Cybersecurity

France pushes for nighttime social media curfews for teens

French lawmakers are calling for stricter regulations on teen social media use, including mandatory nighttime curfews, following a parliamentary report examining TikTok’s psychological impact on minors.

The 324-page report, published Thursday by a National Assembly Inquiry Commission, proposes that social media accounts for 15- to 18-year-olds be automatically disabled between 10 p.m. and 8 a.m. to help combat mental health issues.

The report contains 43 recommendations, including greater funding for youth mental health services, awareness campaigns in schools, and a national ban on social media access for those under 15. Platforms with algorithmic recommendation systems, like TikTok, are specifically targeted.

Arthur Delaporte, the lead rapporteur and a socialist MP, also announced plans to refer TikTok to the Paris Public Prosecutor, accusing the platform of knowingly exposing minors to harmful content.

The report follows a December 2024 lawsuit filed by seven families who claim TikTok’s content contributed to their children’s suicides.

TikTok rejected the accusations, calling the report “misleading” and highlighting its safety features for minors.

The report urges France not to wait for EU-level legislation and instead to lead on national regulation. President Emmanuel Macron previously demanded an EU-wide ban on social media for under-15s.

However, the European Commission has said cultural differences make such a bloc-wide approach unfeasible.

Looking ahead, the report supports stronger obligations in the upcoming Digital Fairness Act, such as giving users greater control over content feeds and limiting algorithmic manipulation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU enforces tougher cybersecurity rules under NIS2

The European Union’s NIS2 directive has officially come into force, imposing stricter cybersecurity duties on thousands of organisations.

Adopted in 2022 and implemented into national law by late 2024, the rules extend beyond critical infrastructure to cover more industries. Energy, healthcare, transport, ICT, and even waste management firms now face mandatory compliance.

Measures include multifactor authentication, encryption, backup systems, and stronger supply chain security. Senior executives are held directly responsible for failures, with penalties ranging from heavy fines to operational restrictions.

Companies must also report major incidents promptly to national authorities. Unlike ISO certifications, NIS2 requires organisations to prove compliance through internal processes or independent audits, depending on national enforcement.

Analysts warn that firms still reliant on legacy systems face a difficult transition. Yet experts agree the directive signals a decisive shift: cybersecurity is now a legal duty, not simply best practice.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Jaguar Land Rover extends production halt after cyberattack

Jaguar Land Rover has told staff to stay at home until at least Wednesday as the company continues to recover from a cyberattack.

The hack forced JLR to shut down systems on 31 August, disrupting operations at plants in Halewood, Solihull and Wolverhampton, UK. Production was initially paused until 9 September but has now been extended for at least another week.

Business minister Sir Chris Bryant said it was too early to determine whether the attack was state-sponsored. The incident follows a wave of cyberattacks in the UK, including recent breaches at M&S, Harrods and train operator LNER.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Switzerland weighs new digital security measures

The Swiss government has proposed a new regulation that would require digital service providers with more than 5,000 users to collect government-issued identification, retain subscriber data for six months, and, in some cases, disable encryption. The proposal, which does not require parliamentary approval, has triggered alarm among privacy advocates and technology companies worldwide.

The measure would impact services such as VPNs, encrypted email, and messaging platforms. The regulation would mandate providers to collect users’ email addresses, phone numbers, IP addresses, and device port numbers, and to share them with authorities upon request, without the need for a court order.

Swiss official Jean-Louis Biberstein emphasised that the proposed regulation includes strict safeguards to prevent mass surveillance, framing the initiative as a necessary measure to address cyberattacks, organised crime, and terrorism.

While the timeline for implementation remains uncertain, the government of Switzerland is committed to a public consultation process, allowing stakeholders to provide input before any final decision is made.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

NATO and Seoul expand cybersecurity dialogue and defence ties

South Korea and NATO have pledged closer cooperation on cybersecurity following high-level talks in Seoul this week, according to Yonhap News Agency.

The discussions, led by Ambassador for International Cyber Affairs Lee Tae Woo and NATO Assistant Secretary General Jean-Charles Ellermann-Kingombe, focused on countering cyber threats and assessing risks in the Indo-Pacific and Euro-Atlantic regions.

Launched in 2023, the high-level cyber dialogue aims to deepen collaboration between South Korea and NATO in the cybersecurity domain.

The meeting followed talks between Defence Minister Ahn Gyu-back and NATO Military Committee chair Giuseppe Cavo Dragone during the Seoul Defence Dialogue earlier this week.

Dragone said cooperation would expand across defence exchanges, information sharing, cyberspace, space, and AI as ties between Seoul and NATO strengthen.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

China creates brain-inspired AI model

Chinese scientists have unveiled SpikingBrain1.0, the world’s first large-scale AI language model to replicate the human brain. The model reduces energy use and runs independently of Nvidia chips, departing from conventional AI architectures.

