Consumer protection

OpenAI launches Instant Checkout to enable in-chat purchases

OpenAI has launched Instant Checkout, a feature that lets users make direct purchases within ChatGPT. The initial rollout applies to US Etsy sellers, with Shopify merchants to follow.

The system is powered by the Agentic Commerce Protocol, which OpenAI co-developed with Stripe, and currently supports single-item purchases. Future updates will add multi-item carts and expand to more regions.

According to OpenAI, product results in ChatGPT are organic and ranked for relevance. The e-commerce framework will be open-sourced to accelerate integrations for merchants and developers. Users can pay using cards already on file, and transactions involve explicit confirmation steps, scoped payment tokens, and limited data sharing to build trust.

Michelle Fradin, OpenAI’s product lead for ChatGPT commerce, said the goal is to move beyond information retrieval and support real-world actions. Stripe’s president for technology and business, Will Gaybrick, described the partnership as laying economic infrastructure for AI.

Merchants will pay a small fee on completed purchases, while users are not charged extra and product prices remain unchanged.

Reuters reported that Etsy and Shopify’s stocks rose significantly following the announcement, with Etsy closing up nearly 16 percent and Shopify more than 6 percent. The company plans to extend the system to more merchants and payment types over time.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Gen Z most vulnerable to phishing scams

A global survey commissioned by Yubico suggests that younger workers are more vulnerable to phishing scams than older generations. Gen Z respondents reported the highest level of interaction with phishing messages, with 62 percent admitting they engaged with a scam in the past year.

The study gathered responses from 18,000 employed adults in nine countries, including the UK, US, France, and Japan. In the past twelve months, 44 percent of participants admitted to clicking on or replying to a phishing message.

AI is raising the stakes for cybersecurity. Seventy percent of those surveyed believe phishing has become more effective due to AI, and 78 percent said the attacks seem more sophisticated. More than half could not confidently identify a phishing email when shown one.

Despite growing risks, cyber defences remain patchy. Only 48 percent said their workplace used multi-factor authentication across all services, and 40 percent reported never receiving cybersecurity training from their employer.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Rising stress leaves cyber professionals at breaking point

Burnout is a significant challenge in the cybersecurity sector, as workers face rising threats and constant pressure to defend organisations. A BBC report highlights how professionals often feel overworked and undervalued, with stress levels leading some to take extended leave.

UK-based surveys reflect growing strain. Membership body ISC2 found that job satisfaction among cybersecurity staff dropped in 2024, with burnout cited as a key issue. Experts say demands have increased while resources remain stretched, leaving staff expected to stay on call around the clock.

Hackers are becoming more aggressive, targeting health services, retailers, and critical national infrastructure. Nation-state actors, including North Korean groups linked to large crypto thefts, are also stepping up activity. These attacks add to the psychological burden on frontline defenders.

Industry figures warn that high turnover risks weakening cyber resilience, especially in junior roles. Initiatives like Cybermindz call for better mental health support, while some argue for protections akin to those for first responders.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

AI agents complete first secure transaction with Mastercard and PayOS

PayOS and Mastercard have completed the first live agentic payment using a Mastercard Agentic Token, marking a pivotal step for AI-driven commerce. The demonstration, powered by Mastercard Agent Pay, extends the tokenisation infrastructure that already underpins mobile payments and card storage.

The system enables AI agents to initiate payments while enforcing consent, authentication, and fraud checks, thereby forming what Mastercard refers to as the trust layer. It shows how card networks are preparing for agentic transactions to become central to digital commerce.

Mastercard’s Chief Digital Officer, Pablo Fourez, stated that the company is developing a secure and interoperable ecosystem for AI-driven payments, underpinned by tokenized credentials. The framework aims to prepare for a future where the internet itself supports native agentic commerce.

For PayOS, the milestone represents a shift from testing to commercialisation. Chief executive Johnathan McGowan said the company is now onboarding customers and offering tools for fraud prevention, payments risk management, and improved user experiences.

The achievement signals a broader transition as agentic AI moves from pilot to real-world deployment. If security models remain effective, agentic payments could soon differentiate platforms, merchants, and issuers, embedding autonomy into digital transactions.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI-powered Opera Neon browser launches with premium subscription

After its announcement in May, Opera has started rolling out Neon, its first AI-powered browser. Unlike traditional browsers, Neon is designed for professionals who want AI to simplify complex online workflows.

The browser introduces Tasks, which act like self-contained workspaces. AI can understand context, compare sources, and operate across multiple tabs simultaneously to manage projects more efficiently.

Neon also features cards and reusable AI prompts that users can customise or download from a community store, streamlining repeated actions and tasks.

Its standout tool, Neon Do, performs real-time on-screen actions such as opening tabs, filling forms, and gathering data, while keeping everything local. Opera says no data is shared, and all information is deleted after 30 days.

Neon is available by subscription at $19.90 per month. Invitations are limited during rollout, but Opera promises broader availability soon.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

California enacts first state-level AI safety law

In the US, California Governor Gavin Newsom has signed SB 53, a landmark law establishing transparency and safety requirements for large AI companies.

