Anthropic offers ENISA access to advanced AI security model

Anthropic has invited the European Commission to facilitate access for ENISA, the EU agency for cybersecurity, to its cybersecurity-focused AI model Mythos, according to Bloomberg. The invitation followed a meeting between Anthropic and the Commission in San Francisco on 29 May. The EU must now establish a mechanism with appropriate security safeguards before access can be implemented; an ENISA official confirmed the agency does not currently have active access.

Anthropic unveiled Mythos in April, describing it as a model capable of identifying and exploiting cybersecurity vulnerabilities at a level that surpasses most human experts. Bloomberg reported on 2 June that ENISA was set to receive access to the model.

European Commission spokesperson Thomas Regnier welcomed the development, saying that access could help authorities build a clearer understanding of potential risks as increasingly capable AI models enter the market. The invitation follows calls from European policymakers and cybersecurity officials for greater access to advanced AI systems and for the development of comparable European capabilities.

Why does it matter?

The emergence of AI models capable of identifying software vulnerabilities at scale is reshaping cybersecurity risk assessments for governments, regulators and critical infrastructure operators. Access to such systems can help authorities better understand their capabilities, evaluate potential threats and develop appropriate safeguards.

For the EU, granting ENISA access to Mythos could support evidence-based policymaking and strengthen preparedness as increasingly powerful cybersecurity-focused AI models become available. The move also highlights a broader challenge: ensuring that public institutions can keep pace with rapidly advancing AI capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Liberties launches project on patient data and clinical AI accountability

The civil liberties organisation Liberties has launched the AI in the Healthcare Project to examine how personal data is used in the development and deployment of clinical AI systems.

The project, developed with Liberties member and partner organisations and independent expert Júlia Keserű, aims to improve transparency, accountability, and data protection practices in healthcare AI.

According to Liberties, the first phase will gather information through literature review, stakeholder consultations, interviews, freedom of information requests, and GDPR-based data subject access requests. Requests will be submitted to government agencies, regulatory bodies, public health authorities, publicly funded hospitals, and research institutions.

A second phase, led by Liberties, will focus on capacity development for watchdog organisations and civil society groups. The organisation said the work will provide methodologies, research tools, and collaboration platforms to help groups independently monitor the development and use of health AI systems.

The final stage will develop policy recommendations at the EU and national levels to promote responsible, transparent, and accountable health data practices. The recommendations will also seek to support compliance with existing frameworks such as the AI Act and the GDPR.

Liberties said AI systems are increasingly being integrated into healthcare, relying on data from sources such as electronic health records, wearable devices, mobile health apps, genetic testing services, and data brokers. However, it warned that transparency around data sources and their integration into clinical AI systems remains limited, creating risks to privacy, human rights, security, and safe use.

Why does it matter?

The project targets one of the most sensitive areas of AI deployment: healthcare systems that rely on personal and health data. As clinical AI tools become more common, questions about data sources, consent, transparency, GDPR rights, and accountability will become central to whether patients can trust AI-supported healthcare.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Hong Kong details rules on online advertisements

Hong Kong’s government has said existing laws cover deceptive online advertisements, including scam-related content, misleading trade practices, and false claims in regulated sectors.

The written reply was issued in the Legislative Council on 3 June in response to a question about pop-up advertisements, programmatic advertising, and AI deepfake scams.

The government said the Trade Descriptions Ordinance prohibits false or misleading descriptions of goods or services, including in advertisements and on online platforms. Traders engaging in bait advertising or other prohibited conduct can face up to five years in prison and a fine of HK$500,000.

The reply also said online advertisements involving deception may fall under the Theft Ordinance. Fraud carries a maximum penalty of 14 years in prison, while obtaining property by deception carries a maximum penalty of 10 years.

Advertisements for specific sectors, including real estate, education, securities, and banking, are also subject to separate laws prohibiting false or misleading claims.

Hong Kong police have been working with online platform operators and conducting regular online patrols. In 2025, police asked social media platforms to remove or review more than 116,000 scam-related pages or accounts.

