OECD examines young people’s social media use

The OECD has warned that young people are growing up in a social media age that offers opportunities for creativity and connection, but also creates risks for learning, well-being and online safety.

In a new Digital Economy Paper, ‘Growing up in the social media age’, the OECD reviews research on young people’s social media use and analyses data from the 2022 Programme for International Student Assessment. The paper focuses mainly on 15-year-olds and examines links between social media use, academic outcomes, creative thinking and policy responses.

The OECD says social media is almost universal among 15-year-olds. Around 95% report browsing social media daily, while 88% report communicating or sharing digital content on social platforms. On average, 15-year-olds across the OECD spend almost 35 hours a week on social media.

The paper says the evidence on social media and well-being remains complex. Excessive use is often associated with negative outcomes, but correlations do not prove that social media directly causes lower academic performance, poorer mental health or reduced well-being.

The OECD finds that moderate social media use is associated with stronger academic performance than either no use or heavy use. Mathematics performance is highest among students who use social media moderately, while performance tends to decline as time spent on social media exceeds 3 hours a day.

Creative thinking follows a similar pattern. Scores peak at moderate levels of browsing social media, usually one to three hours per day, but decline when students spend more than one hour communicating or sharing digital content.

The paper also notes that school mobile phone bans are becoming more common, but implementation remains difficult. Across the OECD, 29% of 15-year-olds in schools that ban mobile phones still reported using their phone at school several times a day.

The OECD says governments need balanced policies that help young people benefit from social media while protecting them from risks, and that safeguards should also respect freedom of expression, privacy, innovation and fair competition.

Why does it matter?

The OECD paper is useful because it pushes the debate beyond a simple ‘ban or allow’ framing. It shows that young people’s social media use is widespread and often excessive, yet moderate use can be associated with positive outcomes. For policymakers, the challenge is to design rules on school phone use, age limits and platform obligations that protect children without cutting them off from digital participation, creativity and social connection.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

US sets post-quantum cryptography deadlines for federal systems

US President Donald Trump has signed an executive order setting deadlines for federal agencies to migrate high-priority systems to post-quantum cryptography.

Executive Order 14409 says large-scale quantum computers could threaten widely used cryptographic systems and create risks for sensitive government data, critical infrastructure and the digital economy. It also highlights ‘harvest now, decrypt later’ attacks, where adversaries collect encrypted information today and decrypt it once quantum capabilities become available.

The order makes it US policy to transition federal information systems to National Institute of Standards and Technology-approved Federal Information Processing Standards for post-quantum cryptography. It also directs the federal government to assist critical infrastructure owners and operators with their own migration planning.

Within 30 days, each federal agency must name a post-quantum cryptography migration lead responsible for cryptographic inventories, migration planning and cross-agency coordination.

The Office of Management and Budget must issue guidance within 90 days requiring agencies to review inventories of high-value assets and high-impact systems (excluding National Security Systems) and submit migration plans.

Federal high-value assets and high-impact systems must transition to post-quantum cryptography for key establishment by 31 December 2030 and for digital signatures by 31 December 2031.

The order also directs CISA, in coordination with NIST, to publish public guidance within 270 days on minimum elements for a cryptographic bill of materials, supporting automated assessment of cryptographic assets in hardware and software.

Procurement rules are also expected to change. The Federal Acquisition Regulatory Council must propose requirements for covered contractors to comply with NIST cryptographic standards, including applicable post-quantum standards, by 31 December 2030.

Why does it matter?

The order gives the US post-quantum transition concrete deadlines and turns cryptographic migration into an operational, procurement and critical infrastructure issue. Quantum-capable attacks remain a future risk, but encrypted data can be stolen now and decrypted later. By requiring inventories, migration leads, contractor obligations and cryptographic bills of materials, the EO pushes agencies and suppliers to understand where vulnerable cryptography is used before quantum threats become practical.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Digital harms and child protection drive major Criminal Code reforms in Canada

Canada has enacted new criminal justice legislation aimed at strengthening protections for children, restoring mandatory minimum sentences for serious sexual offences and expanding legal tools to combat online exploitation and digital abuse. The Protecting Victims Act has been presented as a major update to the Criminal Code.