The legislation obliges major AI developers such as OpenAI, Anthropic, Meta, and Google DeepMind to disclose their safety protocols. It also introduces whistle-blower protections and a reporting mechanism for safety incidents, including cyberattacks and autonomous AI behaviour not covered by the EU AI Act.

Reactions across the industry have been mixed. Anthropic supported the law, while Meta and OpenAI lobbied against it, with OpenAI publishing an open letter urging Newsom not to sign. Tech firms have warned that state-level measures could create a patchwork of regulation that stifles innovation.

Despite resistance, the law positions California as a national leader in AI governance. Newsom said the state had demonstrated that it was possible to safeguard communities without stifling growth, calling AI ‘the new frontier in innovation’.

Similar legislation is under consideration in New York, while California lawmakers are also debating SB 243, a separate bill that would regulate AI companion chatbots.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ChatGPT gets family safety update with parental controls

OpenAI has introduced new parental controls for ChatGPT, giving families greater oversight of how teens use the AI platform. The tools, which are live for all users, allow parents to link accounts with their children and manage settings through a simple control dashboard.

The system introduces stronger safeguards for teen accounts, including filters on graphic or harmful content and restrictions on roleplay involving sex, violence or extreme beauty ideals.

Parents can also fine-tune features such as voice mode, memory, image generation, or set quiet hours when ChatGPT cannot be accessed.

A notification mechanism has been added to alert parents if a teen shows signs of acute distress, escalating to emergency services in critical cases. OpenAI said the controls were shaped by consultation with experts, advocacy groups, and policymakers and will be expanded as research evolves.

To complement the parental controls, a new online resource hub has been launched to help families learn how ChatGPT works and explore positive uses in study, creativity and daily life.

OpenAI also plans to roll out an age-prediction system that automatically applies teen-appropriate settings.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EDPB issues guidelines on GDPR-DSA tension for platforms

On 12 September 2025, the European Data Protection Board (EDPB) adopted draft guidelines detailing how online platforms should reconcile requirements under the GDPR and the Digital Services Act (DSA). The draft is now open for public consultation through 31 October.

The guidelines address key areas of tension, including proactive investigations, notice-and-action systems, deceptive design, recommender systems, age safety and transparency in advertising. They emphasise that DSA obligations must be implemented in ways consistent with GDPR principles.

For instance, the guidelines suggest that proactive investigations of illegal content should generally be grounded on ‘legitimate interests’, include safeguards for accuracy, and avoid automated decisions with legal effects.

Platforms are also told to provide users with non-profiling recommendation systems. The documents encourage data protection impact assessments (DPIAs) when identifying high risks.

The guidance also clarifies that the DSA does not override the GDPR. Platforms subject to both must ensure lawful, fair and transparent processing while integrating risk analysis and privacy by design. The draft guidelines include practical examples and cross-references to existing EDPB documents.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Internal chatbot Veritas helps Apple refine Siri features ahead of launch

Apple is internally testing its upcoming Siri upgrade with a chatbot-style tool called Veritas, according to a report by Bloomberg. The app enables employees to experiment with new capabilities and provide structured feedback before a public launch.

Veritas enables testers to type questions, engage in conversations, and revisit past chats, making it similar to ChatGPT and Gemini. Apple is reportedly using the feedback to refine Siri’s features, including data search and in-app actions.

The tool remains internal and is not planned for public release. Its purpose is to make Siri’s upgrade process more efficient and guide Apple’s decision on future chatbot-like experiences.

Apple executives have said they prefer integrating AI into daily tasks instead of offering a separate chatbot. Craig Federighi confirmed at WWDC that Apple is focused on natural task assistance rather than a standalone product.

Bloomberg reports that the new Siri will use Apple’s own AI models alongside external systems like Google’s Gemini, with a launch expected next spring.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Semicon Coalition unites EU on chip strategy and autonomy

European ministers have signed the Declaration of the Semicon Coalition, calling for a revised EU Chips Act 2.0 to boost semiconductor resilience, innovation, and competitiveness. The declaration outlines five priorities: collaboration, investment, skills, sustainability, and global partnerships.

The coalition, launched by the Netherlands in March, includes Austria, Belgium, Finland, France, Germany, Italy, Poland, and Spain. Other EU states joined today in Brussels, where Dutch minister Vincent Karremans presented the declaration to the European Commission.

Over fifty leading European and international semiconductor players have endorsed the declaration. This support strengthens momentum for placing end-markets at the core of the EU’s semiconductor strategy and aligns with Mario Draghi’s report on competitiveness.

The priorities include aligning EU and national funding, accelerating approvals for strategic projects, building a skilled talent pipeline, and promoting circular, energy-efficient manufacturing. International partnerships will also be deepened while safeguarding European strategic autonomy.

Minister Karremans said the strategy demonstrates Europe’s response to global tensions and its commitment to boosting semiconductor capacity, research funding, and readiness for demand in AI, automotive, energy, and defense.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!