Developed by the Chinese Academy of Sciences, SpikingBrain1.0 uses spiking neural networks to activate only the required neurons for each task, rather than processing all information simultaneously.

Instead of evaluating every word in parallel, it focuses on the most recent and relevant context, enabling faster and more efficient processing. Researchers claim the model operates 25 to 100 times faster than traditional AI systems while keeping accuracy competitive.

A significant innovation is hardware independence. SpikingBrain1.0 runs on China’s MetaX chip platform, reducing reliance on Nvidia GPUs. It also requires less than 2% of the data typically needed for pre-training large language models, making it more sustainable and accessible.

SpikingBrain1.0 could power low-energy, real-time applications such as autonomous drones, wearable devices, and edge computing. The model highlights a shift toward biologically-inspired AI prioritising efficiency and adaptability over brute-force computation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK launches CAF 4.0 for cybersecurity

The UK’s National Cyber Security Centre has released version 4.0 of its Cyber Assessment Framework to help organisations protect essential services from rising cyber threats.

An updated CAF that provides a structured approach for assessing and improving cybersecurity and resilience across critical sectors.

Version 4.0 introduces a deeper focus on attacker methods and motivations to inform risk decisions, ensures software in essential services is developed and maintained securely, and strengthens guidance on threat detection through security monitoring and threat hunting.

AI-related cyber risks are also now covered more thoroughly throughout the framework.

The CAF primarily supports energy, healthcare, transport, digital infrastructure, and government organisations, helping them meet regulatory obligations such as the NIS Regulations.

Developed in consultation with UK cyber regulators, the framework provides clear benchmarks for assessing security outcomes relative to threat levels.

Authorities encourage system owners to adopt CAF 4.0 alongside complementary tools such as Cyber Essentials, the Cyber Resilience Audit, and Cyber Adversary Simulation services. These combined measures enhance confidence and resilience across the nation’s critical infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FTC opens inquiry into AI chatbots and child safety

The US Federal Trade Commission has launched an inquiry into AI chatbots that act as digital companions, raising concerns about their impact on children and teenagers.

Seven firms, including Alphabet, Meta, OpenAI and Snap, have been asked to provide information about how they address risks linked to ΑΙ chatbots designed to mimic human relationships.

Chairman Andrew Ferguson said protecting children online was a top priority, stressing the need to balance safety with maintaining US leadership in AI. Regulators fear minors may be particularly vulnerable to forming emotional bonds with AI chatbots that simulate friendship and empathy.

An inquiry that will investigate how companies develop AI chatbot personalities, monetise user interactions and enforce age restrictions. It will also assess how personal information from conversations is handled and whether privacy laws are being respected.

Other companies receiving orders include Character.AI and Elon Musk’s xAI.

The probe follows growing public concern over the psychological effects of generative AI on young people.

Last month, the parents of a 16-year-old who died by suicide sued OpenAI, alleging ChatGPT provided harmful instructions. The company later pledged corrective measures, admitting its chatbot does not always recommend mental health support during prolonged conversations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Vietnam confirms cyberattack on National Credit Information Center

Vietnam’s National Credit Information Centre (CIC), a key financial data hub under the State Bank of Vietnam, confirmed a cybersecurity attack, according to the Vietnam Cyber Emergency Response Centre (VNCERT). Initial investigations suggest the attack was a deliberate attempt by cybercriminals to steal personal data.

VNCERT reported signs of unauthorized data access and potential leaks of sensitive information. The Department of Cybersecurity and High-Tech Crime Prevention has tasked VNCERT with leading the incident response and coordinating with major cybersecurity firms, including Viettel, VNPT, and NCS.

Authorities have deployed technical measures to contain the breach, assess its scope, and preserve the integrity of the national financial system. Evidence is being gathered for possible legal proceedings, while the full extent of compromised data remains under investigation.

VNCERT has warned individuals and organisations not to download, share, or exploit any leaked data, citing Vietnam’s data protection laws. Government agencies and financial institutions have been urged to audit their systems and comply with national cybersecurity standards.

Cybersecurity expert Ngô Minh Hiếu noted that critical banking data, such as passwords and credit card numbers, is not stored in CIC, suggesting financial transactions remain unaffected.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

M&S technology chief steps down after cyberattack

Marks & Spencer’s technology chief, Rachel Higham, has stepped down less than 18 months after joining the retailer from BT.

Her departure comes months after a cyberattack in April by Scattered Spider disrupted systems and cost the company around £300 million. Online operations, including click-and-collect, were temporarily halted before being gradually restored.

In a memo to staff, the company described Higham as a steady hand during a turbulent period and wished her well. M&S has said it does not intend to replace her role, leaving questions over succession directly.

The retailer expects part of the financial hit to be offset by insurance. It has declined to comment further on whether Higham will receive a payoff.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot