t be able to access the files on your PC. You will have to restore your files from any backups you might have.
What about VeraCrypt and TrueCrypt?
If you’d like to encrypt a Windows PC’s storage but you don’t want to use BitLocker for some reason, you can turn to an open-source alternative. This was more common before Windows offered built-in Device Encryption on modern PCs, as people with Home versions of Windows could encrypt them using this software without paying to upgrade to a Professional edition of Windows.
Years ago, TrueCrypt was the go-to solution for this. The TrueCrypt project shut down in 2014, warning that the software was “not secure as it may contain unfixed security issues” and recommending Windows PC users switch to BitLocker.
The nature of these alleged security issues was never fully explained. The successor, VeraCrypt, took the project’s code and built on it, fixing security issues and continuing to develop it. The code has been independently audited, and issues found were fixed. If you are going to use an open-source drive encryption tool on Windows, you should likely go with VeraCrypt.
I recommend most people use some form of BitLocker — BitLocker Drive Encryption or Device Encryption — if possible. BitLocker is integrated with Windows, and it should work well. You are more likely to experience data loss or other problems or incompatibilities with a third-party solution like VeraCrypt.
Everyone should have encryption
Ultimately, basic storage encryption is a necessity on any modern PC — unless you have a desktop PC that stays locked up in a secure office, perhaps. But the average laptop needs this feature for data security. A lost laptop shouldn’t be a major data security concern, whether you’re using a computer from your employer or your own personal PC.
Every other modern platform — Android, ChromeOS, macOS, and iOS — offers storage encryption by default. With Device Encryption, Windows 11 now offers encryption on most new devices by default. That will be even more true in the fall of 2024, when Windows 11’s 24H2 update will enable Device Encryption on more PC hardware configurations.
Want more Windows analysis that cuts through the jargon and explains what really matters? Check out my free Windows Intelligence newsletter — I’ll send you three things to try every Friday. Plus, get free copies of Paul Thurrott’s Windows 11 and Windows 10 Field Guides (a $10 value) for signing up.
The worldwide unified communications and collaboration (UC&C) market is forecast to reach US$69.1 billion in revenue in 2024, an increase of 7.5% compared to last year, according to a new report from International Data Corporation (IDC) released on Tuesday.
IDC defines UC&C as a “bundled, integrated UC/UCaaS and UC collaboration solution stack that may include an advanced telephony solution integrated with messaging (i.e., email, voice, and fax), instant messaging (IM) or chat, presence, and conferencing platforms for web conferencing, audioconferencing, and/or videoconferencing.”
The research firm notes that during the 2023-2028 forecast period, the market is expected to witness a slightly lower compound annual growth rate (CAGR) of 5.7%, reaching $85 billion by 2028.
Two software segments — UC collaboration (meeting software without voice telephony subscriptions) and unified communications as a service (UCaaS) (meeting software including voice telephony subscriptions) — accounted for most of the worldwide market revenue (89% in 2023), IDC said in a release.
Their share, the research firm said, “is expected to rise further as growth in the hardware segments (IP telephony and enterprise videoconferencing systems) turns negative over the forecast period. Meanwhile, the UC collaboration segment is forecast to outpace the overall market with a five-year CAGR of 7.6%.”
The study noted that among the drivers of UC&C adoption is the continued introduction of AI capabilities into offerings. This, said IDC, includes AI-enabled videoconferencing and telephony solutions that help improve productivity, as well as capabilities that improve business outcomes across employees and customers.
Jitesh Gera, research manager of unified communications and collaboration at IDC, said in an email, “AI appears to be the primary focus area for all UC&C vendors at the moment, especially since early 2023 when Microsoft launched Copilot.
Most companies, he said, “started with focusing on AI-based meeting transcriptions that power the creating of automated meeting summaries, notes, and action items. However, many are now moving towards more advanced capabilities like live coaching assistance for employees in customer-facing roles and productivity enhancements through automated content creation via integrations with email, presentation, and document management applications. These capabilities are also being applied to voice telephony for better customer interactions.”
Asked if these extra AI features are going to be bundled or come at an extra cost, straining CIO budgets, Gera said that while these are deemed to be valuable capabilities for businesses, they are still “nascent in terms of how they are packaged into UC&C solutions and the extent of time they have been used by organizations. Therefore, the market has not yet been able to properly quantify the productivity and collaboration enhancements AI capabilities can lead to.”
Some companies, like Cisco and Zoom, are including AI features in all their paid subscription plans, and others, like Microsoft, are charging separately for Copilot, he said.
Gera said, “it is important to note, though, that the value proposition for these organizations varies, as Microsoft’s Copilot takes a more holistic approach by covering many office productivity applications in addition to Microsoft Teams. Therefore, I think the monetization approach towards AI would vary by UC&C vendor, depending on factors like the stickiness of the platform with users, value added to the users businesses, and the sheer breadth and accuracy of the features to actually improve user experiences.”
Microsoft continued to lead the worldwide UC&C market with a 44.7% market share by revenue in Q1 2024, the release stated. It added that Zoom and Cisco followed distantly with a 6.4% and 5.5% market share, respectively. Other companies or offerings named in the report include Slack, Google Meet, Unify and Avaya.
IDC said it also expects cloud-based UC&C deployments will increase over time, replacing on-premises deployments as security and data integrity continue to improve. In addition, “the integration of UC solutions with contact center platforms will continue as buyers look to simplify their technology stacks and reduce their administrative load to work with single unified providers of UC, CC, and CPaaS capabilities.”