The government also pointed to Scameter and Scameter+, its scam and pitfall search tools. New features introduced in October 2025 use AI to analyse suspicious website links and web page screenshots reported by the public, and to detect potential scam domain names. Within five months, the tools proactively identified more than 900 fraudulent webpages, while Scameter+ issued more than 320,000 alerts in the first quarter of 2026.

Why does it matter?

The reply shows how Hong Kong is using existing consumer protection, fraud, and sector-specific laws to address online advertising risks, rather than introducing a dedicated online advertising regime for now. The inclusion of AI deepfake scams and AI-assisted Scameter+ detection also highlights how online advertising, platform governance, fraud prevention, and automated enforcement tools are increasingly interconnected.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Armenia expands AI ecosystem through research, infrastructure and investment

Armenian Prime Minister Nikol Pashinyan said government initiatives have helped position Armenia as an emerging centre for technology and AI, according to remarks reported by state news agency Armenpress. Speaking during the election campaign, Pashinyan highlighted several projects that he said demonstrate the government’s efforts to strengthen Armenia’s technology sector.

Pashinyan highlighted agreements signed with US President Donald Trump last year, including cooperation on AI. He argued that subsequent developments in the sector have validated the government’s approach.

As examples of progress, the Prime Minister cited the establishment of an AI centre at Yerevan State University and the launch of the Eleveight AI data centre. He also linked developments in the sector to increased public investment in science and higher salaries for researchers.

Pashinyan said investment in the defence sector has supported technological development and stated that Armenian defence companies are exporting products internationally. He made the remarks during campaigning ahead of Armenia’s parliamentary elections.

Why does it matter?

Armenia is seeking to expand its role in emerging technologies at a time when countries are increasingly investing in AI infrastructure, research capacity and digital innovation as drivers of economic growth and competitiveness.

The government’s focus on AI cooperation, research institutions and data centre infrastructure reflects broader efforts to strengthen domestic technological capabilities and attract investment in the digital economy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK CMA targets AI search content use in new Google conduct requirements

The UK’s Competition and Markets Authority (CMA) has imposed a new conduct requirement on Google Search under the country’s digital markets competition regime. The measure is designed to give publishers greater control over how their content is used and to improve transparency for users.

Under the new requirement, publishers will be able to prevent their content from being used in Google’s AI-powered search features, including AI Overviews. The CMA said the measure is intended to strengthen publishers’ ability to negotiate content licensing and usage agreements with Google.

Google will also be required to provide clearer attribution for publisher content used in AI-generated search results through prominently visible links. Following consultation feedback, publishers will also be able to opt out of having their content used to fine-tune Google’s AI models.

The CMA said it will continue monitoring Google’s AI-related changes to search and may introduce additional measures if competition concerns persist. Google will have up to nine months to implement the requirements and must publish regular compliance reports as the rollout progresses in the UK.

Why does it matter?

The decision highlights growing regulatory scrutiny of how AI-powered search systems use third-party content. As search engines increasingly generate answers directly within search results, publishers have raised concerns about attribution, traffic losses and the use of their content for AI training.

The UK’s approach could influence broader debates about the relationship between AI platforms, publishers and competition policy, particularly as regulators seek to balance innovation with transparency and fair commercial practices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Hong Kong launches AI-focused cybersecurity initiatives for 2026

Hong Kong’s Digital Policy Office has announced a series of AI-related cybersecurity initiatives for the second half of 2026, following a briefing on cyber resilience and emerging technology risks. The office said it would focus on improving AI security awareness and digital literacy among both organisations and the public.

Planned initiatives include a Secure AI@Work Enablement Campaign, organised with the Hong Kong Internet Registration Corporation, to help enterprises develop secure and compliant AI ecosystems. The Digital Policy Office will also collaborate with industry on an AI x Cybersecurity Challenge focused on AI-powered threat detection, cyber resilience and cybersecurity skills development.

