IWF warns under-16 social media ban is not enough to stop online abuse

The Internet Watch Foundation (IWF) has welcomed the UK government’s decision to restrict social media access for under-16s but argues that the measure alone will not significantly reduce online child sexual exploitation and abuse.

In a new blog, IWF Chief Executive Kerry Smith describes the proposed ban as a major policy milestone while warning that it must be accompanied by broader reforms if it is to deliver lasting improvements in children’s online safety.

According to the IWF, children continue to face a rapidly evolving range of online threats, including grooming, financial sextortion, commercial child sexual abuse and the growing exploitation of young people across digital platforms.

While limiting access to social media may reduce exposure to some risks, the organisation argues that determined offenders will continue to exploit encrypted messaging services, gaming platforms and other online environments if wider safeguards are not introduced.

The charity therefore calls for a more comprehensive regulatory approach centred on safety by design. Its recommendations include stronger safeguards for end-to-end encrypted services, tougher enforcement of the UK’s Online Safety Act, greater accountability for technology companies, and platform design that prevents harmful products and features from reaching users before risks are identified.

The IWF also highlights the need to regulate emerging technologies such as AI chatbots and strengthen device-level protections for children.

Why does it matter?

The IWF’s position reflects a growing international consensus that age restrictions alone cannot address the complex ecosystem of online child exploitation. As abuse increasingly migrates across encrypted services, gaming platforms and AI-powered technologies, policymakers are being encouraged to adopt broader regulatory frameworks that target platform design as well as user access.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Russian draft law includes 48-hour crypto cooling-off rule

Russian lawmakers are considering a 48-hour cooling-off period for certain cryptocurrency transfers as part of a draft law on digital currencies and digital rights.

The measure would apply to non-qualified investors and is intended to protect users from fraud, according to comments from Vladimir Chistyukhin, First Deputy Governor of the Bank of Russia.

Chistyukhin said the cooling-off period would not apply to cryptocurrency trading itself. He clarified that the mechanism is intended for transfers to other accounts and similar operations, rather than brokerage activity.

The proposal forms part of a broader legislative effort to establish a legal framework for the circulation of cryptocurrencies in Russia. The State Duma adopted the government-backed draft law in its first reading in April.

Russian officials have framed the cooling-off mechanism as a targeted investor-protection tool rather than a broader restriction on market activity.

The proposal reflects a regulatory approach focused on reducing fraud risks while allowing parts of the crypto market to operate under a more formal legal framework.

Why does it matter?

The proposal shows how crypto regulation is moving beyond general warnings and enforcement actions towards safeguards built into transaction flows. A cooling-off period can slow down transfers linked to fraud, giving users and intermediaries more time to detect suspicious activity. The narrow scope is also important: by excluding trading and brokerage activities, Russian regulators aim to reduce consumer harm without directly limiting market liquidity or day-to-day trading.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

US House of Representatives passes Kids Internet and Digital Safety Act

The US House of Representatives has passed the Kids Internet and Digital Safety Act in a bipartisan 267-117 vote, advancing a broad package that combines 14 online child safety proposals into a single piece of legislation.

The legislation includes provisions requiring AI chatbots to remind users they are not human, provide mental health resources, encourage regular breaks and avoid promoting potentially harmful topics. Lawmakers also removed the original Kids Online Safety Act’s proposed ‘duty of care’ provision after concerns it could lead to censorship, a decision criticised by several senators who co-authored the earlier bill.

Critics, including digital rights organisations and several lawmakers, argue the legislation weakens existing protections and does not go far enough in holding technology companies accountable. The Electronic Frontier Foundation warned that compliance could encourage widespread age verification, potentially requiring users to submit personal information and raising concerns about privacy and freedom of expression.

Supporters reject those criticisms, arguing that the bill does not explicitly require age verification but instead strengthens safeguards for minors and expands parental controls. The legislation now moves to the Senate, where it is expected to face further scrutiny.

Why does it matter?

The legislation represents one of the most comprehensive federal efforts to strengthen online child safety in the United States. Its inclusion of AI chatbot requirements reflects growing recognition that conversational AI introduces new risks for younger users that existing online safety frameworks were not designed to address.

At the same time, the bill highlights the continuing challenge of balancing child protection with privacy and freedom of expression. As it moves to the Senate, debate is likely to focus on whether stronger platform accountability can be achieved without expanding age verification requirements or creating incentives for broader online censorship.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Singapore proposes Digital Infrastructure Bill to strengthen cloud security

Singapore has launched a public consultation on a proposed Digital Infrastructure Bill that would establish a comprehensive regulatory framework for major cloud computing services and data centres.

