Consumer protection

New Chinese rules restrict digital promotion of financial products

China has introduced new online marketing rules for financial products, further tightening its long-standing restrictions on cryptocurrency-related activity. The new framework limits the promotion of financial products to licensed entities and treats digital currency trading and issuance as illegal financial activity.

Issued by the People’s Bank of China and seven other regulators, the Administrative Measures for Online Marketing of Financial Products will take effect on 30 September 2026. The rules extend responsibility to platforms, intermediaries, and content creators who promote or facilitate financial products online.

Any assistance in promoting or facilitating prohibited financial activity may now be treated as participation in illegal finance, expanding enforcement beyond direct trading bans. In practice, that broadens the focus from financial products themselves to the wider digital promotion layer, including online displays, traffic generation, and other forms of internet-based marketing support.

Authorities say the measures are intended to protect consumers by limiting misleading or aggressive online promotion, including livestream marketing and viral investment content. In that sense, the rules are not only about crypto, but about tighter control over how financial products are marketed in digital environments.

The policy also reinforces China’s existing position, dating back to 2021, when regulators declared all cryptocurrency transactions illegal, while pushing enforcement deeper into the digital advertising and distribution layers of financial markets.

Why does it matter?

Stronger oversight of online financial promotion shows that crypto-related advertising is increasingly being treated as a regulatory risk category, not just a marketing issue. The Chinese move also points to a broader trend in which regulators are extending scrutiny beyond financial products themselves to the digital channels, influencers, and platforms that help distribute them.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

UK’s FCA steps up enforcement on crypto

The UK’s Financial Conduct Authority has led its first coordinated crackdown on illegal crypto trading, targeting firms operating without authorisation. The action forms part of wider efforts to enforce compliance in the sector.

According to the Authority, the operation involved identifying and taking action against companies that unlawfully promoted or offered crypto services. The move aims to protect consumers from potential risks.

The regulator stated that illegal crypto promotions can expose users to financial harm and undermine market trust. It emphasised the importance of ensuring firms meet regulatory requirements before operating.

The Authority said the crackdown reflects a stronger enforcement approach to unauthorised crypto activity, with further action expected to support market integrity in the UK.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UNESCO launches regional observatory on AI in education in Latin America and the Caribbean

UNESCO has launched a new regional platform on AI in education for Latin America and the Caribbean, aiming to help governments respond to both a deep learning crisis and the rapid spread of AI tools in schools and universities.

Called the Observatory on Artificial Intelligence in Education for Latin America and the Caribbean, the initiative was launched on 14 April in Santiago, Chile, during the 2026 Forum of the Countries of Latin America and the Caribbean on Sustainable Development.

UNESCO presents the Observatory as the first regional platform anchored in the UN system dedicated to AI in education in Latin America and the Caribbean. It is designed as a multistakeholder mechanism bringing together the region’s 33 ministries of education, along with universities, research centres, teachers, and strategic partners, to generate evidence, strengthen capacities, and support public decision-making on how AI should be used in education.

The initiative is being framed as a response to two pressures at once. UNESCO says the region faces a serious learning crisis, while AI tools are spreading rapidly through classrooms and education systems, with uneven guidance and limited institutional preparedness. In that context, the Observatory is meant to support more context-specific policy development, stronger teacher training, and classroom-tested innovation within ethical frameworks, rather than leaving AI adoption to fragmented local experimentation.

That gives the launch a significance beyond a standard education technology initiative. The core argument is not simply that AI should be introduced into schools, but that governments need a shared regional capacity to shape its use. UNESCO sums that up with a simple principle: AI should not govern education; education should govern AI.

The Observatory is being developed with a broad coalition of regional and international partners, including the Development Bank of Latin America and the Caribbean, Chile’s National Centre for Artificial Intelligence, the Regional Centre for Studies on the Development of the Information Society, ECLAC, the Ceibal Foundation, Fundación Santillana, Tecnológico de Monterrey, ProFuturo, the Universidad del Desarrollo in Chile, and the International Research Centre on Artificial Intelligence. Its advisory council also includes the OECD, the Organisation of Ibero-American States, experts from Harvard University, and the UN Independent International Scientific Panel on AI.

Why does it matter?