The office said it would continue enterprise support and practical drills, including an enhanced Cybersec One+, the Cybersecurity Service Providers Connect Programme and the third Hong Kong Cybersecurity Attack and Defence Drill. Hong Kong will also consolidate the Cyber Security Summit Hong Kong and the Cybersecurity Symposium into a single Cybersecurity Symposium and Summit in December.

The Cyber Security and Technology Crime Bureau said the volume of cyber threat intelligence related to threats targeting Hong Kong continues to increase. Its Cyber Security Centre analysed more than 330,000 threat intelligence records during the first quarter of 2026, identifying phishing as the most prevalent threat category.

The bureau said it would deepen international law enforcement cooperation, strengthen intelligence sharing with sectors including critical infrastructure, and use AI and big data to improve cyber threat detection, early warning analysis, and incident response. The Hong Kong Police Force and Cyberport have also established the Smart Policing Joint AI Lab to develop technologies for detecting deepfakes and strengthening network defence capabilities.

Why does it matter?

The initiatives reflect growing efforts by governments to address the cybersecurity implications of wider AI adoption. As organisations increasingly integrate AI into business operations, concerns around secure deployment, cyber resilience and workforce readiness are becoming key policy priorities.

The programme also highlights how AI is being used both as a potential source of cyber risk and as a tool for improving threat detection, incident response and cyber defence capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Anthropic expands AI cybersecurity programme for critical infrastructure

AI company Anthropic has announced a major expansion of Project Glasswing, an initiative aimed at strengthening the security of critical software through AI-assisted vulnerability detection.

After initially providing access to around 50 organisations, the programme will expand to approximately 150 additional partners across more than 15 countries.

Project Glasswing provides selected organisations with access to Claude Mythos Preview, Anthropic’s cybersecurity-focused AI model. According to Anthropic, participating organisations have identified more than 10,000 high- and critical-severity software vulnerabilities through the programme.

The newly added participants include operators and vendors across critical infrastructure sectors such as power, water, healthcare, communications and hardware manufacturing.

Anthropic argues that increasingly capable AI systems could significantly reshape cybersecurity, creating both new defensive opportunities and new risks. The company says future AI models may enable defenders to identify, analyse and remediate vulnerabilities at greater scale, while also potentially enhancing the capabilities available to malicious actors.

Project Glasswing is intended to help critical organisations adapt before such capabilities become widely accessible.

Alongside the expansion, Anthropic said it plans to provide additional cybersecurity tools, support vulnerability remediation efforts and work with industry, governments and open-source software maintainers to strengthen cyber resilience.

Why does it matter?

The expansion of Project Glasswing highlights the growing role of AI in cybersecurity, particularly in vulnerability discovery and software security testing. As critical infrastructure operators face increasingly sophisticated cyber threats, AI-assisted tools may help identify and address security weaknesses more quickly.

At the same time, the initiative reflects broader concerns that advances in AI could benefit both defenders and attackers, increasing the importance of responsible deployment, coordinated security research and resilience planning across critical sectors.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

White House launches new AI security framework for frontier models

US President Donald Trump has signed an executive order aimed at advancing AI innovation while strengthening cybersecurity protections across government networks and critical infrastructure sectors.

The order directs federal agencies to strengthen cyber defences and expand the use of AI-powered security tools. Several federal departments have been given 30-day deadlines to begin implementing additional protections for national security systems, civilian government networks and critical infrastructure operators.

A central element of the initiative is the creation of an AI cybersecurity clearinghouse that will work with technology companies and infrastructure providers to identify software vulnerabilities, coordinate security research and support faster patch deployment.

Federal officials will also examine funding opportunities for projects focused on advanced AI vulnerability detection and expand cybersecurity recruitment programmes.

The executive order also introduces a voluntary framework for developers of advanced AI models. Under the framework, companies may choose to work with the government to determine whether their systems qualify as frontier AI models and provide secure early access for cybersecurity assessments prior to broader deployment.

Administration officials emphasised that the framework does not create mandatory licensing or government approval requirements for the release of new AI technologies.