The law increases penalties for offences including sexual abuse, voyeurism, sextortion and the non-consensual sharing of intimate images, including AI-generated or digitally manipulated sexual deepfakes. Authorities have also been given enhanced powers to pursue offenders operating across borders.

Additional provisions extend investigative timeframes and require internet service providers to retain certain data for longer periods, improving access to evidence in cases involving online exploitation and abuse. The legislation also introduces a new criminal offence targeting the recruitment of minors into criminal activity.

Officials said the reforms are intended to strengthen enforcement capabilities and promote greater consistency in sentencing for serious offences, while preserving limited judicial discretion where mandatory penalties would be clearly disproportionate.

Why does it matter?

The reforms reflect how child protection laws are evolving to address increasingly digital forms of exploitation. Offences such as sextortion, non-consensual image sharing and AI-generated sexual deepfakes have created new challenges for law enforcement and courts, requiring legal frameworks that can respond to technology-enabled harms as effectively as traditional offences.

The legislation also highlights a broader policy trend towards stronger investigative powers and cross-border enforcement cooperation in cases involving online abuse. As criminal activity increasingly relies on digital platforms and international networks, governments are seeking new tools to obtain evidence, identify offenders and protect victims while balancing privacy, due process and judicial oversight.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Spain reports higher removal of online hate speech content

Spain’s Observatory on Racism and Xenophobia identified 31,003 pieces of hate speech and discriminatory content on social media in May 2026, according to its monthly monitoring report.

The Observatory, known as OBERAXE, said digital platforms removed 65% of notified content, up from 56% in April. TikTok, X and Instagram recorded the highest removal rates, while the Trusted Flagger route continued to perform better than ordinary user reporting.

Trusted Flagger notifications accounted for 53% of removed content, compared with 48% in April. Content reported through ordinary user channels reached a removal rate of 12%, up from 8% the previous month.

The report found that 73% of detected content presented targeted groups as a threat, while dehumanising and severely degrading messages increased sharply compared with April. It also recorded frequent use of aggressive language and growing reliance on images, videos, memes and coded expressions.

People from North Africa remained the main target of online hate speech, followed by African and Afro-descendant people and Roma people. Narratives linked to citizen insecurity accounted for the largest share of detected content, followed by content related to social benefits and access to public resources.

OBERAXE said continued cooperation with digital platforms is essential to improve detection, removal procedures and policies aimed at combating discrimination online.

Why does it matter?

The report shows how hate speech monitoring is becoming part of platform governance and anti-discrimination policy. Spain’s data suggest that trusted reporting channels can improve removal rates, but the scale and persistence of hostile narratives show the limits of reactive moderation. The findings also raise wider questions about transparency, platform accountability and how governments can address online hate while protecting freedom of expression.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Cybercriminals exploit World Cup hype with phishing schemes

Cybercriminals are exploiting World Cup interest through fake streaming platforms, phishing campaigns, counterfeit online stores and betting-related scams, according to Kaspersky researchers.

The security company said it had identified more than 336 fake websites designed to imitate official World Cup pages. Many scams target fans looking for cheaper tickets, free match streams or tournament merchandise.

Some fake streaming sites ask users to register and pay for access to matches, sometimes using cryptocurrency. Others collect personal data that can later be used in further phishing attacks.

Kaspersky also identified counterfeit merchandise shops, fraudulent betting schemes and phishing emails promoting fake offers or paid predictions. Some scams rely on urgency, limited-time claims and professional-looking websites to pressure users into sharing payment or personal information.

The company warned that AI-generated websites and more polished scam designs are making fraudulent pages harder to distinguish from legitimate services during high-demand events.

Kaspersky advised fans to use official sources, check website addresses carefully and avoid offers that promise free access, unrealistic discounts or guaranteed betting results.

Why does it matter?