The story shows UNESCO moving from broad principles on ethical AI to a more concrete regional governance model. Rather than issuing another general call for responsible AI in education, it is trying to build an institutional platform that can connect evidence, policy, teacher capacity, and public oversight across Latin America and the Caribbean.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ADR deadline falls for European Commission digital consumer redress tool

The European Commission is required, by 20 April 2026, to develop a user-friendly digital interactive tool providing information on consumer redress, including the use of alternative dispute resolution in cross-border disputes, under Directive (EU) 2025/2647.

According to the directive, the tool must also include links to information on consumer rights, host the lists of alternative dispute resolution entities and notified ADR contact points, and link to their websites. Where available, it must include direct links to ADR complaint forms.

The same provision requires the tool to include a machine translation function, which must be made available free of charge to ADR entities and ADR contact points. The Commission is also required to promote the tool and ensure its technical maintenance.

The directive says the tool aims to help consumers identify appropriate redress options for their specific case, especially in cross-border situations, and to support them in taking the appropriate action.

The recitals state that the additional functions of the tool, including direct links to complaint forms and the machine translation function, should be available as soon as possible, no later than 20 April 2026. Member States are to apply the measures from 20 September 2028.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ESMA signals end of MiCA transition period as EU crypto enforcement tightens

The EU’s crypto rulebook is moving into a more decisive enforcement stage, with the European Securities and Markets Authority (ESMA) issuing a fresh warning ahead of the end of transitional periods under the Markets in Crypto-Assets Regulation (MiCA).

ESMA says the transition will expire across the EU on 1 July 2026, after which firms providing crypto-asset services to EU clients without MiCA authorisation will be in breach of EU law and must stop offering such services.

Rather than announcing a new rule, ESMA’s statement clarifies what supervisors expect in the final stretch before the deadline. Unauthorised crypto-asset service providers must have credible and immediately executable wind-down plans in place, including arrangements for offboarding clients and transferring assets to an authorised provider or a self-hosted wallet. By 1 July 2026, those plans must already have been implemented.

ESMA also expects authorised providers to prepare for client migration from unauthorised platforms before the deadline, including through robust onboarding procedures and compliance with anti-money laundering and counter-terrorist financing requirements.

National competent authorities are expected to verify wind-down plans, take action against unauthorised providers, and scrutinise migration strategies to prevent firms from continuing business as usual after the transition ends.

The statement also sharpens the message to firms outside the EU. ESMA says third-country entities are not permitted to provide MiCA services to EU investors or solicit EU clients, except in the narrow case of reverse solicitation. It also warns against outsourcing or delegation arrangements that would allow unauthorised non-EU entities to continue serving EU clients indirectly.

For users, ESMA’s message is straightforward: protections under MiCA depend on dealing with an authorised EU entity, not simply a familiar brand name.

Investors are being urged to verify whether their provider appears in ESMA’s interim MiCA register and, where necessary, move assets to an authorised provider or a self-hosted wallet.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

South Korea’s Fair Trade Commission closes consultation on domestic agent rules for foreign platforms

South Korea’s Fair Trade Commission closes its public consultation on proposed amendments to the Enforcement Decree of the Act on Consumer Protection in Electronic Commerce, including new rules on domestic agents for certain overseas businesses.

According to the Fair Trade Commission, an overseas business without an address or place of business in South Korea would be required to designate a domestic agent if it meets at least one of three criteria: sales in the previous year exceeding ₩1 trillion, an average of more than 1 million domestic consumers accessing the cyber mall each month in the three months immediately preceding the end of the previous year, or a Fair Trade Commission request to submit reports and materials.

The proposed rules would also require overseas businesses, once a domestic agent is designated, to submit the agent’s name, address, telephone number, and email address to the Fair Trade Commission in writing without delay and to disclose that information on the first screen of the cyber mall they operate.

The Fair Trade Commission also says the amendments would establish business suspension standards for violations of the domestic agent obligation. According to the proposal, a first violation would lead to a three-month business suspension, a second violation to six months, and a third violation to 12 months.

In the same legislative notice, the Fair Trade Commission also proposed reducing the scope of identity information that platforms facilitating person-to-person transactions must verify for individual sellers, from five items to two: telephone number and email address.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Australian authorities warn of data exploitation through social media platforms

Social media and messaging services pose growing security and privacy risks, with personal data used to build profiles for fraud, espionage, or social engineering. Even routine posts may contribute to broader data collection and unintended exposure.

