Cybersecurity

India AI governance faces court, privacy and cyber pressures

An opinion article published by the International Association of Privacy Professionals says India’s data protection and AI governance environment is facing growing pressure as compliance work around the Digital Personal Data Protection Act (DPDPA) unfolds, court challenges continue, and regulators widen oversight into new sectors. The piece, published on 26 March, is labelled as an opinion article and includes an editor’s note stating that the IAPP is policy neutral and publishes contributed opinion pieces to reflect a broad spectrum of views.

The article says several legal and regulatory developments are unfolding simultaneously. One example cited is a public interest litigation filed before India’s Supreme Court by journalist Geeta Seshu and the Software Freedom Law Centre, India, challenging parts of the DPDPA on constitutional and rights-related grounds. According to the piece, the Supreme Court later issued a notice to the Government of India on 12 March.

Concerns outlined in the article include the absence of journalistic exemptions, the lack of compensation for data breach victims when penalties are imposed to the government, broad state powers to exempt departments from the law, and questions about the independence of the Data Protection Board given the government’s control over appointments. The article notes that similar petitions had already been filed, but says this was the first time the court issued notice to the government.

The article also turns to proceedings before the Kerala High Court involving privacy concerns about biometric and personal data collected through Digi Yatra, a not-for-profit foundation that operates airport passenger-processing infrastructure in India. According to the piece, a public interest litigation filed by C R Neelakandan asked for a temporary restraint on the sharing of collected personal data and its commercial use without proper authorisation.

The article says the Kerala High Court issued notice to the Digi Yatra Foundation and sought clarification from the government on whether the Data Protection Board had been established to oversee such matters.

Alongside the litigation, the opinion piece points to government efforts to show legal preparedness for AI-related risks. It says Electronics and Information Technology Minister Ashwini Vaishnaw outlined existing safeguards during the ongoing parliamentary session, referring to the Information Technology Act, the DPDPA, and subordinate rules, along with published guidelines on AI governance, toy safety, harmful content, awareness-building measures, and cyber safety.

Cybersecurity developments also feature in the article. It says the Indian Computer Emergency Response Team, working with the SatCom Industry Association, issued guidelines on 26 February for space, including satellite communications. According to the piece, the framework is intended to strengthen resilience in India’s space ecosystem.

It applies to covered entities, including government agencies, satellite service providers, ground station operators, terminal equipment vendors, and private space entities. Incident reporting within six hours and annual audits are among the measures described.

A further section of the article draws on Thales’ 2026 Data Threat Report. The piece says 64% of surveyed organisations in India identified AI-driven transformation as their biggest security risk, while 55% said they had to deal with reputational damage caused by AI-generated misinformation. It also says 65% reported deepfake-driven attacks, 35% had a complete view of their data, and 36% could fully classify their data.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

VTC expands AI training across all programmes in Hong Kong

The Vocational Training Council (VTC) has introduced an ‘AI for All’ strategy to integrate AI training across its programmes, aiming to support Hong Kong’s ambition to strengthen its innovation and technology sector.

The initiative aligns with broader policy priorities, including the ‘AI Plus’ approach outlined in national planning frameworks and Hong Kong’s budget, which emphasise integrating AI across industries while addressing a shortage of skilled professionals.

Under the ‘AI+Professional’ model, all Higher Diploma students are required to study IT modules covering prompt engineering, generative AI, and AI ethics and security, with training adapted to disciplines such as engineering, design, and information technology.

The council has also partnered with technology companies through memorandums of understanding. It provides ongoing training for employees in government and industry, while offering internal AI tools and a ‘Virtual Tutor’ platform to support teaching and learning.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot 

EU demands stronger age verification from adult websites

The European Commission has preliminarily found that several major adult platforms, including Pornhub, Stripchat, XNXX, and XVideos, may be in breach of the Digital Services Act for failing to adequately protect minors from accessing harmful content.

These findings highlight concerns that children can easily access such platforms rather than being effectively prevented by robust safeguards.

The Commission’s investigation indicates that the platforms’ risk assessments were insufficient. In several cases, companies focused on reputational or business risks instead of fully addressing societal harms to minors.

Authorities also raised concerns that some platforms did not adequately consider input from civil society organisations specialising in children’s rights and age-assurance technologies, undermining the reliability of their evaluations.

Regarding risk mitigation, the Commission found that existing measures are ineffective. Simple self-declaration systems, in which users confirm they are over 18, were deemed inadequate, while additional features such as warnings, labels, or blurred content failed to prevent minors from accessing content.

The Commission considers that stronger, privacy-preserving age-verification solutions are necessary to ensure meaningful protection of children’s rights and well-being online.

The companies involved now have the opportunity to respond and propose corrective measures, while consultations with the European Board for Digital Services continue.

If the preliminary findings are confirmed, the Commission may impose fines of up to 6 percent of global annual turnover, alongside periodic penalties to enforce compliance.