Major sporting events create ideal conditions for online fraud because demand, urgency and emotion are all high. World Cup scams show how criminals combine phishing, fake e-commerce, streaming fraud and social engineering to steal money and personal data. The use of polished or AI-generated websites also reflects a wider challenge for consumer protection: scams are becoming easier to create at scale and harder for users to recognise.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Malaysia moves to strengthen laws against AI-enabled crimes

Malaysia is moving to strengthen its legal framework to address AI-enabled offences, including deepfakes, identity impersonation and AI-generated child sexual abuse material, according to Digital Minister Gobind Singh Deo.

Speaking in the Dewan Rakyat, Gobind said Malaysia already has legal protections in several areas, particularly those involving children, but that the country’s regulatory framework must evolve to keep pace with emerging AI-related risks, especially those affecting young people.

The minister said the government is pursuing a two-pronged strategy that combines safety-by-design measures during AI development with stronger enforcement mechanisms when AI-generated content violates existing laws.

Gobind added that the government is consulting academics, religious leaders and other stakeholders as part of its review process to ensure future regulations remain effective as AI technologies continue to evolve.

Why does it matter?

The initiative reflects a growing challenge facing governments worldwide: adapting legal systems to address harms created or amplified by AI technologies. Deepfakes, synthetic identities and AI-generated abuse material are creating new enforcement challenges that often do not fit neatly within existing legal frameworks designed for earlier digital technologies.

Malaysia’s approach also highlights an emerging policy trend that combines prevention and enforcement. Rather than relying solely on criminal penalties, governments are increasingly exploring safety-by-design requirements, risk management measures and stakeholder consultation to reduce harm before it occurs. The outcome of Malaysia’s review could influence how other countries in the region approach AI governance, online safety and digital rights.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK licenses NCSC-developed SilentGlass cyber security device for global use

The UK government has licensed SilentGlass, a cybersecurity device developed by the National Cyber Security Centre, for global manufacture and sale.

SilentGlass is a plug-and-play hardware device designed to protect connected devices from attacks delivered through digital display connections. It sits between a laptop and a screen, monitoring HDMI and DisplayPort connections and blocking unexpected or malicious activity.

The technology was developed by the NCSC to address risks linked to modern smart monitors and shared display environments. It has already been deployed across government estates and is now being made available more widely.

The Government Office for Technology Transfer supported the commercialisation process, including intellectual property strategy, market assessment and licensing. Following a competitive process, a global licence was awarded to the UK-based cybersecurity company Goldilock Labs.

The government said the project shows how public-sector intellectual property can be commercialised to support wider cyber resilience and UK cybersecurity innovation.

The NCSC said the agreement could serve as a model for bringing more government-developed technologies to market.

Why does it matter?

SilentGlass highlights a less visible part of cyber risk: physical and hardware-layer connections between workplace devices. As smart displays, shared workspaces, and hybrid working environments become more common, video and peripheral links can become attack surfaces. The case also shows how governments can move cybersecurity capabilities developed for public-sector use into the commercial market through licensing and technology transfer.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Prime Minister Modi promotes human-centred AI governance at G7

Prime Minister Narendra Modi called for a human-centric approach to AI development while addressing a G7 Summit outreach session focused on the safe, rapid and efficient deployment of AI.

Modi said AI has the potential to reshape human civilisation but should be guided by principles of inclusivity, security and the public good. He highlighted India’s human-centric ‘MANAV’ vision for AI and referenced the country’s recent AI Impact Summit as part of its broader efforts to promote responsible AI development.

The Prime Minister of India said democratic countries should have access to advanced AI models capable of protecting critical information infrastructure and supporting responses to cybersecurity threats. He also called for an integrated approach that addresses safety, speed and efficiency together.

He argued that AI systems should be safe by design, supported by common standards and regulatory frameworks, and reinforced through international cooperation to address challenges such as deepfakes, misinformation and cyber fraud. The remarks were delivered at the G7 Summit in Evian, France.

Why does it matter?

Modi’s remarks reflect a growing international effort to shape AI governance around principles of safety, trust and public benefit. As governments seek to harness AI’s economic and societal potential, questions around security, misinformation, critical infrastructure protection and equitable access are becoming central to global policy discussions.