Why does it matter? 

The order signals a US strategy of accelerating AI development while addressing emerging national security risks, reflecting growing competition among major economies to lead the next generation of advanced technologies.

Its emphasis on voluntary collaboration rather than strict regulation could influence how other countries approach AI governance, innovation and cybersecurity in the years ahead.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Aithos LARA reveals major AI compliance gaps under the EU AI Act and the GDPR

The Aithos Research Foundation has launched Aithos LARA (Legal Assessment for Real-world Agents), a public evaluation framework designed to assess whether AI agents comply with key European legal requirements.

The framework places AI models in simulated workplace and consumer-service scenarios where completing assigned tasks may involve actions that conflict with provisions of the EU AI Act or the General Data Protection Regulation (GDPR).

According to Aithos, an initial evaluation involving more than 3,000 tests across 12 frontier AI models found that none consistently met acceptable levels of legal compliance. Compliance rates ranged from 7% to 54%, with the highest-performing model adhering to legal requirements in only slightly more than half of the assessed scenarios.

The research suggests that current frontier AI systems may prioritise task completion over legal obligations when operating with a high degree of autonomy.

Furthermore, the study assessed compliance with six provisions of the EU AI Act and four core GDPR principles, including transparency, lawful processing, data minimisation and purpose limitation.

Researchers reported instances in which models generated outputs that would conflict with some of the AI Act’s prohibited practices, including exploiting vulnerable individuals, conducting emotion recognition in workplace environments and engaging in forms of manipulation prohibited under European law.

To increase transparency, Aithos has made evaluation transcripts, model outputs and judicial assessments publicly available. The organisation argues that independent and public oversight can complement company-led governance efforts by providing greater transparency into how AI systems behave in legally and ethically sensitive contexts.

Why does it matter?

The findings highlight the challenges of deploying AI agents in regulated environments where legal compliance is essential. As organisations increasingly explore AI for customer service, human resources, finance and operational decision-making, ensuring that systems comply with data protection and AI regulations is becoming a key governance requirement.

The research also underscores the growing importance of independent testing and oversight mechanisms as policymakers and regulators seek to evaluate how autonomous AI systems behave in real-world scenarios.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ILO chief calls for human-centred AI governance at labour conference

International Labour Organization (ILO) Director-General Gilbert F. Houngbo has called for a human-centred approach to AI at the opening of the 114th International Labour Conference in Geneva. He said the future of work would depend not only on technological advances, but also on the policies, institutions and social dialogue shaping their impact on people’s lives.

Drawing on his report ‘A Moment of Choice: Harnessing Artificial Intelligence for Decent Work‘, Houngbo outlined an agenda focused on rights, employment and skills, social protection, and social dialogue. He argued that productivity gains generated by AI should be shared through higher wages, stronger labour protections and more inclusive economic growth.

Houngbo warned that decisions taken today would determine whether AI expands opportunity and shared prosperity or contributes to greater inequality and insecurity. He also situated AI governance within a broader context of economic uncertainty, citing ILO estimates that a prolonged oil-price shock could reduce global working hours by the equivalent of millions of full-time jobs and lead to significant labour income losses by 2027.

Delegates will also hold a second discussion on decent work in the platform economy, with the aim of developing new international labour standards. The draft Convention and Recommendation cover employment promotion, protections for digital platform workers, and provisions relating to automated systems used by digital labour platforms.

Delegates from governments, employers, and workers will also address gender equality, social dialogue, tripartism, and the application of labour standards. The conference, which brings together representatives from the ILO’s 187 Member States, will run until 12 June.

Why does it matter?

As AI becomes increasingly integrated into workplaces, governments, employers and workers are debating how productivity gains, skills requirements and labour protections should evolve. The ILO’s focus on human-centred AI reflects growing international efforts to ensure that technological change supports decent work rather than exacerbating inequality.

The discussions are also significant because they could influence future international labour standards for platform work and the use of automated systems in employment, helping shape how AI affects workers worldwide.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!