The case forms part of broader efforts to enforce the Digital Services Act and strengthen online safety across the EU, rather than relying on voluntary measures by platforms.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Europol warns legal gaps could weaken child abuse detection online

Efforts to combat online child sexual exploitation could be severely weakened, Europol has warned, if legal frameworks supporting detection and reporting are disrupted.

Executive Director Catherine De Bolle highlighted growing concerns over the increasing volume of harmful content online and stressed that protecting children remains a top priority for European law enforcement.

Authorities rely heavily on reports submitted by online service providers, which play a central role in identifying victims and supporting investigations, rather than relying solely on traditional policing methods.

Europol processed around 1.1 million CyberTips in a single year, many originating from the National Centre for Missing & Exploited Children and shared across 24 European countries.

These CyberTips include critical evidence such as images, videos, and other digital data used to track criminal activity.

Europol cautioned that removing the legal basis allowing voluntary detection by platforms could significantly reduce the number of reports submitted to authorities. A decline in CyberTips would limit investigative leads, making it harder to identify victims and disrupt online criminal networks.

Such a development could undermine broader security efforts and weaken the protection of minors across the EU instead of strengthening safeguards.

The agency emphasised that maintaining online service providers’ ability to detect and report suspected abuse is essential to effective law enforcement.

Ensuring continued cooperation between platforms and authorities remains a key factor in safeguarding children and addressing the growing threat of online exploitation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU opens probe into Snapchat child safety compliance

The European Commission has launched formal proceedings to assess whether Snapchat is complying with child protection obligations under the Digital Services Act. The investigation focuses on whether the platform ensures adequate safety, privacy, and security for minors.

Authorities suspect Snapchat may have failed to prevent exposure of children to grooming attempts, recruitment for criminal activity, and content linked to illegal goods such as drugs, vapes, and alcohol.

Concerns also include whether minors can be effectively prevented from accessing the platform or interacting with adults posing as peers.

The inquiry will examine age assurance methods, default account settings, reporting tools, and the spread of illegal content. Regulators argue that self-declared age may be insufficient, while default settings and recommendations may expose minors to risks.

The Commission will now gather further evidence through information requests, inspections, and interviews, and may take enforcement actions, including interim measures or penalties.

National regulators will support the investigation as part of coordinated oversight under the Digital Services Act.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Mistral AI launches open-source voice model for enterprises

Mistral AI has introduced a new open-source text-to-speech model designed to power voice assistants and enterprise applications, rather than relying on proprietary solutions.

The model, named Voxtral TTS, marks the company’s entry into the competitive voice AI market alongside players such as OpenAI and ElevenLabs.

Voxtral TTS supports nine languages, including English, French, German, Spanish, and Arabic, allowing organisations to deploy multilingual voice systems across different markets.

The Mistral AI model is designed to operate efficiently on devices such as smartphones, laptops, and even wearables, reducing infrastructure costs rather than relying on large-scale cloud systems.

It can replicate custom voices using only a few seconds of audio, capturing accents and speech patterns while maintaining consistency across languages.

The system is optimised for real-time performance, delivering rapid response times and enabling applications such as live translation, dubbing, and customer engagement tools.

Built on a compact architecture, it balances efficiency with high-quality output, aiming to produce natural-sounding speech instead of robotic voice synthesis. Earlier releases of transcription models suggest a broader strategy to develop a full suite of voice technologies.

Looking ahead, Mistral AI plans to expand towards end-to-end multimodal systems capable of handling audio, text, and image inputs within a single platform.

The company’s focus on open-source development and customisation is intended to attract enterprises seeking flexible solutions, positioning its technology as an alternative to closed ecosystems in the growing voice AI market.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

HP reveals advanced AI devices and workflow tools at Imagine 2026

HP has announced a broad set of AI-focused products and workplace tools at HP Imagine 2026, presenting the update as part of a wider effort to simplify work across PCs, collaboration devices, security systems, and workflow platforms.

In a press release published on 24 March, HP said the new portfolio includes AI PCs, collaboration tools, workstations, printers, and software intended for hybrid work and on-device AI use.

HP says the update includes a new intelligence layer called HP IQ, which it describes as a system designed to orchestrate work across AI PCs, workplace devices, and meeting spaces through local AI and proximity-based connectivity.

The company also announced new EliteBook devices, workstation updates, and workflow automation changes through its Workforce Experience Platform and Build Workspace capabilities.

Several sections of the release focus on on-device AI. According to the company, HP IQ will debut on the next generation of EliteBook X G2 AI PCs and will support features such as prompt-based assistance, document analysis, note organisation, and meeting support.

The release also says NearSense is intended to help devices discover, connect, and collaborate, including through file sharing and one-click joining of conference room meetings.