The intervention also highlights the increasing role of middle and emerging powers in AI governance debates. By promoting a human-centric approach and calling for common standards and international cooperation, India is positioning itself as an active participant in efforts to shape global norms for AI development and deployment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ireland strengthens AML framework with focus on crypto-asset risks

Ireland has launched a new National Risk Assessment and a 30-point action plan aimed at strengthening its response to money laundering, terrorist financing, and proliferation financing risks. The framework identifies crypto-assets as a significant emerging vulnerability, reflecting their increasing use in complex and cross-border financial crime schemes.

The action plan introduces enhanced safeguards for digital finance, including stricter due diligence requirements when crypto-assets are used as a source of funds. The Gambling Regulatory Authority of Ireland has been tasked with developing standards to ensure firms verify the legitimacy and origin of crypto-related funds, with implementation expected by 2027.

Authorities also plan to strengthen supervisory powers, improve transparency around beneficial ownership and enhance coordination between financial crime and tax enforcement bodies. The approach targets evolving criminal methods combining cash-based laundering with digital tools, including crypto-assets and cross-border layering techniques.

The initiative also forms part of Ireland’s preparation for its 2028 international anti-money laundering evaluation.

Why does it matter?

The new framework reflects a broader regulatory shift toward treating crypto-assets as embedded components of financial crime risk rather than isolated instruments. By integrating digital asset controls into its AML framework, Ireland is improving detection of hybrid laundering schemes combining cash flows with blockchain transfers and aligning with international assessments.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Meta expands AI-powered teen safety protections across its platforms

Meta has announced new teen safety updates across Instagram, Facebook, and Messenger, including expanded age-appropriate content settings, AI-powered age detection, and new parental notification tools.

Meta said the updates are designed to ensure teens receive appropriate protections by default, give parents greater visibility into online activity and strengthen safeguards that support young people’s well-being.

Meta said its 13+ default content setting, recently introduced in India, is now rolling out globally across Instagram, Facebook, and Messenger. The setting is designed to limit exposure to age-inappropriate content by default, drawing on established content-rating principles and parent feedback.

On Facebook, the 13+ default setting is intended to hide content considered inappropriate for teens in areas such as Feed and Reels. It also limits teens’ ability to interact with Profiles, Pages, Groups, and Events that primarily post inappropriate content.

On Messenger, the 13+ default setting limits teens’ ability to view links to inappropriate Facebook content or chat with accounts that primarily share it.

Meta is also expanding its use of AI-powered age estimation systems to identify accounts that may belong to underage users. The company said the system analyses profile context, including birthday celebrations, school-grade mentions, posts, comments, bios, and captions, to assess whether an account is likely to belong to someone underage.

The company said it is adding visual analysis as another detection technique. According to Meta, the technology analyses photos and videos for general indicators associated with age, such as physical characteristics, but does not identify individuals and does not use facial recognition.

Meta said combining visual signals with text and interaction analysis could increase the number of underage accounts it identifies and removes. The technology will be expanded across additional parts of its apps, including Instagram Reels, Instagram Live, and Facebook Groups.

Instagram will also notify supervising parents if a teen repeatedly searches for terms related to suicide or self-harm within a short period, subject to supervision settings. Meta said the feature has been rolled out to supervising parents in the EU, Brazil, and India, with parents and teens receiving notifications that the alerts are on the way.

Parents using supervision can now manage their teens’ activity through Meta’s Family Center across Instagram, Meta Horizon, Facebook, and Messenger. Meta said parents will also be able to see a more holistic view of teen activity across its apps in the coming months, including aggregated time spent.

Why does it matter?

The announcement reflects a broader shift towards age-appropriate design, where platforms increasingly rely on default protections and automated systems rather than expecting young users or parents to configure safety settings themselves. AI-based age detection is becoming a central tool in efforts to identify underage users and enforce platform safeguards at scale.

The update also highlights ongoing debates about the balance between child protection, privacy and platform accountability. While automated age-estimation technologies may help improve online safety, regulators and civil society groups continue to scrutinise their accuracy, transparency and potential impact on users’ rights. As governments around the world consider stricter child online safety requirements, platform approaches such as Meta’s may influence future regulatory expectations.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!