Published jointly by the Ministry of Digital Development and Information and the Infocomm Media Development Authority (IMDA), the draft legislation aims to strengthen the resilience and security of critical digital infrastructure while introducing mandatory environmental sustainability standards for data centre operations.

The Bill recognises digital infrastructure as a foundation of Singapore’s digital economy, supporting services ranging from digital banking and e-commerce to cloud platforms and public administration. Unlike earlier amendments to the Cybersecurity Act, which focused primarily on cyber risks, the proposal extends regulatory oversight to operational resilience, business continuity, disaster recovery and environmental sustainability.

A central feature is a new licensing regime for major foundational digital infrastructure (FDI) providers. Cloud providers generating at least S$100 million annually from Singapore-based customers through Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) offerings would require a major FDI licence.

Cloud and colocation data centres with a critical IT load of at least 10 megawatts serving third parties would also fall within the regime. Licensed providers will be required to implement robust physical security and cybersecurity measures, maintain business continuity and disaster recovery plans, and report cybersecurity incidents and service disruptions to IMDA.

The Bill also establishes a separate licensing regime for data centres with a critical IT load of at least 3 megawatts. In addition to operational capability, applicants would be assessed against energy efficiency, water efficiency and broader sustainability criteria.

Beyond operational capability, applicants will be assessed on energy efficiency, water efficiency and broader sustainability considerations. Licensed operators will initially need to comply with facility-level Power Usage Effectiveness (PUE) requirements, while the legislation enables future regulations covering IT equipment efficiency and water consumption.

Singapore’s Green Data Centre Roadmap and previous voluntary industry standards will therefore evolve into legally enforceable baseline requirements across the sector.

IMDA would receive broad enforcement powers, including the authority to grant, suspend and revoke licences, issue binding codes of practice, conduct investigations and impose financial penalties. The Bill also proposes amendments to Singapore’s Cybersecurity Act to ensure consistency across the country’s digital infrastructure framework. Public consultation remains open until 22 July 2026.

Why does it matter?

The proposed legislation reflects a growing shift in how governments view digital infrastructure. As cloud computing and data centres become increasingly critical to AI, financial services and public administration, policymakers are expanding regulation beyond cybersecurity to include operational resilience, business continuity and environmental sustainability.

Singapore’s approach could also serve as a model for other digital hubs. By combining resilience requirements, licensing, cyber oversight and sustainability obligations within a single regulatory framework, the Bill illustrates how governments are adapting infrastructure governance to support the rapid growth of cloud services and AI-driven computing.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU launches Cybersecurity Skills Coalition EDIC

The European Commission and participating member states have launched the Cybersecurity Skills Coalition European Digital Infrastructure Consortium to strengthen cybersecurity skills across the EU.

The consortium, known as CSC-EDIC, will support the implementation of the EU Cybersecurity Skills Academy, a flagship initiative launched by the Commission in 2023.

Announced during Digital Skills EU Days 2026, the consortium will be based in Athens. Greece, Cyprus, Austria, Croatia and Slovenia are founding members, while Czechia and Poland have joined as observers. Other member states will be able to join later.

The Commission said CSC-EDIC will develop and deliver tailored cybersecurity training programmes, measure cybersecurity skills gaps and serve as the secretariat for the Industry-Academia Network.

Working with ENISA, the consortium will also support cyber resilience in critical sectors, particularly the healthcare sector. Planned activities include an EU-wide attestation scheme for cybersecurity skills, career pathways and micro-credentials.

The initiative has received a €3.1 million grant from the Digital Europe Programme to support its initial governance, staffing and operations.

The Commission said the Cybersecurity Skills Academy has already secured 26 industry pledges, helping train more than 900,000 cybersecurity professionals. Ten partnerships have also been established through the Industry-Academia Network.

Why does it matter?

Europe’s cybersecurity workforce shortage affects the resilience of governments, businesses and critical sectors such as healthcare. CSC-EDIC gives member states a formal structure to pool resources, coordinate training and align skills development with EU cyber priorities. The initiative also shows how the EU is treating cybersecurity capacity as part of digital infrastructure, rather than solely as a labour-market issue.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

UK and Germany deepen AI safety cooperation

The United Kingdom and Germany have agreed to strengthen cooperation on AI safety and security, expanding collaboration on advanced AI evaluation, cybersecurity risks and research into frontier AI systems.

Both governments described AI as one of the most consequential technologies of the era, offering significant economic and societal benefits while creating new security risks that require closer international cooperation.