Security is another central theme in the release. HP says it has introduced what it describes as the world’s first hardware solution to stop physical TPM bypass attacks, using a cryptographically bound link between the TPM and CPU.

The company also said it is expanding capabilities in HP Wolf Security and introducing HP Wolf Pro Security Next Gen Antivirus, as well as physical intrusion detection designed to protect memory if a device chassis is opened.

The announcement also includes new printers and document tools. HP says the LaserJet Pro 4000 and 4100 series, and the LaserJet Enterprise 5000 and 6000 series, are intended to support AI-powered document processing and quantum-resistant security. The release also highlights scanning shortcuts, editable OCR, reduced management time, and a design intended to improve serviceability.

For higher-performance users, the company says it is launching a new generation of Z workstations and mobile workstations. The release refers to systems such as the Z8 Fury, Max Side Panel for Z8 Fury and Z4 workstations, and updated mobile workstation models. Advanced AI development, visual effects, and simulation workloads are among the uses cited in the announcement.

Beyond enterprise work, the release also extends the same AI and device strategy into gaming. New HyperX and OMEN products are part of the announcement, including desktops, a gaming and modular ecosystem, and expanded AI game support through OMEN Gaming Hub and OMEN AI.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK tightens sanctions on crypto-linked scam networks

The UK has stepped up its crackdown by sanctioning a crypto marketplace tied to major scam centres in Southeast Asia. Measures aim to disrupt the sale of stolen personal data and limit the financial infrastructure enabling online fraud targeting British victims.

Authorities also targeted operators behind ‘#8 Park’, Cambodia’s largest scam compound, believed to house up to 20,000 trafficked workers. Many individuals forced to run scams were lured with false job offers before being coerced into fraudulent activity under severe threats.

Sanctions extend to key entities and individuals connected to the wider network, including those facilitating crypto laundering and cross-border financial flows. Earlier UK action froze over £1 billion in assets and helped shut down platforms used for laundering illicit funds.

Officials said the measures will isolate these operations from the crypto ecosystem and freeze UK-based assets. The measures come ahead of an international summit in June aimed at strengthening global coordination against illicit finance and digital fraud.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

OpenAI details Sora 2 safeguards for likeness, audio, and harmful content

OpenAI has published a new overview of the safety measures built into Sora 2 and the Sora app, setting out how the company says it is approaching provenance, likeness protection, teen safeguards, harmful-content filtering, audio controls, and user reporting tools. The Sora team published the note on 23 March 2026.

OpenAI says every video generated with Sora includes visible and invisible provenance signals, and that all videos also embed C2PA metadata. The company adds that many outputs feature visible moving watermarks that include the creator’s name, while internal reverse-image and audio search tools are used to trace videos back to Sora.

A substantial part of the update focuses on likeness and consent. OpenAI says users can upload images of people to generate videos, but only after attesting that they have consent from the people featured and the right to upload the media. OpenAI also says image-to-video generations involving people are subject to stricter safeguards than Sora Characters, and that images including children and young-looking persons face stricter moderation. Shared videos generated from such images will always carry watermarks, according to the company.

OpenAI also sets out controls linked to its characters feature, which it says is intended to give users stronger control over their likeness, including both appearance and voice. According to the company, users can decide who can use their characters, revoke access at any time, and review, delete, or report videos featuring their characters. OpenAI says it also applies additional restrictions designed to limit major changes to a person’s appearance, avoid embarrassing uses, and maintain broadly consistent identity presentation.

Protections for younger users form another part of the update. OpenAI says teen accounts are subject to stronger limitations on mature output, that age-inappropriate or harmful content is filtered from teen feeds, and that adult users cannot initiate direct messages with teens. Parental controls in ChatGPT can also be used to manage teen messaging permissions and to select a non-personalised feed in the app, while default limits apply to continuous scrolling for teens.

OpenAI says harmful-content controls operate at both creation and distribution stages. Prompt and output checks are used across multiple video frames and audio transcripts to block content including sexual material, terrorist propaganda, and self-harm promotion. OpenAI also says it has tightened policies for video generation compared with image generation because of added realism, motion, and audio, while automated systems and human review are used to monitor feed content against its global usage policies.

Audio generation is treated separately in the note. OpenAI says generated speech transcripts are automatically scanned for possible policy violations, and that prompts intended to imitate living artists or existing works are blocked. The company also says it honours takedown requests from creators who believe an output infringes their work.

User controls and recourse are presented as the final layer. OpenAI says users can choose whether to share videos to the feed, remove published content, and report videos, profiles, direct messages, comments, and characters for abuse. Blocking tools are also available, according to the company, to stop other users from viewing a profile or posts, using a character, or contacting someone through direct message.

OpenAI’s post is framed as a product-safety explanation rather than an independent assessment of the effectiveness of the measures in practice. Much of the note describes controls that the company says it has built into Sora 2, but it does not provide external evaluation data in the published summary.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.