Platforms typically collect extensive user and device data under evolving privacy policies, sometimes storing it across jurisdictions with varying legal protections. Such conditions increase the risks to identity theft, reputational harm, and the misuse of aggregated personal information.

The Australian Government advises organisations to restrict access to official accounts, train staff, and enforce clear policies on what can be shared. It also highlights the importance of breach response procedures to maintain operational security.

For individuals, the Government guidance recommends limiting exposure of personal data, using privacy settings, avoiding unknown contacts, and applying strong authentication.

Regular updates, careful app permissions, and device security measures are also encouraged to reduce cyber risks.

Strengthening awareness and applying consistent security practices reduces vulnerability and supports more resilient organisational systems in an increasingly interconnected digital environment.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

FBI reports billions lost to crypto and AI scams

The Federal Bureau of Investigation reports that cyber-enabled crimes cost Americans nearly $21 billion in 2025, according to its latest Internet Crime Report. The Internet Crime Complaint Center recorded more than 1 million complaints, marking a rise from the previous year.

Investment fraud, phishing, extortion, and tech support scams remained the most common threats, with older adults reporting disproportionately high losses. Individuals over 60 accounted for approximately $7.7 billion in losses, reflecting a sharp year-on-year increase.

Cryptocurrency-related fraud was the most financially damaging category, with losses exceeding $11 billion across more than 180,000 complaints. The report also highlighted emerging risks linked to AI, including deepfake identities, voice cloning, and fabricated media used to manipulate victims.

The FBI has expanded initiatives such as Operation Level Up to identify ongoing scams and reduce losses, while emphasising early reporting and awareness measures. Officials say scammers increasingly use psychological pressure and realistic digital impersonation to deceive victims.

Rising losses highlight how rapidly evolving digital fraud techniques are outpacing public awareness, with crypto and AI tools making scams more scalable and convincing.

Strengthening detection, reporting, and education will be critical to reducing financial harm and improving resilience against increasingly sophisticated online crime networks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Transparency push for online advertising systems

Researchers from the University of California and Iowa have warned that structural weaknesses in the digital advertising ecosystem continue to expose advertisers to hidden risks and fraud. The study highlights how complexity and limited transparency enable manipulation across the supply chain.

A key issue identified is ‘dark pooling’, in which lower-quality advertising inventory is bundled with premium placements, obscuring their true value. This practice can mislead buyers and distort pricing across the market.

The authors argue that current safeguards fail to address these vulnerabilities effectively, as responsibilities are fragmented among multiple stakeholders. This lack of coordination allows systemic issues to persist.

To address the problem, the researchers propose a shared vulnerability notification framework involving advertisers, publishers and intermediaries. The study suggests such collaboration could strengthen accountability and improve trust in digital advertising markets in the US.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

DMCC Act 2024 brings UK ADR reporting rules into force

UK regulations under the Digital Markets, Competition and Consumers (DMCC) Act 2024, referred to here as the DMCC Act 2024, are now in force, requiring accredited alternative dispute resolution providers to report information to the ADR authority and to make it available to consumers on their websites.

Under the DMCC Act 2024 (Alternative Dispute Resolution) (Information) Regulations, an accredited ADR provider must submit an annual report to the ADR authority in writing on a durable medium.

An accredited ADR provider is a person or entity that either conducts alternative dispute resolution for a consumer contract dispute or arranges for it to occur. The same information must also be published for consumers on the provider’s website within one month of each anniversary of accreditation.

Accredited ADR providers must also notify the ADR authority of any changes to the information listed in Part 2 of the Schedule. Former accredited ADR providers are required to submit a Part 1 report within one month after their accreditation ends.

Exempt ADR providers must provide the information in Parts 1 and 2 of the Schedule to the ADR authority to the extent that the same information is also supplied to a regulator, and must do so within one month of providing it to that regulator.

Why does it matter?

The DMCC Act 2024 regulations add transparency to the UK ADR system. Accredited providers must now report information to the ADR authority and publish it for consumers, creating clearer oversight and making it easier to see how accredited schemes operate.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.