The cooperation builds on the UKGermany Strategic Science and Technology Partnership, a priority initiative under the UK-Germany Friendship and Bilateral Cooperation Treaty signed last year.

Under the partnership, the UK’s Department for Science, Innovation and Technology and AI Security Institute will work alongside Germany’s Federal Ministry for Digital Transformation and Government Modernisation, the Federal Ministry of the Interior and the German AI Safety and Security Institute.

The partners will deepen institutional cooperation by sharing best practices in AI evaluation, aligning research priorities and exchanging expertise. The collaboration will also examine the cybersecurity implications of advanced AI systems and contribute to the international evidence base on AI safety.

Germany’s Minister Dr Wildberger said the cooperation is open by design and reflects Germany’s position as an EU member state, including the role of the EU AI Office under the EU AI Act. He said the work is intended to be consistent with each country’s engagement with other partners.

UK Secretary Liz Kendall said the UK and Germany are natural partners on AI safety and security because their scientific communities are connected and their security interests are closely aligned.

She said the statement reflects a shared determination to ensure the public benefits from advanced AI while risks are rigorously understood and managed.

The partnership adds to a growing international network of public-sector AI safety institutions. Both governments said their work is intended to complement broader international initiatives while contributing new research and practical experience.

Why does it matter?

The agreement reflects a broader shift in AI governance from national initiatives to international cooperation. As advanced AI systems become more capable, governments are increasingly pooling expertise to improve model evaluation, understand emerging risks and develop common approaches to AI safety and security.

The partnership also reinforces the growing connection between AI governance and cybersecurity. By coordinating research, sharing technical expertise and aligning institutional capabilities, the UK and Germany aim to strengthen preparedness for frontier AI risks while supporting the responsible development and deployment of advanced AI technologies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Mauritius unveils fintech strategy to boost digital finance growth

Mauritius has launched its National Fintech Strategy 2026–2030, a roadmap aimed at strengthening digital finance, innovation and financial inclusion.

The strategy was developed by the Ministry of Financial Services and Economic Planning with technical support from the UN Economic Commission for Africa and input from public and private-sector stakeholders.

The government says the strategy is intended to position Mauritius as Africa’s trusted fintech hub while supporting sustainable growth and the wider digital transformation of financial services.

The roadmap focuses on six areas: regulation and innovation, digital infrastructure and cybersecurity, skills development, market growth, international cooperation and consumer protection.

Implementation will run until 2030 and will be overseen through a dedicated governance framework. Planned targets include shorter licensing approval times, expanded digital onboarding, stronger digital infrastructure and training more than 5,000 people each year in specialised fintech skills.

Officials said the strategy responds to the growing role of digital technologies in finance, including digital payments, digital assets, regulatory technology and cross-border financial services.

UNECA said the initiative could support fintech development in Mauritius and offer lessons for other African countries seeking to build more inclusive and competitive digital finance ecosystems.

Why does it matter?

Mauritius’ strategy reflects a wider African policy trend: governments are trying to move fintech from fragmented innovation into structured national development plans. Stronger digital finance ecosystems can expand access to financial services, support small businesses, improve cross-border commerce and attract investment. The focus on cybersecurity, consumer protection and skills also shows that fintech growth depends not only on new products, but on trust, regulation and institutional capacity.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

CISA launches critical infrastructure security partnership

The US Cybersecurity and Infrastructure Security Agency has launched a new advisory framework to strengthen public-private cooperation on critical infrastructure security and resilience.

The initiative, called the Alliance of National Councils for Homeland Operational Resilience, or ANCHOR-CI, is designed to improve information sharing between government and industry and broaden participation across critical infrastructure sectors.

CISA said the framework builds on lessons from the Critical Infrastructure Partnership Advisory Council while expanding engagement to a wider range of public and private stakeholders.

ANCHOR-CI will provide forums for federal, state, local, tribal and territorial officials to engage with critical infrastructure owners, operators and other organisations with responsibilities for cybersecurity, physical security and resilience.

The framework will allow participants to discuss the threat environment, identify vulnerabilities and develop recommendations for securing more resilient critical infrastructure and cyberspace.

CISA will manage the governance of councils established under ANCHOR-CI, including sector, cross-sector, industry and regional councils.

The launch comes as critical infrastructure operators and public authorities face growing pressure from ransomware, cyberespionage and other threats affecting essential services.

Why does it matter?

Critical infrastructure security depends on cooperation between government agencies and the private-sector operators that own or manage many essential services. ANCHOR-CI is important because it creates a new structure for sharing sensitive information, coordinating resilience planning and giving sector stakeholders a formal way to advise the government. The framework could be especially relevant for cyber threats that cross sectors, such as ransomware, supply-chain compromise and attacks on water, energy, transport or communications systems.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Bank of England warns agentic AI threatens financial stability

Bank of England Deputy Governor Sarah Breeden has warned that rapidly advancing AI capabilities, particularly agentic AI systems capable of autonomously carrying out complex sequences of actions, pose growing risks to financial stability.

Breeden noted that open-source AI models may trail the most advanced proprietary models by only four to eight months. She warned that delays in applying security patches can allow attackers to reverse engineer newly disclosed vulnerabilities, echoing the Five Eyes cybersecurity agencies’ assessment that the relevant timeline for AI-enabled cyber threats is measured in months rather than years.

Turning to financial markets, Breeden warned that AI trading agents responding to similar prompts or market signals could reinforce one another during periods of stress, amplifying volatility. She also cautioned that autonomous systems could drift from their original objectives or from broader public policy goals.

She said the Bank of England is working with the Bank for International Settlements Innovation Hub and Germany’s Bundesbank to simulate how different agent designs could contribute to herd behaviour. The work also explores safeguards comparable to market circuit breakers or kill switches that could halt AI-driven trading if faulty models threatened financial stability.

Breeden also highlighted the implications of agentic AI for payments, where autonomous systems could increasingly initiate transactions on behalf of users. She said this raises questions about consent, authorisation, liability for erroneous payments and interoperability as different organisations develop competing technical standards. The Bank is leading a public-private initiative to design the next generation of UK retail payments infrastructure with these emerging use cases in mind.

Breeden concluded by calling for stronger international cooperation, arguing that AI presents cross-border systemic risks comparable to those exposed during the global financial crisis. She suggested that the shared technology dependencies underpinning advanced AI warrant closer international coordination among financial authorities.

Why does it matter?

The speech reflects a growing shift in financial regulation from focusing on AI adoption to preparing for systemic AI risks. By highlighting autonomous decision-making, cyber threats and market dynamics, the Bank of England is signalling that agentic AI presents challenges that extend beyond individual firms to the stability of the financial system as a whole.

It also illustrates how central banks are beginning to rethink financial infrastructure for an AI-enabled economy. Questions around autonomous payments, liability, market safeguards and international coordination suggest that existing regulatory frameworks may need to evolve as AI agents become more capable of acting independently across financial markets and payment systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Anthropic redeploys Claude Fable 5

Anthropic will restore global access to Claude Fable 5 after the US government lifts export controls on the model.

The company said the controls were applied on 12 June to Claude Fable 5 and Claude Mythos 5, requiring access restrictions for foreign nationals inside and outside the United States. Anthropic suspended access to both models for all users because it said it had no reliable way to verify nationality in real time.

Anthropic said the controls were lifted on 30 June. Fable 5 will become available globally from 1 July on the Claude Platform, Claude.ai, Claude Code and Claude Cowork, with access on AWS, Google Cloud and Microsoft Foundry to be restored as quickly as possible.

Access to Mythos 5 has been restored only for a set of US organisations following government approval. Anthropic said Fable 5 and Mythos 5 share the same underlying model, but Fable 5 has stronger safeguards for general use, while Mythos 5 has fewer safeguards and is limited to trusted partners working on defensive cybersecurity.

The export control directive followed a report by Amazon researchers describing a method for bypassing Fable 5 safeguards. Anthropic said the reported behaviour involved identifying software vulnerabilities and, in one case, producing code showing how a vulnerability could be exploited.

The company said its review found that the technique did not expose unique Mythos-level cyber capabilities. It has trained an improved safety classifier to block the behaviour described in the report, and said blocked requests will be redirected to Claude Opus 4.8.

Anthropic also called for a shared industry framework to assess the severity of AI jailbreaks. It said it is working with Amazon, Microsoft, Google and other Glasswing partners on criteria including capability gain, breadth of capability gain, ease of weaponisation and discoverability.

The company said it is expanding cooperation with the US government on frontier AI security, including pre-release evaluation, faster information sharing and joint research on safeguards.

Why does it matter?

The case shows how frontier AI releases are becoming part of national security and export-control policy, especially when models have advanced cybersecurity capabilities. Anthropic’s response also highlights a broader governance gap: governments and companies still lack a shared standard for judging when a jailbreak is minor, serious or urgent enough to justify intervention. The outcome could influence how advanced AI models are tested, released and restricted across borders.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!